therecord.media Open in urlscan Pro
151.101.194.216 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://therecord.media/debt-buyer-cyberattack-data-breach
Submission Tags: falconsandbox
Submission: On March 30 via api (March 30th 2023, 1:09:30 am UTC) from US — Scanned from DE

Summary HTTP 82 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 14 domains to perform 82 HTTP transactions. The main IP is 151.101.194.216, located in United States and belongs to FASTLY, US. The main domain is therecord.media. The Cisco Umbrella rank of the primary domain is 419814.
TLS certificate: Issued by R3 on March 14th 2023. Valid for: 3 months.

This is the only time therecord.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	151.101.194.216 151.101.194.216	54113 (FASTLY) (FASTLY)
6	34.73.189.215 34.73.189.215	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:600:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	3.126.133.169 3.126.133.169	16509 (AMAZON-02) (AMAZON-02)
17	95.101.111.170 95.101.111.170	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a02:26f0:480... 2a02:26f0:480:c::210:f19f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.18.6.66 104.18.6.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.193.17.71 18.193.17.71	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:efcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2c40::c7... 2606:2c40::c73c:67fe	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
82	20

33 151.101.194.216 (United States)

ASN54113 (FASTLY, US)

therecord.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.73.189.215 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 215.189.73.34.bc.googleusercontent.com

cms.therecord.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:600:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.133.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com

recordedfuture.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 95.101.111.170 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-170.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:c::210:f19f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.6.66 (None, )

ASN13335 (CLOUDFLARENET, US)

www.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.17.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-17-71.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e8cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2c40::c73c:67fe (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	therecord.media therecord.media — Cisco Umbrella Rank: 419814 cms.therecord.media	2 MB
19	6sc.co j.6sc.co — Cisco Umbrella Rank: 7318 c.6sc.co — Cisco Umbrella Rank: 10831 ipv6.6sc.co — Cisco Umbrella Rank: 7836 b.6sc.co — Cisco Umbrella Rank: 5453	19 KB
5	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 5041 track.hubspot.com — Cisco Umbrella Rank: 2507 forms.hubspot.com — Cisco Umbrella Rank: 4720	4 KB
4	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 21088 recordedfuture.matomo.cloud	67 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 12431	853 B
2	recordedfuture.com www.recordedfuture.com — Cisco Umbrella Rank: 604241 go.recordedfuture.com — Cisco Umbrella Rank: 814233	150 KB
2	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 429	2 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2390	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2380	21 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5106	21 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4588	87 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2501	937 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	54 KB
82	14

	Domain	Requested by
33	therecord.media	therecord.media
13	b.6sc.co	therecord.media
6	cms.therecord.media	therecord.media
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	track.hubspot.com
2	api.hubspot.com	js.usemessages.com
2	epsilon.6sense.com	j.6sc.co
2	ipv6.6sc.co	j.6sc.co
2	c.6sc.co	j.6sc.co
2	secure.adnxs.com	j.6sc.co
2	j.6sc.co	www.googletagmanager.com therecord.media
2	recordedfuture.matomo.cloud	cdn.matomo.cloud
2	cdn.matomo.cloud	therecord.media
1	go.recordedfuture.com
1	forms.hubspot.com	js.hsleadflows.net
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-scripts.com	www.googletagmanager.com
1	www.recordedfuture.com	therecord.media
1	www.googletagmanager.com	therecord.media
82	22

This site contains links to these domains. Also see Links.

Domain
www.recordedfuture.com
twitter.com
www.linkedin.com
www.facebook.com
www.reddit.com
news.ycombinator.com
apps.web.maine.gov
www.prnewswire.com
dta0yqvfnusiq.cloudfront.net
www.instagram.com

Subject Issuer	Validity	Valid
therecord.media R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
cms.therecord.media R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M01	`2023-02-24` - `2023-12-25`	10 months	crt.sh
*.matomo.cloud Amazon RSA 2048 M01	`2023-02-10` - `2023-08-19`	6 months	crt.sh
6sc.co R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.recordedfuture.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-03` - `2024-03-05`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-02-13` - `2023-06-29`	5 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
go.recordedfuture.com GTS CA 1P5	`2023-02-28` - `2023-05-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://therecord.media/debt-buyer-cyberattack-data-breach
Frame ID: 66CC7E797AF45CA9E0BB7D359CAF8FAA
Requests: 81 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cyberattack on debt-buying giant exposes sensitive info on nearly 500,000 people

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

82
Requests

100 %
HTTPS

63 %
IPv6

14
Domains

22
Subdomains

20
IPs

3
Countries

2738 kB
Transfer

5807 kB
Size

17
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.recordedfuture.com/privacy-policy/?__hstc=156209188.6441a8e75ddb8992dee278422476e16f.1680138565983.1680138565983.1680138565983.1&__hssc=156209188.1.1680138565983&__hsfp=3897811554
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Cyberattack%20on%20debt-buying%20giant%20exposes%20sensitive%20info%20on%20nearly%20500,000%20people%20https://therecord.media/debt-buyer-cyberattack-data-breach%20@TheRecord_Media

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://therecord.media/debt-buyer-cyberattack-data-breach&title=Cyberattack%20on%20debt-buying%20giant%20exposes%20sensitive%20info%20on%20nearly%20500,000%20people

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://therecord.media/debt-buyer-cyberattack-data-breach&src=sdkpreparse

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://therecord.media/debt-buyer-cyberattack-data-breach

Search URL Search Domain Scan URL

URL: https://news.ycombinator.com/submitlink?u=https://therecord.media/debt-buyer-cyberattack-data-breach&t=Cyberattack%20on%20debt-buying%20giant%20exposes%20sensitive%20info%20on%20nearly%20500,000%20people

Search URL Search Domain Scan URL

URL: https://apps.web.maine.gov/online/aeviewer/ME/40/65d544dc-79b0-437c-a7f8-757ffec624af.shtml
Title: filed

Search URL Search Domain Scan URL

URL: https://www.prnewswire.com/news-releases/ncb-management-services-inc-data-breach-alert-issued-by-wolf-haldenstein-adler-freeman--herz-llp-301782595.html
Title: investigating

Search URL Search Domain Scan URL

URL: https://dta0yqvfnusiq.cloudfront.net/pfcco40463296/2022/07/Website-Covered-Entities-Client-List-62c46c76593dd.pdf
Title: 657 healthcare organizations

Search URL Search Domain Scan URL

URL: https://twitter.com/jgreigj

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/russian-sanctions-evasion-puts-merchants-banks-risk?__hstc=156209188.6441a8e75ddb8992dee278422476e16f.1680138565983.1680138565983.1680138565983.1&__hssc=156209188.1.1680138565983&__hsfp=3897811554
Title: Russian Sanctions Evasion Puts Merchants and Banks at RiskRussian Sanctions Evasion Puts Merchants and Banks at Risk

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/irs-cyberattack-highlights-risk-of-tax-refund-fraud?__hstc=156209188.6441a8e75ddb8992dee278422476e16f.1680138565983.1680138565983.1680138565983.1&__hssc=156209188.1.1680138565983&__hsfp=3897811554
Title: IRS Cyberattack Highlights Risk of Tax Refund FraudIRS Cyberattack Highlights Risk of Tax Refund Fraud

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/on-ukraine-china-prioritizes-international-ambitions?__hstc=156209188.6441a8e75ddb8992dee278422476e16f.1680138565983.1680138565983.1680138565983.1&__hssc=156209188.1.1680138565983&__hsfp=3897811554
Title: On Ukraine, China Prioritizes Its International AmbitionsOn Ukraine, China Prioritizes Its International Ambitions

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/2022-annual-report?__hstc=156209188.6441a8e75ddb8992dee278422476e16f.1680138565983.1680138565983.1680138565983.1&__hssc=156209188.1.1680138565983&__hsfp=3897811554
Title: 2022 Annual Report2022 Annual Report

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/russias-war-against-ukraine-disrupts-cybercriminal-ecosystem?__hstc=156209188.6441a8e75ddb8992dee278422476e16f.1680138565983.1680138565983.1680138565983.1&__hssc=156209188.1.1680138565983&__hsfp=3897811554
Title: Russia’s War Against Ukraine Disrupts the Cybercriminal EcosystemRussia’s War Against Ukraine Disrupts the Cybercriminal Ecosystem

Search URL Search Domain Scan URL

URL: https://twitter.com/TheRecord_Media

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-record-by-recorded-future

Search URL Search Domain Scan URL

URL: https://www.instagram.com/therecord_media/

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/privacy-policy?__hstc=156209188.6441a8e75ddb8992dee278422476e16f.1680138565983.1680138565983.1680138565983.1&__hssc=156209188.1.1680138565983&__hsfp=3897811554
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

82 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request debt-buyer-cyberattack-data-breach Show response
therecord.media/ 37 KB
8 KB 94ms
28ms Document
text/html 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Next.js

Resource Hash

47ffa893783fc65afe67f1e006952bd8f3dc635c601912c3c718fb7720ce03f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4
cache-control: s-maxage=60, stale-while-revalidate
content-encoding: gzip
content-length: 7790
content-type: text/html; charset=utf-8
date: Thu, 30 Mar 2023 01:09:23 GMT
etag: "9301-q1XgF8M4tgEJT3bL7jFXEWZcCGg"
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
strict-transport-security: max-age=31557600
traceresponse: 00-17510856af25e1f791336977754a9396-fefaed18ccf639fc-00
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 5, 1
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-powered-by: Next.js
x-served-by: cache-iad-kjyo7100037-IAD, cache-hhn-etou8220079-HHN

GET
H2 200 debt_money_wallet_09a534460e.png
cms.therecord.media/uploads/ 196 KB
196 KB 439ms
125ms Image
image/png 34.73.189.215
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/debt_money_wallet_09a534460e.png?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

215.189.73.34.bc.googleusercontent.com

Software

Resource Hash

289b2d1ce4d54cc5beaf33954834c36f17a47d3f6fccd171b1d02f3ee92e5bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
strict-transport-security: max-age=0
last-modified: Tue, 28 Mar 2023 23:06:56 GMT
traceresponse: 00-17510d1f49be607a565608956c6210e7-59f03bd67ad26c3d-00
etag: "64237310-30ef4"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/png
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
content-length: 200436
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Thu, 30 Mar 2023 01:14:24 GMT

GET
H2 200 T03_JN_5_SNQ_U037_HMEJK_61_e471a4980693_512_e7fa91f931.jpg
cms.therecord.media/uploads/ 52 KB
53 KB 681ms
368ms Image
image/jpeg 34.73.189.215
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/T03_JN_5_SNQ_U037_HMEJK_61_e471a4980693_512_e7fa91f931.jpg?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

215.189.73.34.bc.googleusercontent.com

Software

Resource Hash

e462bff299dcf3d0e319045b9b4d79cd70615adb8be2af3be5ba9f6c1700d7ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
strict-transport-security: max-age=0
last-modified: Mon, 06 Mar 2023 21:07:55 GMT
traceresponse: 00-17510d1f49c1db66bbd1d2b56c7b0e34-ed3cc25ef6ffd1ab-00
etag: "6406562b-d16c"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/jpeg
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
content-length: 53612
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Thu, 30 Mar 2023 01:14:24 GMT

GET
H2 200 The_Record_Centered_9b27d79125.svg
cms.therecord.media/uploads/ 7 KB
2 KB 655ms
367ms Image
image/svg+xml 34.73.189.215
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/The_Record_Centered_9b27d79125.svg?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

215.189.73.34.bc.googleusercontent.com

Software

Resource Hash

54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
content-encoding: br
strict-transport-security: max-age=0
last-modified: Thu, 12 Jan 2023 17:06:51 GMT
traceresponse: 00-17510d1f49c03980ec4444b86cd50bc9-407e53f5b1995cb3-00
etag: W/"63c03e2b-1c5f"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/svg+xml
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
content-length: 2417
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Thu, 30 Mar 2023 01:14:24 GMT

GET
H2 200 1c961ab38b917749.css
therecord.media/_next/static/css/ 53 KB
10 KB 33ms
32ms Stylesheet
text/css 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/css/1c961ab38b917749.css

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

51fd18749afc27e1809dddc215120cc9d95ef9420f7c7ca446c632ee892c26c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 1309661
traceresponse: 00-174c65fe015a3b7b620d9c996943dd8a-5b639721095c28a5-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 9573
x-served-by: cache-iad-kjyo7100153-IAD, cache-hhn-etou8220079-HHN
last-modified: Tue, 14 Mar 2023 15:46:11 GMT
etag: W/"d26e-186e0ccec5e"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 23, 1

GET
H2 200 webpack-5752944655d749a0.js Show response
therecord.media/_next/static/chunks/ 2 KB
1 KB 33ms
30ms Script
application/javascript 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/webpack-5752944655d749a0.js

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 705878
traceresponse: 00-174e8b2158523ef3ae9b7a6acb734bea-4741cb2b193b7f89-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 840
x-served-by: cache-iad-kjyo7100179-IAD, cache-hhn-etou8220079-HHN
last-modified: Mon, 20 Mar 2023 17:26:47 GMT
etag: W/"673-187000f2ed4"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 22, 1

GET
H2 200 framework-5f4595e5518b5600.js Show response
therecord.media/_next/static/chunks/ 127 KB
41 KB 99ms
95ms Script
application/javascript 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/framework-5f4595e5518b5600.js

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 705877
traceresponse: 00-174e8b215951aba352050ea784ddab76-7c608cd159919ea2-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 42154
x-served-by: cache-iad-kcgs7200081-IAD, cache-hhn-etou8220079-HHN
last-modified: Mon, 20 Mar 2023 17:26:47 GMT
etag: W/"1fbbb-187000f2ed1"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 4777, 1

GET
H2 200 main-a054bbf31fb90f6a.js Show response
therecord.media/_next/static/chunks/ 98 KB
27 KB 89ms
86ms Script
application/javascript 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e1885518498078290fc8152f0618b843ebfa8df10726b4571b11ec0355be9ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 705877
traceresponse: 00-174e8b216675216e2cd602c95af1e6e6-853fb4efe8c0725b-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 27725
x-served-by: cache-iad-kjyo7100095-IAD, cache-hhn-etou8220079-HHN
last-modified: Mon, 20 Mar 2023 17:26:47 GMT
etag: W/"186c8-187000f2ed1"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 21, 1

GET
H2 200 _app-2024e4aaf5b4a59e.js Show response
therecord.media/_next/static/chunks/pages/ 114 KB
37 KB 38ms
34ms Script
application/javascript 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/pages/_app-2024e4aaf5b4a59e.js

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

04b586d07a484c8434549bce3719c6b222f543da3992280d7d0e5aba73e58cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 705877
traceresponse: 00-174e8b2181d997ef585cb460e0afb661-92645605394d9cd5-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 37212
x-served-by: cache-iad-kjyo7100055-IAD, cache-hhn-etou8220079-HHN
last-modified: Mon, 20 Mar 2023 17:26:47 GMT
etag: W/"1c769-187000f2ed2"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 122, 108

GET
H2 200 735-7645aca2d71731dd.js Show response
therecord.media/_next/static/chunks/ 937 KB
250 KB 127ms
124ms Script
application/javascript 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

75ef329dcdc3a24cb69b9057b00d785e7ce58c751f55aed75205871c3c62809a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 705876
traceresponse: 00-174e8b21a8b59f151cc55ed295d5a8de-5f439ff07624a42c-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 255570
x-served-by: cache-iad-kcgs7200088-IAD, cache-hhn-etou8220079-HHN
last-modified: Mon, 20 Mar 2023 17:26:47 GMT
etag: W/"ea276-187000f2ed1"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 20, 1

GET
H2 200 %5B%5B...slug%5D%5D-11ef58e47bf43e91.js Show response
therecord.media/_next/static/chunks/pages/ 56 KB
12 KB 77ms
74ms Script
application/javascript 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/pages/%5B%5B...slug%5D%5D-11ef58e47bf43e91.js

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de1c29315bca5ba3eef86156ed15e1baa6776b072163fb3e710cc8ce3ae120e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 645748
traceresponse: 00-174ec1ca1ce3a1da437cf352924e5c96-0f06cfd73687cce7-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 12236
x-served-by: cache-iad-kiad7000145-IAD, cache-hhn-etou8220079-HHN
last-modified: Wed, 22 Mar 2023 13:46:13 GMT
etag: W/"de9a-1870991f55d"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjo3fQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 32, 1

GET
H2 200 _buildManifest.js Show response
therecord.media/_next/static/fWIlfQ2UdbpWaTWeCBvZe/ 1 KB
625 B 69ms
66ms Script
application/javascript 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/fWIlfQ2UdbpWaTWeCBvZe/_buildManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98e48dda03df469f34c19aceed95b86dfd61da021d23e54cea30669be9639a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 645749
traceresponse: 00-174ec1ca256f34bcb2fd4e89f4ee6ba2-3f609d67acd7f9c8-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 425
x-served-by: cache-iad-kjyo7100120-IAD, cache-hhn-etou8220079-HHN
last-modified: Wed, 22 Mar 2023 13:46:13 GMT
etag: W/"43f-1870991f560"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjo3fQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 34, 1

GET
H2 200 _ssgManifest.js Show response
therecord.media/_next/static/fWIlfQ2UdbpWaTWeCBvZe/ 99 B
359 B 37ms
35ms Script
application/javascript 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/fWIlfQ2UdbpWaTWeCBvZe/_ssgManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:23 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 645779
traceresponse: 00-174ec1ca25ce499f198356e78f8e8a78-0d23fc6ac28defe3-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 99
x-served-by: cache-iad-kiad7000132-IAD, cache-hhn-etou8220079-HHN
last-modified: Wed, 22 Mar 2023 13:46:13 GMT
etag: W/"63-1870991f560"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 27, 1

GET
H2 200 _middlewareManifest.js Show response
therecord.media/_next/static/fWIlfQ2UdbpWaTWeCBvZe/ 92 B
257 B 72ms
69ms Script
application/javascript 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/fWIlfQ2UdbpWaTWeCBvZe/_middlewareManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:23 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 645779
traceresponse: 00-174ec1ca2b7aad4b5a9422124658a234-70eac218035b0569-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 92
x-served-by: cache-iad-kiad7000080-IAD, cache-hhn-etou8220079-HHN
last-modified: Wed, 22 Mar 2023 13:46:13 GMT
etag: W/"5c-1870991f560"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 27, 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 142 KB
54 KB 135ms
48ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50a74345b15cab0523e0c100c6d20786044a00f84957c7a639410b99cfd56e1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54894
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 00:12:16 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Mar 2023 01:09:23 GMT

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 199 KB
58 KB 123ms
36ms Script
application/javascript 2600:9000:2156:600:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Requested by: Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:600:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fb145f1185850a1f9937c5d5afb3260adbcef791d0a94e1c09b54aa00808982

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 00:01:09 GMT
x-amz-version-id: T3VVylcW4ZUVSABprJtJmBafSdXY4jAi
content-encoding: gzip
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 4095
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 07 Feb 2023 02:15:06 GMT
server: AmazonS3
etag: W/"3e98a39e2d8f2b464999b40df3c2172d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: mbJQJj-YvdKCr2p0-gR6uocTZCYVYzggadr6D3w-1utLlUQY3AMB_w==

GET
H2 200 container_41sBJe2I.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 27 KB
9 KB 117ms
31ms Script
application/javascript 2600:9000:2156:600:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/container_41sBJe2I.js
Requested by: Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:600:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58b7835fb7b6028146a46edd3ef238b71759d0a5d597ce39f90b7de730899e92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 00:01:09 GMT
x-amz-version-id: qfWuDlDjmwmn8lRN4xF2ccxR21WuJHO0
content-encoding: gzip
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 4095
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 19 Oct 2022 22:01:49 GMT
server: AmazonS3
etag: W/"839ec9cd752c4e512960109f6ac6b404"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: CmiT61YsNC38ly7peliwGhnj2VgcPNt4rBuOcOSGi9F_x9FrNBqOIQ==

GET
H2 200 Inter-Medium.ttf
therecord.media/fonts/ 307 KB
152 KB 252ms
250ms Font
font/ttf 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Medium.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1c961ab38b917749.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a0b1f949528f7a3a2d2ff3b6df67c6c1b5cb8f62a2eba6eb5e06adff2d5795f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://therecord.media/_next/static/css/1c961ab38b917749.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-17510d1f3a739851685c216e5b7aced0-b0b46387e7ed30e0-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 155503
x-served-by: cache-iad-kiad7000051-IAD, cache-hhn-etou8220079-HHN
last-modified: Wed, 22 Mar 2023 13:37:44 GMT
etag: W/"4cd58-187098a3040"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 icomoon.ttf
therecord.media/icons/fonts/ 5 KB
3 KB 249ms
246ms Font
font/ttf 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/icons/fonts/icomoon.ttf?l2zjlc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1c961ab38b917749.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e2ea411b32eb0f8f7ecee62a4a599e510c68d51c04b0246e436a50ea016b70e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://therecord.media/_next/static/css/1c961ab38b917749.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-17510d1f3ac9a09de5d9e6563c767f4b-a9611ef25c63812c-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 2982
x-served-by: cache-iad-kjyo7100149-IAD, cache-hhn-etou8220079-HHN
last-modified: Wed, 22 Mar 2023 13:37:44 GMT
etag: W/"1304-187098a3040"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-Bold.ttf
therecord.media/fonts/ 309 KB
154 KB 253ms
249ms Font
font/ttf 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Bold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1c961ab38b917749.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://therecord.media/_next/static/css/1c961ab38b917749.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-17510d1f3abe9e31050f5a4934cfff51-43a356f8e3661666-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 157388
x-served-by: cache-iad-kjyo7100134-IAD, cache-hhn-etou8220079-HHN
last-modified: Wed, 22 Mar 2023 13:37:44 GMT
etag: W/"4d2c4-187098a3040"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-SemiBold.ttf
therecord.media/fonts/ 308 KB
153 KB 253ms
250ms Font
font/ttf 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-SemiBold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1c961ab38b917749.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://therecord.media/_next/static/css/1c961ab38b917749.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-17510d1f3ae6f998e70d8edd194a73d4-17ec05171fcf7793-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 156755
x-served-by: cache-iad-kiad7000102-IAD, cache-hhn-etou8220079-HHN
last-modified: Wed, 22 Mar 2023 13:37:44 GMT
etag: W/"4d16c-187098a3040"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-Regular.ttf
therecord.media/fonts/ 303 KB
144 KB 317ms
315ms Font
font/ttf 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Regular.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1c961ab38b917749.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://therecord.media/_next/static/css/1c961ab38b917749.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-17510d1f3bd5b2754382d3ecd6e5acda-ad2ba97b175e6fe6-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 147167
x-served-by: cache-iad-kiad7000092-IAD, cache-hhn-etou8220079-HHN
last-modified: Wed, 22 Mar 2023 13:37:44 GMT
etag: W/"4ba44-187098a3040"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-ExtraBold.ttf
therecord.media/fonts/ 309 KB
154 KB 252ms
250ms Font
font/ttf 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-ExtraBold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1c961ab38b917749.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6fb3140db2839cabd3662044ef7791206df377b2211046abc71dd039f05fe082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://therecord.media/_next/static/css/1c961ab38b917749.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-17510d1f3aaa9a2ae8ece40534216f17-cc79fc2b15470903-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 157010
x-served-by: cache-iad-kcgs7200106-IAD, cache-hhn-etou8220079-HHN
last-modified: Wed, 22 Mar 2023 13:37:44 GMT
etag: W/"4d52c-187098a3040"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

POST
H2 204 matomo.php
recordedfuture.matomo.cloud/ 0
167 B 138ms
58ms Ping
text/plain 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/matomo.php?action_name=therecord.media%2FCyberattack%20on%20debt-buying%20giant%20exposes%20sensitive%20info%20on%20nearly%20500%2C000%20people&idsite=2&rec=1&r=126818&h=1&m=9&s=23&url=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach&_id=2c4718cd8ac23e9d&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=TvGt2S&fa_pv=1&fa_fp[0][fa_vid]=1i0wWS&fa_fp[0][fa_fv]=1&pf_net=67&pf_srv=28&pf_tfr=1&pf_dm1=32&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://therecord.media
date: Thu, 30 Mar 2023 01:09:23 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 64dc3ec5-330c-4652-88d3-147ee65e90ba.js Show response
j.6sc.co/j/ 576 B
768 B 528ms
428ms Script
application/javascript 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/64dc3ec5-330c-4652-88d3-147ee65e90ba.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b5b527e93a73b8d3702f20ca7d92dee2258b66eb854d35437753383b464d4da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: 45k_zK_ANfvtdHYQ7em24LYlKhHdejg.
content-encoding: gzip
date: Thu, 30 Mar 2023 01:09:24 GMT
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
x-amz-meta-content-type: application/json
content-length: 358
pragma: no-cache
last-modified: Thu, 23 Mar 2023 18:29:26 GMT
server: AmazonS3
etag: "8a331137c6617d4ff4ed18e085fd58d4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: BMF_YoKjak1r0HhVa6q5BzMBFXaJcjIutLfqjWO5KF0O72wp_xurXA==
expires: Thu, 30 Mar 2023 01:09:24 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 33 KB
11 KB 124ms
27ms Script
application/javascript 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

0d9dbf31d05263a24eb79aaf7c6e26917c6ccd31b642bb4a1d34292e25daa405

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 01:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Mar 2023 21:36:45 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "640a516d-8319"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 10492
expires: Thu, 30 Mar 2023 01:09:23 GMT

GET
H2 200 configs.php Show response
recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/ 116 B
291 B 95ms
36ms Script
application/javascript 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=z4hsE1&url=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 579c15915e9d04067cec881ebf264f0791bdf3bf5efa47a1d7ab11bcc525c9ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:23 GMT
content-encoding: gzip
server: Apache
content-length: 119
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type: application/javascript

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
818 B 116ms
29ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Mar 2023 01:09:24 GMT
AN-X-Request-Uuid: 23aa073c-0614-4a2a-b708-35a676b28535
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://therecord.media
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
201 B 30ms
28ms XHR
text/html 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 36 B
337 B 194ms
51ms XHR
text/html 2a02:26f0:480:c::210:f19f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:c::210:f19f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 77e6c71b2878cf0614addf5e9a58b8d5a348e27f2a75ff9b0a2f79ee67347f61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 01:09:24 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://therecord.media
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:1b60:1010:2:1012:3748:955a:c8b2
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466705_34664543_569415505_13_563_42_0";dur=1
content-length: 36
expires: Thu, 30 Mar 2023 01:09:24 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 248ms
220ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=efcd9d60-c6c3-4bba-8df7-0dfb1c1fd625&session=81c1fec1-44ca-4598-89ec-4ab9b5a2b006&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2030%20Mar%202023%2001%3A09%3A23%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20Mar%202023%2001%3A09%3A23%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22f2675e8089b7d209a58fce8ad312f51c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20Mar%202023%2001%3A09%3A23%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22edabaa1866fe08952dde1be9ff37302d63145f08%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20Mar%202023%2001%3A09%3A23%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20Mar%202023%2001%3A09%3A23%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20Mar%202023%2001%3A09%3A23%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Nearly%20half%20a%20million%20people%20had%20their%20sensitive%20financial%20information%20leaked%20during%20a%20cyberattack%20on%20NCB%20Management%20Services%20%E2%80%93%20a%20company%20that%20purchases%20debt.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20on%20debt-buying%20giant%20exposes%20sensitive%20info%20on%20nearly%20500%2C000%20people%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach&pageViewId=e7472843-606d-4274-8b6f-0f222de32935&an_uid=0

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 articles Show response
cms.therecord.media/api/ 8 KB
8 KB 531ms
256ms XHR
application/json 34.73.189.215
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editor&populate[3]=editor.page&populate[4]=image&populate[5]=image.desktop&populate[6]=image.tablet&populate[7]=image.mobile&populate[8]=tags&populate[9]=tags.page&populate[10]=page&filters[id][$ne]=2781&filters[date][$lte]=2023-03-28T23%3A01%3A00.000Z&$or[0][showFrom][$null]=true&$or[1][showFrom][$lte]=2023-03-30T00%3A00%3A00.000Z&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Adesc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

215.189.73.34.bc.googleusercontent.com

Software

/ Strapi <strapi.io>

Resource Hash

8ffd0a15de23ce95983deb5e7039a1866b1fdcd2ed3f5b36e2ff360850ef6120

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
date: Thu, 30 Mar 2023 01:09:24 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
traceresponse: 00-17510d1f698206116d15c55ff3b6b337-c68905b25f9916f5-00
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
content-length: 8338
referrer-policy: no-referrer
expect-ct: max-age=0
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-download-options: noopen
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 articles Show response
cms.therecord.media/api/ 15 KB
15 KB 469ms
193ms XHR
application/json 34.73.189.215
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editor&populate[3]=editor.page&populate[4]=image&populate[5]=image.desktop&populate[6]=image.tablet&populate[7]=image.mobile&populate[8]=tags&populate[9]=tags.page&populate[10]=page&filters[id][$ne]=2781&filters[date][$gte]=2023-03-28T23%3A01%3A00.000Z&filters[$or][0][showFrom][$null]=true&filters[$or][1][showFrom][$lte]=2023-03-30T00%3A00%3A00.000Z&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Aasc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

215.189.73.34.bc.googleusercontent.com

Software

/ Strapi <strapi.io>

Resource Hash

72b95611b6c1b4ac3b036348be19d57b4bf7d0a79a0f85f68aa3a70b9dd02e52

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
date: Thu, 30 Mar 2023 01:09:24 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
traceresponse: 00-17510d1f69832bdde142bb13e2e14a31-29931d8305d4dcc4-00
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
content-length: 14985
referrer-policy: no-referrer
expect-ct: max-age=0
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-download-options: noopen
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 articles Show response
cms.therecord.media/api/ 205 KB
205 KB 592ms
317ms XHR
application/json 34.73.189.215
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editor&populate[3]=editor.page&populate[4]=image&populate[5]=image.desktop&populate[6]=image.tablet&populate[7]=image.mobile&populate[8]=tags&populate[9]=tags.page&populate[10]=page&filters[isBrief][$eq]=true&filters[$or][0][showFrom][$null]=true&filters[$or][1][showFrom][$lte]=2023-03-30T00%3A00%3A00.000Z&sort[0]=date%3Adesc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

215.189.73.34.bc.googleusercontent.com

Software

/ Strapi <strapi.io>

Resource Hash

22a08d25ccabec45e217dd366a16d8540cdc87c23a11accc7dfe793f5abe2f2e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
date: Thu, 30 Mar 2023 01:09:24 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
traceresponse: 00-17510d1f698223cd25621acbb2e2ef8d-781bf75f8331f4b0-00
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
content-length: 209485
referrer-policy: no-referrer
expect-ct: max-age=0
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-download-options: noopen
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 research Show response
www.recordedfuture.com/feed/ 232 KB
65 KB 137ms
57ms Fetch
text/xml 104.18.6.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/feed/research

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

676f8a7e707ada8513dfa4cbf2be6b1067c9d9bd00a0d942e5f01be1c6121b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/rss+xml
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-bac7380798664d7697b0cf11d33520e7, i-bac7380798664d7697b0cf11d33520e7
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 2427
traceresponse: 00-17510aea44f6ab1af79cd3dbeeaf1a65-67698553cf0dbd1e-00
x-cache: HIT
foo: bar
content-length: 65996
x-served-by: cache-hhn-etou8220050-HHN
server: cloudflare
vary: Accept-Encoding
content-type: text/xml
access-control-allow-origin: *
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7afc778aece89296-FRA
x-cache-hits: 1

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 1 KB
853 B 98ms
40ms XHR
application/json 18.193.17.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.17.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-17-71.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 502394d671b88ab781b2ffc96d889ad7fb66dd7f0aa8043611474a3b7f910e3e

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
Authorization: Token edabaa1866fe08952dde1be9ff37302d63145f08
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
content-length: 669

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ 0
0 114ms
32ms Preflight 18.193.17.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.17.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-17-71.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://therecord.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://therecord.media
access-control-max-age: 1800
date: Thu, 30 Mar 2023 01:09:24 GMT
server: nginx

GET
H2 200 index.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/ 30 KB
10 KB 193ms
192ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/index.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

91d1d83783c3232b0f53ff36bbdead8cc7c3f582265ab31219184f07eea2ea7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-1751080878aae98aaab5960d390d03a1-bf7ff74534fb8eab-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 9937
x-served-by: cache-iad-kjyo7100047-IAD, cache-hhn-etou8220079-HHN
etag: "794d-TnoGuo0GpsPp+xYcb0aALO08k9g"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 64, 1

GET
H2 200 leadership.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/ 7 KB
2 KB 193ms
185ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/leadership.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

864ddc1622e2997fa344c315849d72c6de75cf6f223dde5d5ab8a3726719f817

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 45
traceresponse: 00-175107e5a59f79845b1cf60b56d362ea-7a71bb2a787e9c0d-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 1854
x-served-by: cache-iad-kcgs7200044-IAD, cache-hhn-etou8220079-HHN
etag: "1bb2-llUdPH/H/z2ArQJNDW8oFY0hq9M"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 138, 1

GET
H2 200 cybercrime.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/ 7 KB
2 KB 192ms
182ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/cybercrime.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d9f911b104f7205533f35702262643bcfe06b4ba0d14a0130b8a318272471323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 45
traceresponse: 00-175107e5a5305b82937b6fa00497abd6-db9b392fdb54732e-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 1851
x-served-by: cache-iad-kjyo7100156-IAD, cache-hhn-etou8220079-HHN
etag: "1bb2-VhgkZWJEW5JsHwpDthQ/p2JMJm4"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 71, 1

GET
H2 200 nation-state.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/ 7 KB
2 KB 192ms
183ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/nation-state.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

695dee7719fb0d2ad2614f111b10a6fcd13623d96439ac73f16cf25b2bf70216

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 4
traceresponse: 00-175108d12f424a77ab0f4a3612d9a8c0-08091748d1358f5b-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 1845
x-served-by: cache-iad-kjyo7100041-IAD, cache-hhn-etou8220079-HHN
etag: "1bbb-FdH987NCdgOrUqU7DjbPfzflMP4"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 33, 1

GET
H2 200 people.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/ 7 KB
2 KB 193ms
184ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/people.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0fa787d41552b03d08d1784235cd4666a828b6b5f96e28d5537c138f921399df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 4
traceresponse: 00-175108d12f107874624242fab02d0d04-d0cae5ff8ed3c709-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 1838
x-served-by: cache-iad-kiad7000134-IAD, cache-hhn-etou8220079-HHN
etag: "1b9e-MLyXwWAq27ALePW3/eAS5Y4vrkg"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 33, 1

GET
H2 200 technology.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/ 7 KB
2 KB 195ms
187ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/technology.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

741ec6335c604f9d6a6d4d3903124ba5658be3586c12936c538849bdcc75aef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 54
traceresponse: 00-175107e51e1bd076812e1ebb2e1b11a6-6d89c168a6f23e3b-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 1856
x-served-by: cache-iad-kiad7000106-IAD, cache-hhn-etou8220079-HHN
etag: "1bb2-kUyVKQvd7frw0pNm1AoYsFme+8Q"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 150, 1

GET
H2 200 about.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/ 35 KB
7 KB 192ms
185ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/about.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f3bec7626803a0aa598b6e488c040d4e42f71e800971727f8dc0f4681d23347a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 4
traceresponse: 00-175108d12e51c7dd6101f77baf5101b3-163bd46a7c4e0b00-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 6532
x-served-by: cache-iad-kcgs7200092-IAD, cache-hhn-etou8220079-HHN
etag: "8d07-SldSXR/vWdHV9CNuJRUJK9Aanpk"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 33, 1

GET
H2 200 podcast.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/ 118 KB
24 KB 193ms
187ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/podcast.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

94c08976a89382cdfe6eb06fe6a16fbe08085350c499d4c9993ff2b38daec3c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 4
traceresponse: 00-175108d12f5e8ae001ff113734b938c3-423a56e045f32698-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 24786
x-served-by: cache-iad-kcgs7200178-IAD, cache-hhn-etou8220079-HHN
etag: "1d626-OTaES0olL1Z54gNoGn6LoLx/mi0"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 35, 1

GET
H2 200 contact.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/ 8 KB
2 KB 190ms
184ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/contact.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

93d4468c957c6c9ed9c07457cdbd2c577d28fd4a77fd69788d051bb68f5beefc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 45
traceresponse: 00-175108d12f8a62f1848869dc06a6c9c8-142c8fe6d460f8f1-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 2121
x-served-by: cache-iad-kiad7000098-IAD, cache-hhn-etou8220079-HHN
etag: "1ec2-JK2cGk9qvkNz50WtLDBVSTS4NRU"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 32, 1

GET
H2 200 subscribe.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/ 8 KB
2 KB 194ms
188ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/subscribe.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

234f0ea1a8ed7b0edcec59de9b777d1100fa0640c4a975695b313360d097e71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 45
traceresponse: 00-175108d12f84de1075f7b54c446e610b-fd2b264be3a3a294-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 2097
x-served-by: cache-iad-kiad7000159-IAD, cache-hhn-etou8220079-HHN
etag: "1e8b-W88HJpr/F7esj2MuXWdbTi176U8"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 34, 1

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 219ms
217ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=efcd9d60-c6c3-4bba-8df7-0dfb1c1fd625&session=81c1fec1-44ca-4598-89ec-4ab9b5a2b006&event=ipv6&q=%7B%22address%22%3A%222001%3A1b60%3A1010%3A2%3A1012%3A3748%3A955a%3Ac8b2%22%7D&isIframe=false&m=%7B%22description%22%3A%22Nearly%20half%20a%20million%20people%20had%20their%20sensitive%20financial%20information%20leaked%20during%20a%20cyberattack%20on%20NCB%20Management%20Services%20%E2%80%93%20a%20company%20that%20purchases%20debt.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20on%20debt-buying%20giant%20exposes%20sensitive%20info%20on%20nearly%20500%2C000%20people%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach&pageViewId=e7472843-606d-4274-8b6f-0f222de32935&an_uid=0

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 jonathan-greig.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/author/ 8 KB
2 KB 204ms
185ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/author/jonathan-greig.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

18ba652b40b7c89507162f63a5fe56aa8d738dd523d730eeaf739adc157b10e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 10
traceresponse: 00-1751081998ef2010ec6dde812e281a54-be4e217adf0ef09d-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 2351
x-served-by: cache-iad-kjyo7100142-IAD, cache-hhn-etou8220079-HHN
etag: "21d7-VAGVsBTevfJbsEhUxP7e8K2v7eI"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 15, 1

GET
H2 200 hackers-using-USB-sticks.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/ 17 KB
5 KB 204ms
186ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/hackers-using-USB-sticks.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e9a0bfba2073384e5d6d308e1350868aec050e6c27af6933f8def7ca4ce0cd8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 10
traceresponse: 00-175107f0a96c84d6ebfb23d94292c164-80e3cd231ca06e45-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 4811
x-served-by: cache-iad-kjyo7100159-IAD, cache-hhn-etou8220079-HHN
etag: "440f-kcO5T+L965X10S8Y1bKez/71XN8"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 7, 1

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 102ms
28ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 30 Mar 2023 00:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3853
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 30 Mar 2023 02:05:11 GMT

GET
H2 200 image
therecord.media/_next/ 136 KB
137 KB 195ms
193ms Image
image/webp 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Frussian_sanctions_evasion_puts_merchants_banks_risk_3bd90adbf0.jpg&w=1920&q=75

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

318ba0ae4406fcb7ad4e479d4d9cf60948cf3a5b2ad38556d96ba760c7e4860b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
date: Thu, 30 Mar 2023 01:09:24 GMT
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-17510d1f6c9f048ede4e96835aa07133-9bcacb7c70598a04-00
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="russian_sanctions_evasion_puts_merchants_banks_risk_3bd90adbf0.webp"
content-length: 139490
x-served-by: cache-iad-kjyo7100021-IAD, cache-hhn-etou8220079-HHN
etag: MYugrkQG-LetTkedTZz2CUjPOlsq04VW2WunYMfkhgs=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 image
therecord.media/_next/ 142 KB
142 KB 319ms
317ms Image
image/webp 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Firs_cyberattack_highlights_risk_of_tax_refund_fraud_47e79779d1.jpg&w=1920&q=75

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

381f3dd72c9446985a766fdabd9ffec6de323e1ef52c3961f6fe54e5c2226c76

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
date: Thu, 30 Mar 2023 01:09:24 GMT
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-17510d1f6f52991e87e2cb25c7865150-398f473ee8a2691c-00
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="irs_cyberattack_highlights_risk_of_tax_refund_fraud_47e79779d1.webp"
content-length: 145252
x-served-by: cache-iad-kcgs7200023-IAD, cache-hhn-etou8220079-HHN
etag: OB891yyURphadm-avZ-+xt4yPh71LDlh9v5U5cIibHY=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 image
therecord.media/_next/ 157 KB
157 KB 188ms
186ms Image
image/webp 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2F2023_0306_Blog_Intelligence_Report_Main_Feature_a568b8bc4d.jpg&w=1920&q=75

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

27f6d8668c9783c84a32f955c0b3486490dbc8f00ee2191c22903bc32b09df4a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
date: Thu, 30 Mar 2023 01:09:24 GMT
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-17510d1f6c9b4bed6acab51e8e8e0a8b-58392624c8a85e53-00
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="2023_0306_Blog_Intelligence_Report_Main_Feature_a568b8bc4d.webp"
content-length: 160508
x-served-by: cache-iad-kcgs7200055-IAD, cache-hhn-etou8220079-HHN
etag: J-bYZoyXg8hKMvlVwLNIZJDbyPAO4hkcIpA7wysJ30o=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 image
therecord.media/_next/ 149 KB
149 KB 318ms
316ms Image
image/webp 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2F2022_annual_report_333c48e442.jpg&w=1920&q=75

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8a9b9764433e4a6e76ab56a07e59bf76deb3067b76482e159c94875de91a14ad

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
date: Thu, 30 Mar 2023 01:09:24 GMT
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-17510d1f6cfc237412557c5e31bb01f8-381834bd87ae6114-00
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="2022_annual_report_333c48e442.webp"
content-length: 152214
x-served-by: cache-iad-kcgs7200051-IAD, cache-hhn-etou8220079-HHN
etag: ipuXZEM+Sm52q1agflm-dt6zBnt2SC4VnJSHXekaFK0=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
818 B 31ms
31ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Mar 2023 01:09:24 GMT
AN-X-Request-Uuid: 74b95354-f1f8-41a4-a8ce-7de03303327b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://therecord.media
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 229ms
227ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=efcd9d60-c6c3-4bba-8df7-0dfb1c1fd625&session=81c1fec1-44ca-4598-89ec-4ab9b5a2b006&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22f2675e8089b7d209a58fce8ad312f51c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20Mar%202023%2001%3A09%3A24%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%22541%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Nearly%20half%20a%20million%20people%20had%20their%20sensitive%20financial%20information%20leaked%20during%20a%20cyberattack%20on%20NCB%20Management%20Services%20%E2%80%93%20a%20company%20that%20purchases%20debt.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20on%20debt-buying%20giant%20exposes%20sensitive%20info%20on%20nearly%20500%2C000%20people%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach&pageViewId=e7472843-606d-4274-8b6f-0f222de32935&an_uid=0

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 414ms
412ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=efcd9d60-c6c3-4bba-8df7-0dfb1c1fd625&session=81c1fec1-44ca-4598-89ec-4ab9b5a2b006&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%2247c555096cc32557d3e6e7a333d7cb3ea692cee1%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20Mar%202023%2001%3A09%3A24%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%22545%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Nearly%20half%20a%20million%20people%20had%20their%20sensitive%20financial%20information%20leaked%20during%20a%20cyberattack%20on%20NCB%20Management%20Services%20%E2%80%93%20a%20company%20that%20purchases%20debt.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20on%20debt-buying%20giant%20exposes%20sensitive%20info%20on%20nearly%20500%2C000%20people%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach&pageViewId=e7472843-606d-4274-8b6f-0f222de32935&an_uid=0

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 216ms
214ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=efcd9d60-c6c3-4bba-8df7-0dfb1c1fd625&session=81c1fec1-44ca-4598-89ec-4ab9b5a2b006&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20Mar%202023%2001%3A09%3A24%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%22546%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Nearly%20half%20a%20million%20people%20had%20their%20sensitive%20financial%20information%20leaked%20during%20a%20cyberattack%20on%20NCB%20Management%20Services%20%E2%80%93%20a%20company%20that%20purchases%20debt.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20on%20debt-buying%20giant%20exposes%20sensitive%20info%20on%20nearly%20500%2C000%20people%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach&pageViewId=e7472843-606d-4274-8b6f-0f222de32935&an_uid=0

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 222ms
221ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=efcd9d60-c6c3-4bba-8df7-0dfb1c1fd625&session=81c1fec1-44ca-4598-89ec-4ab9b5a2b006&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20Mar%202023%2001%3A09%3A24%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%22550%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Nearly%20half%20a%20million%20people%20had%20their%20sensitive%20financial%20information%20leaked%20during%20a%20cyberattack%20on%20NCB%20Management%20Services%20%E2%80%93%20a%20company%20that%20purchases%20debt.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20on%20debt-buying%20giant%20exposes%20sensitive%20info%20on%20nearly%20500%2C000%20people%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach&pageViewId=e7472843-606d-4274-8b6f-0f222de32935&an_uid=0

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 223ms
222ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=efcd9d60-c6c3-4bba-8df7-0dfb1c1fd625&session=81c1fec1-44ca-4598-89ec-4ab9b5a2b006&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%2264dc3ec5-330c-4652-88d3-147ee65e90ba%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20Mar%202023%2001%3A09%3A24%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%22551%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Nearly%20half%20a%20million%20people%20had%20their%20sensitive%20financial%20information%20leaked%20during%20a%20cyberattack%20on%20NCB%20Management%20Services%20%E2%80%93%20a%20company%20that%20purchases%20debt.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20on%20debt-buying%20giant%20exposes%20sensitive%20info%20on%20nearly%20500%2C000%20people%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach&pageViewId=e7472843-606d-4274-8b6f-0f222de32935&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 404ms
403ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=efcd9d60-c6c3-4bba-8df7-0dfb1c1fd625&session=81c1fec1-44ca-4598-89ec-4ab9b5a2b006&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20Mar%202023%2001%3A09%3A24%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%22551%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Nearly%20half%20a%20million%20people%20had%20their%20sensitive%20financial%20information%20leaked%20during%20a%20cyberattack%20on%20NCB%20Management%20Services%20%E2%80%93%20a%20company%20that%20purchases%20debt.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20on%20debt-buying%20giant%20exposes%20sensitive%20info%20on%20nearly%20500%2C000%20people%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach&pageViewId=e7472843-606d-4274-8b6f-0f222de32935&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 47 B
242 B 34ms
33ms XHR
text/plain 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8d74e3758062ecc59f394524c5106e9b1186203483037fead2a7f842e0900f85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:24 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/plain
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 47

GET
H2 200 / Show response
ipv6.6sc.co/ 36 B
337 B 41ms
41ms XHR
text/html 2a02:26f0:480:c::210:f19f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:c::210:f19f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 77e6c71b2878cf0614addf5e9a58b8d5a348e27f2a75ff9b0a2f79ee67347f61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 01:09:24 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://therecord.media
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:1b60:1010:2:1012:3748:955a:c8b2
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466705_34664543_569415915_10_639_41_0";dur=1
content-length: 36
expires: Thu, 30 Mar 2023 01:09:24 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 35ms
34ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=359028897&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach&ul=en-us&de=UTF-8&dt=Cyberattack%20on%20debt-buying%20giant%20exposes%20sensitive%20info%20on%20nearly%20500%2C000%20people&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=YEBAAEABAAAAACAAI~&jid=1564411806&gjid=1581735211&cid=1287429931.1680138565&tid=UA-9153858-16&_gid=162787157.1680138565&_r=1&_slc=1&gtm=45He33r0n81PVJ5W86&cd1=Credit%20Suisse%20Group%20AG&cd2=Western%20Europe&cd3=10%2C000%2B&cd4=%245B%2B&cd5=Splunk%20Accounts%2CServiceNow%20Accounts%2CAWS%20Accounts&cd6=Decision&cd7=Strong&cd8=Financial%20Services&z=1125675578

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 01:09:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://therecord.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 234ms
222ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=aad017021558000044e12464d8010000d0361200&visitor=efcd9d60-c6c3-4bba-8df7-0dfb1c1fd625&session=81c1fec1-44ca-4598-89ec-4ab9b5a2b006&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20Mar%202023%2001%3A09%3A24%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20Mar%202023%2001%3A09%3A23%20GMT%22%2C%22timeSpent%22%3A%221005%22%2C%22totalTimeSpent%22%3A%221005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Nearly%20half%20a%20million%20people%20had%20their%20sensitive%20financial%20information%20leaked%20during%20a%20cyberattack%20on%20NCB%20Management%20Services%20%E2%80%93%20a%20company%20that%20purchases%20debt.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20on%20debt-buying%20giant%20exposes%20sensitive%20info%20on%20nearly%20500%2C000%20people%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach&pageViewId=e7472843-606d-4274-8b6f-0f222de32935&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Requested by

Host: therecord.media
URL: https://therecord.media/debt-buyer-cyberattack-data-breach

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:25 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 252628.js Show response
js.hs-scripts.com/ 2 KB
937 B 487ms
419ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/252628.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa927ad79a282b72e4c6871f8cb4bcef4d7e308e6a1c1efd47560d2748e2e882

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:25 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 30 Mar 2023 01:05:16 GMT
server: cloudflare
x-hubspot-correlation-id: e7871c5a-dbc3-4d98-9334-8811028e5235
x-trace: 2BDFBA66736C63C9CF358DD1FC86BF003D8A6A6A71000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://therecord.media
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7afc77915ec5368c-FRA
expires: Thu, 30 Mar 2023 01:10:25 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
27ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=359028897&t=pageview&_s=1&dl=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach&ul=en-us&de=UTF-8&dt=Cyberattack%20on%20debt-buying%20giant%20exposes%20sensitive%20info%20on%20nearly%20500%2C000%20people&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1287429931.1680138565&tid=UA-9153858-16&_gid=162787157.1680138565&gtm=45He33r0n81PVJ5W86&cd1=Credit%20Suisse%20Group%20AG&cd2=Western%20Europe&cd3=10%2C000%2B&cd4=%245B%2B&cd5=Splunk%20Accounts%2CServiceNow%20Accounts%2CAWS%20Accounts&cd6=Decision&cd7=Strong&cd8=Financial%20Services&z=1772193283

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25454
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 545 KB
87 KB 117ms
48ms Script
application/javascript 2606:4700::6811:e8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0afe3bcb469471dcaaedd0181f6a0259346575339f09a6a4d4e5100df00ec3fd

Request headers

Referer: https://therecord.media/
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:25 GMT
x-amz-version-id: OHbS.drTXhzGlBgGSuSusLCISmtjihuB
via: 1.1 d6b2e9bf1f40c8fcec509faeb60f8c54.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD55-P3
age: 46479
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1179/bundle/main/lead-flows-release.js&cfRay=7af808d21c943600-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Wed, 29 Mar 2023 10:58:01 UTC
server: cloudflare
etag: W/"6d4ca71bce374032ee1eec31e2ecd382"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 7afc77947f41373d-FRA
x-amz-cf-id: 1_9b0uChakrRceUypuruAJPFB6-Y397yYbcqhQVV-9zEe6P-6GfJnw==
x-hs-target-asset: lead-flows-js/static-1.1179/bundle/main/lead-flows-release.js

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 75 KB
21 KB 116ms
40ms Script
application/javascript 2606:4700::6811:efcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74e3e045a606078d358e1496f86c9341a5a3dde98e3406f7684f75be3eae7b1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:25 GMT
x-amz-version-id: _nhoEY.cnyw_ZC5NRARE7R0haxL9wUsE
via: 1.1 f01dafb3bec9893b47152910d47900a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 581
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.12728/bundles/project.js&cfRay=7afc6960ce763aa0-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Wed, 29 Mar 2023 02:28:24 UTC
server: cloudflare
etag: W/"9a10df18795c16bb00c134f9fd009c1f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7afc77948b3339d9-FRA
x-amz-cf-id: fNlEqR0MGQlkF-DRkcfE3j43D3rGHqw8yPbE4XKv1-Vwq6V0Bqo4aA==
x-hs-target-asset: conversations-embed/static-1.12728/bundles/project.js

GET
H2 200 252628.js Show response
js.hs-analytics.net/analytics/1680138300000/ 66 KB
21 KB 218ms
156ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1680138300000/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3a45e0bebbc6a2bc8f1dbf05a0da8144ba3e313374b1a9af99da9533ab2a334

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:25 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: DDF7ERJ1HPB62ZSN
x-amz-server-side-encryption: AES256
x-amz-id-2: ta1pTeYF9pB4LJN/GP2vPHJT9g+K08zZNXVJdsMe3bD1SiLroPnsbJHg/b4SwnO6+gq45l32DvA=
last-modified: Thu, 23 Mar 2023 16:29:05 GMT
server: cloudflare
etag: W/"b84dbdf4cfe541f7533048cd0bbac966"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 7afc77947f7c9bac-FRA
expires: Thu, 30 Mar 2023 01:14:25 GMT

GET
H2 200 252628.js Show response
js.hs-banner.com/ 60 KB
16 KB 102ms
40ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c14a3581f43637c3a38bf2dc63eb6bd1db03f379531e0c933046757027da5996

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:25 GMT
x-amz-version-id: G0bbSlSfRykjiDD0m1m7bWMeF3mCkT4v
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 6P1YTPG37CBWSSVS
age: 250
x-amz-server-side-encryption: AES256
x-amz-id-2: lI6Mg9PjJKAfePgo7nLZ3jYmE7RF16f/4HQgKNvRyelhM7tuq+3/uhfUY277N1Ql3uN4exFFpHw=
last-modified: Wed, 08 Mar 2023 04:01:20 GMT
server: cloudflare
etag: W/"07e17ba34d46098d956efa1591721142"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://therecord.media
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7afc77947bd66904-FRA
expires: Thu, 30 Mar 2023 01:10:15 GMT

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 291 B
847 B 422ms
422ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=252628&conversations-embed=static-1.12728&mobile=false&messagesUtk=66786f34c2c0449f88fe34269dedc0c6&traceId=66786f34c2c0449f88fe34269dedc0c6

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45d44a353c4ba1f88799fe4d923be95ced8f49f91b4bcde0061090d2065a269a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://therecord.media/debt-buyer-cyberattack-data-breach
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: b5b9714b-3b5f-4524-b9df-ca77f8ad0951
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 229
server: cloudflare
x-trace: 2BF3CC58EDD3BBFB22F6469549399EAF4EF473773A000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://therecord.media
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMeG3g73bF5QoBhA58pyaAoAzSqUB%2BW44zlsXqdYWBzYzOVS4MbrAdZcV6jVE%2FuyHJE016wSGzVKGtm6b8S6kowG%2F5SPqeq8I4Mb7QBeH6DIhFFsh3i7hgSu2rVjBZ0Y%2FPge%2FguNWx1B4GbEaw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 7afc7796487e3a79-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ 0
0 217ms
149ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://therecord.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://therecord.media
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7afc77955fca3a79-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Thu, 30 Mar 2023 01:09:26 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2V5jZn3CQJdaeVyD84d%2BHzgUFjlmFtL5YdzG5tW9kPD8oGovzant1AqgG7MC%2FahZGpUmcPrEsK1vvJoXhzML5S1jUXZop6B%2F5OqkOt8uL3f%2BGyRhvUoyMIJUd48ob0G4cDWIsfkTy9LfFcEGtg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 0e485f49-e217-4c25-8c57-0175f1fe14ea
x-trace: 2BF372DC8CA88DAD6CF8A852A0E8E4C33A359676B0000000000000000000

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
901 B 208ms
150ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3897811554&v=1.1&a=252628&pu=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach&t=Cyberattack+on+debt-buying+giant+exposes+sensitive+info+on+nearly+500%2C000+people&cts=1680138565986&vi=6441a8e75ddb8992dee278422476e16f&nc=true&u=156209188.6441a8e75ddb8992dee278422476e16f.1680138565983.1680138565983.1680138565983.1&b=156209188.1.1680138565983&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c7d8770a-462f-45df-af85-d18433bb77cf
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2sZRUrYW4Qa9PCXtztlu1eQq3QWlpl7BmZNHE3qxVMei8NDx6l%2B2k6L%2FHPdxKMXQR%2Fxd2vQAIWLeyIJ22RBW3N0I%2BN2%2Bltkb3HSpGAb7BcSVLrYYNJABa99nORSAg8jEnNXnah%2BplEUvyMNY4cT"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7afc7795eddc2c2b-FRA
x-robots-tag: none

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 221ms
221ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=aad017021558000044e12464d8010000d0361200&visitor=efcd9d60-c6c3-4bba-8df7-0dfb1c1fd625&session=81c1fec1-44ca-4598-89ec-4ab9b5a2b006&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20Mar%202023%2001%3A09%3A26%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20Mar%202023%2001%3A09%3A24%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%222009%22%7D&isIframe=false&m=%7B%22description%22%3A%22Nearly%20half%20a%20million%20people%20had%20their%20sensitive%20financial%20information%20leaked%20during%20a%20cyberattack%20on%20NCB%20Management%20Services%20%E2%80%93%20a%20company%20that%20purchases%20debt.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20on%20debt-buying%20giant%20exposes%20sensitive%20info%20on%20nearly%20500%2C000%20people%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach&pageViewId=e7472843-606d-4274-8b6f-0f222de32935&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:26 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 2 KB
2 KB 197ms
188ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=252628&utk=6441a8e75ddb8992dee278422476e16f&__hstc=156209188.6441a8e75ddb8992dee278422476e16f.1680138565983.1680138565983.1680138565983.1&__hssc=156209188.1.1680138565983&currentUrl=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae1de45c7ac279896a5b50197a11208dcf2bfa28bcf2921b16ac13936d7ceb72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 242d2eab-8e90-460c-999f-c92a38a0bd67
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://therecord.media
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKzDGRPIFexdOZouYVrLhhKH0uFb8Pqp4ak4jX9AXVTPMjXeKvCvczSdG1NnamIBNy8Hky1bCkqfl3GXSaHX7PXxgqMeCNvb3fJkqR69KANYBWopY%2FHEJ0U9uPpdtdKftq51Iq8TAjRZw%2BCYUs9H"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7afc7795d81b3a79-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
354 B 144ms
144ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=1b047a85-2db0-47ce-a965-8fa2de5a991b&lfi=2694169&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3897811554&v=1.1&a=252628&pu=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach&t=Cyberattack+on+debt-buying+giant+exposes+sensitive+info+on+nearly+500%2C000+people&cts=1680138566236&vi=6441a8e75ddb8992dee278422476e16f&nc=true&u=156209188.6441a8e75ddb8992dee278422476e16f.1680138565983.1680138565983.1680138565983.1&b=156209188.1.1680138565983&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 8449720c-0e13-4db2-a491-1444e0bf1546
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWZ5uYhHVJ9a5bf4DHR4AO1y4Omv88Veq0nYV5O9rF3yhkQHtt97u5PmBXhA0gxLtWyASl%2BnhkeYDjRn3bO9nES2WVVzh2vqqyojyspi7e56aqIjEc1FzJ7%2BbJAzMG8vosIrX%2FgKcJqy3ssGi7Oe"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7afc77971ebe2c2b-FRA
x-robots-tag: none

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 216ms
215ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=aad017021558000044e12464d8010000d0361200&visitor=efcd9d60-c6c3-4bba-8df7-0dfb1c1fd625&session=81c1fec1-44ca-4598-89ec-4ab9b5a2b006&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20Mar%202023%2001%3A09%3A27%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20Mar%202023%2001%3A09%3A26%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%223012%22%7D&isIframe=false&m=%7B%22description%22%3A%22Nearly%20half%20a%20million%20people%20had%20their%20sensitive%20financial%20information%20leaked%20during%20a%20cyberattack%20on%20NCB%20Management%20Services%20%E2%80%93%20a%20company%20that%20purchases%20debt.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20on%20debt-buying%20giant%20exposes%20sensitive%20info%20on%20nearly%20500%2C000%20people%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach&pageViewId=e7472843-606d-4274-8b6f-0f222de32935&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:27 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 iphone-cd1.jpg
go.recordedfuture.com/hubfs/ 83 KB
85 KB 217ms
50ms Image
image/webp 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.recordedfuture.com/hubfs/iphone-cd1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab221b9e81a8439634c9f73c15c96457f75d3632fea1f6256fa4833acc6a314a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-99167145604,P-252628,FLS-ALL
age: 217534
x-amz-request-id: 17NMQ4Q4J6C3JYSA
x-amz-server-side-encryption: AES256
edge-cache-tag: F-99167145604,P-252628,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="iphone-cd1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 18
cf-bgj: imgq:85,h2pri
etag: "f5c3d1b581a50e5c3637310137a43f0e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1674144065940
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 18
date: Thu, 30 Mar 2023 01:09:27 GMT
strict-transport-security: max-age=31536000
via: 1.1 645f43b8717568c0a4b2c8f32ab504dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CyJHfLHHqfqm77ShwrX4xZ78eMxn5Xvx
x-amz-cf-pop: MXP64-P1
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=229013
x-cache: RefreshHit from cloudfront
cache-tag: F-99167145604,P-252628,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85082
x-amz-id-2: 6WSKUhSb0EhT/IlRJVjcdgMbaUYzfXyn3z+mxlT6rZr/gaCq/iRKlBvkkF6FGIuepdJ8FHmKv8A=
last-modified: Thu, 19 Jan 2023 16:01:07 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FW%2Fwom0qZ0c2vdRNT6uGRq3KmZqq%2F2NicVwf3SJqJ15ydyy%2BqT8kENswQwbM8uw5jJ%2BXSFQLAwyFz83xrEYj3ghkiwQN%2Fuop0dkxZ%2BH%2BQcy4vY9Nv5EX5Xv5uPf9OWul03JqHW8MtUVzPpRbGGKJl0O9g%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7afc779e5ec79b74-FRA
x-amz-cf-id: MVAvq69Bdz7uw_GZ4Y3AXxXBNWo1gCRqcZejqpJ35FyNuEj8KzcMmQ==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 224ms
223ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=aad017021558000044e12464d8010000d0361200&visitor=efcd9d60-c6c3-4bba-8df7-0dfb1c1fd625&session=81c1fec1-44ca-4598-89ec-4ab9b5a2b006&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20Mar%202023%2001%3A09%3A28%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20Mar%202023%2001%3A09%3A27%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224013%22%7D&isIframe=false&m=%7B%22description%22%3A%22Nearly%20half%20a%20million%20people%20had%20their%20sensitive%20financial%20information%20leaked%20during%20a%20cyberattack%20on%20NCB%20Management%20Services%20%E2%80%93%20a%20company%20that%20purchases%20debt.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20on%20debt-buying%20giant%20exposes%20sensitive%20info%20on%20nearly%20500%2C000%20people%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach&pageViewId=e7472843-606d-4274-8b6f-0f222de32935&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:28 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 221ms
221ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=aad017021558000044e12464d8010000d0361200&visitor=efcd9d60-c6c3-4bba-8df7-0dfb1c1fd625&session=81c1fec1-44ca-4598-89ec-4ab9b5a2b006&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20Mar%202023%2001%3A09%3A29%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20Mar%202023%2001%3A09%3A28%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%225015%22%7D&isIframe=false&m=%7B%22description%22%3A%22Nearly%20half%20a%20million%20people%20had%20their%20sensitive%20financial%20information%20leaked%20during%20a%20cyberattack%20on%20NCB%20Management%20Services%20%E2%80%93%20a%20company%20that%20purchases%20debt.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20on%20debt-buying%20giant%20exposes%20sensitive%20info%20on%20nearly%20500%2C000%20people%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fdebt-buyer-cyberattack-data-breach&pageViewId=e7472843-606d-4274-8b6f-0f222de32935&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:09:29 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.therecord.media/	1970-01-20 20:08:13	Name: _pk_id.2.de70 Value: 2c4718cd8ac23e9d.1680138564.
.therecord.media/	1970-01-20 10:42:20	Name: _pk_ses.2.de70 Value: 1
therecord.media/	1970-01-20 10:52:23	Name: _an_uid Value: 0
therecord.media/	1970-01-20 20:18:18	Name: _gd_visitor Value: efcd9d60-c6c3-4bba-8df7-0dfb1c1fd625
therecord.media/	1970-01-20 10:42:32	Name: _gd_session Value: 81c1fec1-44ca-4598-89ec-4ab9b5a2b006
.6sc.co/	1970-01-20 20:18:18	Name: 6suuid Value: aad017021558000044e12464d8010000d0361200
therecord.media/	1970-01-20 20:18:18	Name: _gd_svisitor Value: aad017021558000044e12464d8010000d0361200
.therecord.media/	1970-01-20 20:18:18	Name: _ga Value: GA1.2.1287429931.1680138565
.therecord.media/	1970-01-20 10:43:44	Name: _gid Value: GA1.2.162787157.1680138565
.therecord.media/	1970-01-20 10:42:18	Name: _gat_UA-9153858-16 Value: 1
.therecord.media/	1970-01-20 15:01:30	Name: __hstc Value: 156209188.6441a8e75ddb8992dee278422476e16f.1680138565983.1680138565983.1680138565983.1
.therecord.media/	1970-01-20 15:01:30	Name: hubspotutk Value: 6441a8e75ddb8992dee278422476e16f
.therecord.media/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.therecord.media/	1970-01-20 10:42:20	Name: __hssc Value: 156209188.1.1680138565983
.hubspot.com/	1970-01-20 10:42:20	Name: __cf_bm Value: OYxT81lXR9I4GVrZEwBoQ4jOI9Dmg_VqUgCTta3Abrs-1680138566-0-Ac2IhfRC/C9RGI7bnTI5/ztPjjMhAFNefnJp4CFicO/QIvmj51Ev1IOrOCOduPG3Te3OtfEkqkf6mvSZVRhUScU=
.go.recordedfuture.com/	1970-01-20 10:42:20	Name: __cf_bm Value: 6oudfDiGAbj45Xu8vfrjhhOSz9NjWe9GkEyMNYwReWI-1680138567-0-ASONCMEGWq/b6maU/SjxboLi9A3Yc7loIsuzl3RQADwIkq4uK/RIPrM8T+jYpbrlH49/9DGaofYb7ScJay9UvJQ=
.go.recordedfuture.com/	1969-12-31 23:59:59	Name: __cfruid Value: 82fe2828a2cd8d63eb663a766575eb100a33e4c1-1680138567

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31557600

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
b.6sc.co
c.6sc.co
cdn.matomo.cloud
cms.therecord.media
epsilon.6sense.com
forms.hubspot.com
go.recordedfuture.com
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
js.usemessages.com
recordedfuture.matomo.cloud
secure.adnxs.com
therecord.media
track.hubspot.com
www.google-analytics.com
www.googletagmanager.com
www.recordedfuture.com
104.18.6.66
151.101.194.216
18.193.17.71
2600:9000:2156:600:c:7d55:b3c0:93a1
2606:2c40::c73c:67fe
2606:4700:4400::ac40:9a55
2606:4700::6811:44b0
2606:4700::6811:d4cc
2606:4700::6811:e8cc
2606:4700::6811:efcc
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:828::200e
2a00:1450:4001:831::2008
2a02:26f0:480:c::210:f19f
3.126.133.169
34.73.189.215
37.252.171.52
95.101.111.170
04b586d07a484c8434549bce3719c6b222f543da3992280d7d0e5aba73e58cc7
0afe3bcb469471dcaaedd0181f6a0259346575339f09a6a4d4e5100df00ec3fd
0d9dbf31d05263a24eb79aaf7c6e26917c6ccd31b642bb4a1d34292e25daa405
0fa787d41552b03d08d1784235cd4666a828b6b5f96e28d5537c138f921399df
11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029
18ba652b40b7c89507162f63a5fe56aa8d738dd523d730eeaf739adc157b10e4
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22a08d25ccabec45e217dd366a16d8540cdc87c23a11accc7dfe793f5abe2f2e
234f0ea1a8ed7b0edcec59de9b777d1100fa0640c4a975695b313360d097e71b
27f6d8668c9783c84a32f955c0b3486490dbc8f00ee2191c22903bc32b09df4a
289b2d1ce4d54cc5beaf33954834c36f17a47d3f6fccd171b1d02f3ee92e5bf8
2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470
2b5b527e93a73b8d3702f20ca7d92dee2258b66eb854d35437753383b464d4da
318ba0ae4406fcb7ad4e479d4d9cf60948cf3a5b2ad38556d96ba760c7e4860b
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
381f3dd72c9446985a766fdabd9ffec6de323e1ef52c3961f6fe54e5c2226c76
45d44a353c4ba1f88799fe4d923be95ced8f49f91b4bcde0061090d2065a269a
47ffa893783fc65afe67f1e006952bd8f3dc635c601912c3c718fb7720ce03f0
494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a
502394d671b88ab781b2ffc96d889ad7fb66dd7f0aa8043611474a3b7f910e3e
50a74345b15cab0523e0c100c6d20786044a00f84957c7a639410b99cfd56e1a
51fd18749afc27e1809dddc215120cc9d95ef9420f7c7ca446c632ee892c26c6
54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7
579c15915e9d04067cec881ebf264f0791bdf3bf5efa47a1d7ab11bcc525c9ff
58b7835fb7b6028146a46edd3ef238b71759d0a5d597ce39f90b7de730899e92
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
676f8a7e707ada8513dfa4cbf2be6b1067c9d9bd00a0d942e5f01be1c6121b82
695dee7719fb0d2ad2614f111b10a6fcd13623d96439ac73f16cf25b2bf70216
6fb145f1185850a1f9937c5d5afb3260adbcef791d0a94e1c09b54aa00808982
6fb3140db2839cabd3662044ef7791206df377b2211046abc71dd039f05fe082
72b95611b6c1b4ac3b036348be19d57b4bf7d0a79a0f85f68aa3a70b9dd02e52
741ec6335c604f9d6a6d4d3903124ba5658be3586c12936c538849bdcc75aef3
74e3e045a606078d358e1496f86c9341a5a3dde98e3406f7684f75be3eae7b1a
75ef329dcdc3a24cb69b9057b00d785e7ce58c751f55aed75205871c3c62809a
77e6c71b2878cf0614addf5e9a58b8d5a348e27f2a75ff9b0a2f79ee67347f61
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
864ddc1622e2997fa344c315849d72c6de75cf6f223dde5d5ab8a3726719f817
8a9b9764433e4a6e76ab56a07e59bf76deb3067b76482e159c94875de91a14ad
8d74e3758062ecc59f394524c5106e9b1186203483037fead2a7f842e0900f85
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
8ffd0a15de23ce95983deb5e7039a1866b1fdcd2ed3f5b36e2ff360850ef6120
91d1d83783c3232b0f53ff36bbdead8cc7c3f582265ab31219184f07eea2ea7d
93d4468c957c6c9ed9c07457cdbd2c577d28fd4a77fd69788d051bb68f5beefc
94c08976a89382cdfe6eb06fe6a16fbe08085350c499d4c9993ff2b38daec3c1
98e48dda03df469f34c19aceed95b86dfd61da021d23e54cea30669be9639a3e
a0b1f949528f7a3a2d2ff3b6df67c6c1b5cb8f62a2eba6eb5e06adff2d5795f3
aa927ad79a282b72e4c6871f8cb4bcef4d7e308e6a1c1efd47560d2748e2e882
ab221b9e81a8439634c9f73c15c96457f75d3632fea1f6256fa4833acc6a314a
ae1de45c7ac279896a5b50197a11208dcf2bfa28bcf2921b16ac13936d7ceb72
c14a3581f43637c3a38bf2dc63eb6bd1db03f379531e0c933046757027da5996
d9f911b104f7205533f35702262643bcfe06b4ba0d14a0130b8a318272471323
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de1c29315bca5ba3eef86156ed15e1baa6776b072163fb3e710cc8ce3ae120e1
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e1885518498078290fc8152f0618b843ebfa8df10726b4571b11ec0355be9ee3
e2ea411b32eb0f8f7ecee62a4a599e510c68d51c04b0246e436a50ea016b70e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e462bff299dcf3d0e319045b9b4d79cd70615adb8be2af3be5ba9f6c1700d7ab
e9a0bfba2073384e5d6d308e1350868aec050e6c27af6933f8def7ca4ce0cd8b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8
f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635
f3a45e0bebbc6a2bc8f1dbf05a0da8144ba3e313374b1a9af99da9533ab2a334
f3bec7626803a0aa598b6e488c040d4e42f71e800971727f8dc0f4681d23347a
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

therecord.media Open in urlscan Pro 151.101.194.216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

82 Requests

100 %HTTPS

63 %IPv6

14 Domains

22 Subdomains

20 IPs

3 Countries

2738 kBTransfer

5807 kBSize

17 Cookies

19 Outgoing links

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

therecord.media Open in urlscan Pro
151.101.194.216 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

100 %
HTTPS

63 %
IPv6

14
Domains

22
Subdomains

20
IPs

3
Countries

2738 kB
Transfer

5807 kB
Size

17
Cookies

82 HTTP transactions
1 data transactions