therecord.media Open in urlscan Pro
2606:4700::6812:1c78 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://therecord.media/ransomware-gangs-extorted-record-amounts
Submission: On July 13 via api (July 13th 2023, 2:14:28 am UTC) from TR — Scanned from DE

Summary HTTP 79 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 16 domains to perform 79 HTTP transactions. The main IP is 2606:4700::6812:1c78, located in United States and belongs to CLOUDFLARENET, US. The main domain is therecord.media. The Cisco Umbrella rank of the primary domain is 197912.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2023. Valid for: a year.

This is the only time therecord.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
43	2606:4700::68... 2606:4700::6812:1c78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:224... 2600:9000:224a:2c00:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.18.6.66 104.18.6.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	23.213.161.224 23.213.161.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:853b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.126.133.169 3.126.133.169	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
2	18.158.110.93 18.158.110.93	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:8cce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:18c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:806e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2c40::c7... 2606:2c40::c73c:67fe	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
79	20

43 2606:4700::6812:1c78 (United States)

ASN13335 (CLOUDFLARENET, US)

therecord.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.therecord.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:2c00:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.6.66 (None, )

ASN13335 (CLOUDFLARENET, US)

www.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.213.161.224 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-224.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:853b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.133.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com

recordedfuture.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.110.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-110-93.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8cce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:806e (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2c40::c73c:67fe (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	therecord.media therecord.media — Cisco Umbrella Rank: 197912 cms.therecord.media — Cisco Umbrella Rank: 470922	3 MB
9	6sc.co j.6sc.co — Cisco Umbrella Rank: 6369 c.6sc.co — Cisco Umbrella Rank: 9185 b.6sc.co — Cisco Umbrella Rank: 4176	14 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	21 KB
4	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 20932 recordedfuture.matomo.cloud — Cisco Umbrella Rank: 685593	67 KB
3	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2542 forms.hubspot.com — Cisco Umbrella Rank: 4687	4 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	228 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 10419	594 B
2	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 469	1 KB
2	recordedfuture.com www.recordedfuture.com — Cisco Umbrella Rank: 303808 go.recordedfuture.com — Cisco Umbrella Rank: 310168	234 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4595	86 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2438	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2425	21 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4752	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130	253 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2556	253 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2680	1 KB
79	16

	Domain	Requested by
35	therecord.media	therecord.media
8	cms.therecord.media	therecord.media
6	b.6sc.co
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	therecord.media www.googletagmanager.com www.google-analytics.com
2	track.hubspot.com
2	epsilon.6sense.com	j.6sc.co
2	secure.adnxs.com	j.6sc.co
2	recordedfuture.matomo.cloud	cdn.matomo.cloud
2	j.6sc.co	www.googletagmanager.com therecord.media
2	cdn.matomo.cloud	therecord.media
1	go.recordedfuture.com
1	forms.hubspot.com	js.hsleadflows.net
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	region1.google-analytics.com	www.googletagmanager.com
1	c.6sc.co	j.6sc.co
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	www.recordedfuture.com	therecord.media
79	23

This site contains links to these domains. Also see Links.

Domain
www.recordedfuture.com
twitter.com
www.linkedin.com
www.facebook.com
www.reddit.com
news.ycombinator.com
blog.chainalysis.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M01	`2023-02-24` - `2023-12-25`	10 months	crt.sh
*.recordedfuture.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-03` - `2024-03-05`	a year	crt.sh
6sc.co R3	`2023-05-25` - `2023-08-23`	3 months	crt.sh
*.matomo.cloud Amazon RSA 2048 M02	`2023-06-21` - `2024-07-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
go.recordedfuture.com GTS CA 1P5	`2023-06-26` - `2023-09-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://therecord.media/ransomware-gangs-extorted-record-amounts
Frame ID: CE4F59499CA58B12F27D97EC45177640
Requests: 79 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ransomware gangs have extorted $449 million this year: Chainalysis

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

79
Requests

100 %
HTTPS

74 %
IPv6

16
Domains

23
Subdomains

20
IPs

4
Countries

3914 kB
Transfer

7568 kB
Size

18
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.recordedfuture.com/privacy-policy/?__hstc=156209188.5d11f331b05fc4b3ecef360d59175fcc.1689214463963.1689214463963.1689214463963.1&__hssc=156209188.1.1689214463963&__hsfp=2241961375
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/platform/mobile-app?__hstc=156209188.5d11f331b05fc4b3ecef360d59175fcc.1689214463963.1689214463963.1689214463963.1&__hssc=156209188.1.1689214463963&__hsfp=2241961375
Title: Mobile App

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Ransomware%20gangs%20have%20extorted%20$449%20million%20this%20year:%20Chainalysis%20https://therecord.media/ransomware-gangs-extorted-record-amounts%20@TheRecord_Media

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://therecord.media/ransomware-gangs-extorted-record-amounts&title=Ransomware%20gangs%20have%20extorted%20$449%20million%20this%20year:%20Chainalysis

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://therecord.media/ransomware-gangs-extorted-record-amounts&src=sdkpreparse

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://therecord.media/ransomware-gangs-extorted-record-amounts

Search URL Search Domain Scan URL

URL: https://news.ycombinator.com/submitlink?u=https://therecord.media/ransomware-gangs-extorted-record-amounts&t=Ransomware%20gangs%20have%20extorted%20$449%20million%20this%20year:%20Chainalysis

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/platform?mtm_campaign=ad-unit-record&__hstc=156209188.5d11f331b05fc4b3ecef360d59175fcc.1689214463963.1689214463963.1689214463963.1&__hssc=156209188.1.1689214463963&__hsfp=2241961375
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://blog.chainalysis.com/reports/crypto-crime-midyear-2023-update-ransomware-scams/
Title: Charts from Chainalysis

Search URL Search Domain Scan URL

URL: https://twitter.com/jgreigj

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/chinas-targeting-international-companies-geopolitical-competition?__hstc=156209188.5d11f331b05fc4b3ecef360d59175fcc.1689214463963.1689214463963.1689214463963.1&__hssc=156209188.1.1689214463963&__hsfp=2241961375
Title: China's Targeting of International Companies in Geopolitical CompetitionChina's Targeting of International Companies in Geopolitical Competition

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/escalating-global-risk-environment-submarine-cables?__hstc=156209188.5d11f331b05fc4b3ecef360d59175fcc.1689214463963.1689214463963.1689214463963.1&__hssc=156209188.1.1689214463963&__hsfp=2241961375
Title: The Escalating Global Risk Environment for Submarine CablesThe Escalating Global Risk Environment for Submarine Cables

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/north-koreas-cyber-strategy?__hstc=156209188.5d11f331b05fc4b3ecef360d59175fcc.1689214463963.1689214463963.1689214463963.1&__hssc=156209188.1.1689214463963&__hsfp=2241961375
Title: North Korea’s Cyber StrategyNorth Korea’s Cyber Strategy

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/bluedelta-exploits-ukrainian-government-roundcube-mail-servers?__hstc=156209188.5d11f331b05fc4b3ecef360d59175fcc.1689214463963.1689214463963.1689214463963.1&__hssc=156209188.1.1689214463963&__hsfp=2241961375
Title: BlueDelta Exploits Ukrainian Government Roundcube Mail Servers to Support Espionage ActivitiesBlueDelta Exploits Ukrainian Government Roundcube Mail Servers to Support Espionage Activities

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/north-korea-aligned-tag-71-spoofs-financial-institutions?__hstc=156209188.5d11f331b05fc4b3ecef360d59175fcc.1689214463963.1689214463963.1689214463963.1&__hssc=156209188.1.1689214463963&__hsfp=2241961375
Title: North Korea-Aligned TAG-71 Spoofs Financial Institutions in Asia and USNorth Korea-Aligned TAG-71 Spoofs Financial Institutions in Asia and US

Search URL Search Domain Scan URL

URL: https://twitter.com/TheRecord_Media

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-record-by-recorded-future

Search URL Search Domain Scan URL

URL: https://www.instagram.com/therecord_media/

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/privacy-policy?__hstc=156209188.5d11f331b05fc4b3ecef360d59175fcc.1689214463963.1689214463963.1689214463963.1&__hssc=156209188.1.1689214463963&__hsfp=2241961375
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

79 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ransomware-gangs-extorted-record-amounts Show response
therecord.media/ 42 KB
9 KB 183ms
126ms Document
text/html 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/ransomware-gangs-extorted-record-amounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

4079636a69b73ee4cfa29eefa53395404418880d43ab2602acc76b164acca12a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22
cache-control: s-maxage=60, stale-while-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e5e0313297bbb3b-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 13 Jul 2023 02:14:22 GMT
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
traceresponse: 00-1771327c73446f74606d7ca6b92a6732-d53f4de9fb01db17-00
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 6, 1
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-powered-by: Next.js
x-served-by: cache-iad-kjyo7100118-IAD, cache-fra-eddf8230124-FRA

GET
H2 200 hacker_keyboard_8400e1555c.jpg
cms.therecord.media/uploads/ 34 KB
34 KB 344ms
334ms Image
image/jpeg 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/hacker_keyboard_8400e1555c.jpg?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/ransomware-gangs-extorted-record-amounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e124a35269796f901308dc9c34f157d82046399bedefbf417c7b9d8be8cbf892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
traceresponse: 00-17714b9a8a062bf218cc2c0f09815121-528b96120e2f8e1e-00
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
content-length: 34866
last-modified: Mon, 06 Feb 2023 18:52:32 GMT
server: cloudflare
etag: "63e14c70-8832"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/jpeg
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7e5e03141a17bb3b-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Thu, 13 Jul 2023 02:19:22 GMT

GET
H2 200 DSC_0283_1_a6f4e4e315.jpg
cms.therecord.media/uploads/ 1 MB
1 MB 343ms
334ms Image
image/jpeg 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/DSC_0283_1_a6f4e4e315.jpg?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/ransomware-gangs-extorted-record-amounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04c7bd8acf65fb3710235e4be01a7c4d661638f9917c4c56a818fbcc89990fb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
traceresponse: 00-17714b9a8a035e0e217030d908df7de0-e3e8a0454a8b6531-00
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
content-length: 1438874
last-modified: Wed, 07 Jun 2023 14:35:08 GMT
server: cloudflare
etag: "6480959c-15f49a"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/jpeg
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7e5e03141a1dbb3b-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Thu, 13 Jul 2023 02:19:22 GMT

GET
H2 200 The_Record_Centered_9b27d79125.svg
cms.therecord.media/uploads/ 7 KB
3 KB 152ms
144ms Image
image/svg+xml 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/The_Record_Centered_9b27d79125.svg?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/ransomware-gangs-extorted-record-amounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
traceresponse: 00-17714b9a7e27970d37cdc02b80452ab3-b4fa4db859aa0186-00
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
last-modified: Thu, 12 Jan 2023 17:06:51 GMT
server: cloudflare
etag: W/"63c03e2b-1c5f"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/svg+xml
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7e5e03141a18bb3b-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Thu, 13 Jul 2023 02:19:22 GMT

GET
H2 200 2bef7a7062791382.css
therecord.media/_next/static/css/ 55 KB
11 KB 38ms
37ms Stylesheet
text/css 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/css/2bef7a7062791382.css

Requested by

Host: therecord.media
URL: https://therecord.media/ransomware-gangs-extorted-record-amounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f30589d022e5188750a266bf379789ace026df4171a2c22236e9f665c84f0edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 216265
traceresponse: 00-177086e9495d28f3d8d3283ae63f1c99-10649819f6ea6b85-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000087-IAD, cache-fra-eddf8230025-FRA
last-modified: Mon, 10 Jul 2023 14:09:46 GMT
server: cloudflare
etag: W/"dd4b-18940230ede"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e03140a0cbb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 4, 2

GET
H2 200 ef46db3751d8e999.css
therecord.media/_next/static/css/ 0
187 B 41ms
41ms Stylesheet
text/css 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/css/ef46db3751d8e999.css

Requested by

Host: therecord.media
URL: https://therecord.media/ransomware-gangs-extorted-record-amounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 1873081
traceresponse: 00-176aa40bb4cd147f68dc9fcad48e9b13-8c1bd056201c33f1-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 0
x-served-by: cache-iad-kcgs7200091-IAD, cache-fra-eddf8230055-FRA
last-modified: Wed, 21 Jun 2023 09:56:09 GMT
server: cloudflare
etag: W/"0-188dd6206ae"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
cf-ray: 7e5e03140a0dbb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 1, 1

GET
H2 200 Chainalysis_graf_970e7cc45f.png
cms.therecord.media/uploads/ 71 KB
71 KB 342ms
335ms Image
image/png 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/Chainalysis_graf_970e7cc45f.png

Requested by

Host: therecord.media
URL: https://therecord.media/ransomware-gangs-extorted-record-amounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91bdc8029d05b1a5ab2a992b8a75ec154043241f793b5d433ddf744eaca261b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
traceresponse: 00-17714b9a8a216b8bef2b1baa78413916-42713ffa3d1cd471-00
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
content-length: 72219
last-modified: Wed, 12 Jul 2023 18:28:54 GMT
server: cloudflare
etag: "64aef0e6-11a1b"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/png
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7e5e03141a1bbb3b-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Thu, 13 Jul 2023 02:19:22 GMT

GET
H2 200 Ransomware_tracker_aaf05499ac.jpeg
cms.therecord.media/uploads/ 154 KB
154 KB 342ms
334ms Image
image/jpeg 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/Ransomware_tracker_aaf05499ac.jpeg

Requested by

Host: therecord.media
URL: https://therecord.media/ransomware-gangs-extorted-record-amounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43d6ff096e1053bba99248308fa1f9233a56a80a0923b74d3a0a532d8fc1d84a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
traceresponse: 00-17714b9a8a13074a3d682e40b41ef4b3-b95ac47b06ed60a0-00
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
content-length: 157484
last-modified: Wed, 12 Jul 2023 18:29:17 GMT
server: cloudflare
etag: "64aef0fd-2672c"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/jpeg
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7e5e03141a19bb3b-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Thu, 13 Jul 2023 02:19:22 GMT

GET
H2 200 rocket-loader.min.js Show response
therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 23ms
23ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: therecord.media
URL: https://therecord.media/ransomware-gangs-extorted-record-amounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 07 Jul 2023 15:32:00 GMT
server: cloudflare
content-encoding: gzip
etag: W/"64a82ff0-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7e5e03140a0ebb3b-FRA
expires: Sat, 15 Jul 2023 02:14:22 GMT

GET
H2 200 _middlewareManifest.js Show response
therecord.media/_next/static/tjRoO-1bbZYAN86TYSS0X/ 92 B
280 B 37ms
36ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/tjRoO-1bbZYAN86TYSS0X/_middlewareManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 151669
traceresponse: 00-1770c1a93116fb89a7f0231694a6401d-ed61db70cbe043c8-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200047-IAD, cache-fra-eddf8230028-FRA
last-modified: Tue, 11 Jul 2023 08:06:26 GMT
server: cloudflare
etag: W/"5c-18943fcc64c"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e03146a4dbb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 4, 3

GET
H2 200 _ssgManifest.js Show response
therecord.media/_next/static/tjRoO-1bbZYAN86TYSS0X/ 99 B
241 B 42ms
41ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/tjRoO-1bbZYAN86TYSS0X/_ssgManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 151669
traceresponse: 00-1770c1a93f6ea569033ebc72e2858a00-17e66bd386ab652b-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100155-IAD, cache-fra-eddf8230102-FRA
last-modified: Tue, 11 Jul 2023 08:06:26 GMT
server: cloudflare
etag: W/"63-18943fcc64c"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e03146a4ebb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 12, 2

GET
H2 200 _buildManifest.js Show response
therecord.media/_next/static/tjRoO-1bbZYAN86TYSS0X/ 1 KB
610 B 43ms
42ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/tjRoO-1bbZYAN86TYSS0X/_buildManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dfb5a4ffffb53c23cc9494463b701a66bb41b82017e72ea13e67d9075490e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 151669
traceresponse: 00-1770c1a940a60b7f4a1912ab25209bc1-03283a7568985bc8-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000093-IAD, cache-fra-eddf8230134-FRA
last-modified: Tue, 11 Jul 2023 08:06:26 GMT
server: cloudflare
etag: W/"4b7-18943fcc64c"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e03146a51bb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 3, 1

GET
H2 200 %5B%5B...slug%5D%5D-490034abd1ea1a6f.js Show response
therecord.media/_next/static/chunks/pages/ 70 KB
15 KB 39ms
38ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/pages/%5B%5B...slug%5D%5D-490034abd1ea1a6f.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4219d81a1c3a24a3d56b48388f38233c67bee491f2277b1a49381cdd48fd84a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 151669
traceresponse: 00-1770c1a93fdd68ccbb6559f0fa45e3c8-d6232c262b4e7eb4-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000051-IAD, cache-fra-eddf8230086-FRA
last-modified: Tue, 11 Jul 2023 08:06:26 GMT
server: cloudflare
etag: W/"11773-18943fcc647"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e03146a52bb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 11, 3

GET
H2 200 977-e38b8fb396ffc0d3.js Show response
therecord.media/_next/static/chunks/ 963 KB
250 KB 45ms
44ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/977-e38b8fb396ffc0d3.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7506f47d43bf49db6d46d19333d8a5aba269a9c821254745dc664af42284ce02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 216265
traceresponse: 00-177086e94ce78ec9aacbd2611283cf6d-1d3bfb3a1afcd90a-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100051-IAD, cache-fra-eddf8230091-FRA
last-modified: Mon, 10 Jul 2023 14:09:46 GMT
server: cloudflare
etag: W/"f0abe-18940230eda"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e03146a53bb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 1, 44

GET
H2 200 _app-2024e4aaf5b4a59e.js Show response
therecord.media/_next/static/chunks/pages/ 114 KB
38 KB 42ms
41ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/pages/_app-2024e4aaf5b4a59e.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04b586d07a484c8434549bce3719c6b222f543da3992280d7d0e5aba73e58cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 2570688
traceresponse: 00-176829935c1f67a8d44bbf27fd0bdd7b-bad2b42df3a3d273-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100055-IAD, cache-fra-eddf8230045-FRA
last-modified: Wed, 07 Jun 2023 14:46:00 GMT
server: cloudflare
etag: W/"1c769-18896525dda"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e03146a54bb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 5035, 1

GET
H2 200 main-a054bbf31fb90f6a.js Show response
therecord.media/_next/static/chunks/ 98 KB
27 KB 43ms
42ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1885518498078290fc8152f0618b843ebfa8df10726b4571b11ec0355be9ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 1768638
traceresponse: 00-176b03096f05d66c95e234d7a1bd428e-7f6ca679a1913124-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000135-IAD, cache-fra-eddf8230108-FRA
last-modified: Wed, 21 Jun 2023 14:40:39 GMT
server: cloudflare
etag: W/"186c8-188de667f80"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e03146a57bb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 1579, 3

GET
H2 200 framework-5f4595e5518b5600.js Show response
therecord.media/_next/static/chunks/ 127 KB
42 KB 43ms
43ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/framework-5f4595e5518b5600.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 3079069
traceresponse: 00-17665b34bae2a7df05fc3b3cdd5338cd-b35030714d2191a9-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200081-IAD, cache-fra-eddf8230119-FRA
last-modified: Wed, 31 May 2023 12:23:36 GMT
server: cloudflare
etag: W/"1fbbb-18871c379b6"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e03146a58bb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 8091, 1

GET
H2 200 webpack-5752944655d749a0.js Show response
therecord.media/_next/static/chunks/ 2 KB
1 KB 42ms
42ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/webpack-5752944655d749a0.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 2543703
traceresponse: 00-1768421e4e513a1282a00a3cf61d0b27-1e4553a805efcf00-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100179-IAD, cache-fra-eddf8230029-FRA
last-modified: Wed, 07 Jun 2023 14:46:00 GMT
server: cloudflare
etag: W/"673-18896525ddc"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e03146a59bb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 10746, 2

GET
H2 200 Inter-SemiBold.ttf
therecord.media/fonts/ 308 KB
150 KB 212ms
212ms Font
font/ttf 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-SemiBold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/2bef7a7062791382.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/2bef7a7062791382.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17714b9a81b4ced33fcc43d1cc1f49f4-30693775b3049362-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000102-IAD, cache-fra-eddf8230136-FRA
last-modified: Tue, 11 Jul 2023 08:00:48 GMT
server: cloudflare
etag: W/"4d16c-18943f79b80"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e03146a5dbb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 icomoon.ttf
therecord.media/icons/fonts/ 5 KB
4 KB 151ms
150ms Font
font/ttf 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/icons/fonts/icomoon.ttf?l2zjlc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/2bef7a7062791382.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2ea411b32eb0f8f7ecee62a4a599e510c68d51c04b0246e436a50ea016b70e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/2bef7a7062791382.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17714b9a81eb528166bc726008f809bb-6346f745855c0a42-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100149-IAD, cache-fra-eddf8230093-FRA
last-modified: Tue, 11 Jul 2023 08:00:48 GMT
server: cloudflare
etag: W/"1304-18943f79b80"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e03146a5ebb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-Medium.ttf
therecord.media/fonts/ 307 KB
149 KB 198ms
197ms Font
font/ttf 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Medium.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/2bef7a7062791382.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0b1f949528f7a3a2d2ff3b6df67c6c1b5cb8f62a2eba6eb5e06adff2d5795f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/2bef7a7062791382.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17714b9a81c4a4fc3ddfaf59b2376e29-b477c0fbb77850c3-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000051-IAD, cache-fra-eddf8230139-FRA
last-modified: Tue, 11 Jul 2023 08:00:48 GMT
server: cloudflare
etag: W/"4cd58-18943f79b80"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e03146a5fbb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-Regular.ttf
therecord.media/fonts/ 303 KB
141 KB 298ms
297ms Font
font/ttf 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Regular.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/2bef7a7062791382.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/2bef7a7062791382.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17714b9a81cc1985885c5b2e8e543490-9a6219aa1c2a14af-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000092-IAD, cache-fra-eddf8230038-FRA
last-modified: Tue, 11 Jul 2023 08:00:48 GMT
server: cloudflare
etag: W/"4ba44-18943f79b80"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e03146a60bb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-ExtraBold.ttf
therecord.media/fonts/ 309 KB
151 KB 213ms
212ms Font
font/ttf 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-ExtraBold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/2bef7a7062791382.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fb3140db2839cabd3662044ef7791206df377b2211046abc71dd039f05fe082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/2bef7a7062791382.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17714b9a81b4cf6c30dc34dc23b03c90-8fd1e433c3d30c85-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000107-IAD, cache-fra-eddf8230051-FRA
last-modified: Tue, 11 Jul 2023 08:00:48 GMT
server: cloudflare
etag: W/"4d52c-18943f79b80"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e03146a61bb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-Bold.ttf
therecord.media/fonts/ 309 KB
151 KB 192ms
191ms Font
font/ttf 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Bold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/2bef7a7062791382.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/2bef7a7062791382.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17714b9a81a2c5a8951f2cd3371923fa-664e6fd0def46361-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100134-IAD, cache-fra-eddf8230048-FRA
last-modified: Tue, 11 Jul 2023 08:00:48 GMT
server: cloudflare
etag: W/"4d2c4-18943f79b80"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e03146a62bb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 163 KB
61 KB 92ms
39ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Requested by

Host: therecord.media
URL: https://therecord.media/ransomware-gangs-extorted-record-amounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

918d5f92873c78e0d9711cfc920a12cfc2f2e0a821adb0af1c9b19e6a8d3620b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61658
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 00:14:02 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Jul 2023 02:14:23 GMT

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 199 KB
58 KB 159ms
96ms Script
application/javascript 2600:9000:224a:2c00:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Requested by: Host: therecord.media
URL: https://therecord.media/ransomware-gangs-extorted-record-amounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:2c00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fb145f1185850a1f9937c5d5afb3260adbcef791d0a94e1c09b54aa00808982

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:24 GMT
x-amz-version-id: T3VVylcW4ZUVSABprJtJmBafSdXY4jAi
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 02:15:06 GMT
server: AmazonS3
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
etag: W/"3e98a39e2d8f2b464999b40df3c2172d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-replication-status: COMPLETED
x-amz-cf-id: W9qhqAQVKPX9V6_w9btJ3rE6pLtZj8j_D225v-wzK02oexm1KDf3nA==

GET
H2 200 container_41sBJe2I.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 27 KB
9 KB 141ms
80ms Script
application/javascript 2600:9000:224a:2c00:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/container_41sBJe2I.js
Requested by: Host: therecord.media
URL: https://therecord.media/ransomware-gangs-extorted-record-amounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:2c00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58b7835fb7b6028146a46edd3ef238b71759d0a5d597ce39f90b7de730899e92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:24 GMT
x-amz-version-id: Xp.qiLs.ZhMcRdIRto4WxBiX5kNGHcfO
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 04:07:33 GMT
server: AmazonS3
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
etag: W/"839ec9cd752c4e512960109f6ac6b404"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-replication-status: COMPLETED
x-amz-cf-id: 420bC_6wgsbaUhYroy1QlWSOfCoSyyiyRKnUQf6lHiRCiU0Jdqkxtw==

GET
H2 200 articles Show response
cms.therecord.media/api/ 10 KB
4 KB 646ms
604ms XHR
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editor&populate[3]=editor.page&populate[4]=image&populate[5]=image.desktop&populate[6]=image.tablet&populate[7]=image.mobile&populate[8]=tags&populate[9]=tags.page&populate[10]=page&filters[id][$ne]=3227&filters[date][$lte]=2023-07-12T18%3A25%3A00.000Z&filters[page][id][$notNull]=true&filters[page][publishedAt][$notNull]=true&filters[$and][0][$or][0][showFrom][$null]=true&filters[$and][0][$or][1][showFrom][$lte]=2023-07-13T02%3A14%3A23%2B00%3A00&filters[$and][1][$or][0][listingShowFrom][$null]=true&filters[$and][1][$or][1][listingShowFrom][$lte]=2023-07-13T02%3A14%3A23%2B00%3A00&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Adesc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/977-e38b8fb396ffc0d3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

f7047d04ac0867b38a1d4832a478678ed751c21563159f714bfc78036ed21c1c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
traceresponse: 00-17714b9acec1c6a629ad31a9219790f2-433375699caa438b-00
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
referrer-policy: no-referrer
server: cloudflare
expect-ct: max-age=0
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-download-options: noopen
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
cf-ray: 7e5e031b4e4b3651-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 articles Show response
cms.therecord.media/api/ 9 KB
3 KB 467ms
425ms XHR
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editor&populate[3]=editor.page&populate[4]=image&populate[5]=image.desktop&populate[6]=image.tablet&populate[7]=image.mobile&populate[8]=tags&populate[9]=tags.page&populate[10]=page&filters[id][$ne]=3227&filters[date][$gte]=2023-07-12T18%3A25%3A00.000Z&filters[page][id][$notNull]=true&filters[page][publishedAt][$notNull]=true&filters[$and][0][$or][0][showFrom][$null]=true&filters[$and][0][$or][1][showFrom][$lte]=2023-07-13T02%3A14%3A23%2B00%3A00&filters[$and][1][$or][0][listingShowFrom][$null]=true&filters[$and][1][$or][1][listingShowFrom][$lte]=2023-07-13T02%3A14%3A23%2B00%3A00&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Aasc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/977-e38b8fb396ffc0d3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

85c2f11f840da71800278a065aeb77c269e6b63a30def8593d7dc50243024395

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
traceresponse: 00-17714b9aced702e4260ee2e6e256df29-202b34d28274d7ab-00
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
referrer-policy: no-referrer
server: cloudflare
expect-ct: max-age=0
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-download-options: noopen
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
cf-ray: 7e5e031b4e4c3651-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 articles Show response
cms.therecord.media/api/ 3 KB
2 KB 208ms
167ms XHR
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?fields[0]=title&fields[1]=date&fields[2]=publishedAt&filters[isBrief][$eq]=true&filters[page][id][$notNull]=true&filters[page][publishedAt][$notNull]=true&filters[$and][0][$or][0][showFrom][$null]=true&filters[$and][0][$or][1][showFrom][$lte]=2023-07-13T02%3A14%3A23%2B00%3A00&filters[$and][1][$or][0][listingShowFrom][$null]=true&filters[$and][1][$or][1][listingShowFrom][$lte]=2023-07-13T02%3A14%3A23%2B00%3A00&populate[page][fields][0]=slug&sort[0]=date%3Adesc&pagination[limit]=9

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/977-e38b8fb396ffc0d3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

8dcafc830421e0ccd37e6af654f8d070cb867b80fc3ff264df07750d6b3952c9

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
traceresponse: 00-17714b9ac2d0a9ecafe3a782dbd90143-61108116592d9fd6-00
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
referrer-policy: no-referrer
server: cloudflare
expect-ct: max-age=0
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-download-options: noopen
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
cf-ray: 7e5e031b4e4e3651-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 research Show response
www.recordedfuture.com/feed/ 515 KB
149 KB 100ms
42ms Fetch
text/xml 104.18.6.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/feed/research

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/977-e38b8fb396ffc0d3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64a217a3c2da627b89665866a31a16a9fd805bc0c5b89e8bdd58580b0c921d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/rss+xml
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-bac7380798664d7697b0cf11d33520e7, i-bac7380798664d7697b0cf11d33520e7
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 545
traceresponse: 00-17714b1bb215a5db2ed53b2838b2a629-b8a979caad568da4-00
x-cache: HIT
foo: bar
content-length: 152404
x-served-by: cache-fra-eddf8230093-FRA
server: cloudflare
vary: Accept-Encoding
content-type: text/xml
access-control-allow-origin: *
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7e5e031b6b0e91d1-FRA
x-cache-hits: 1

GET
H2 200 news.json Show response
therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/news/ 7 KB
2 KB 44ms
43ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/news/news.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11060f78f8b7bfe604ceeaa3241e4a42903d6fa9e8e4076d1e7080b9caecef0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 34
traceresponse: 00-17713afcc85aaf20a9748b6fb7d57fb4-3866c6340681d4d5-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200120-IAD, cache-fra-eddf8230124-FRA
server: cloudflare
etag: W/"1c3e-NedNa8R3260w6vQDqVvHHxnJuLY"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e031b3e97bb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 479, 1

GET
H2 200 jonathan-greig.json Show response
therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/author/ 9 KB
3 KB 39ms
38ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/author/jonathan-greig.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd14b4431af4600a0abf6e1e85fea4c174a733afbd86bdcbdbda2833f9214ed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 21
traceresponse: 00-17713275450f01e077d9dea27c8545b9-857c3eed97e9d07c-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100107-IAD, cache-fra-eddf8230105-FRA
server: cloudflare
etag: W/"22c9-55xJimU4J6ZOmJIkI3+m/aWpMl8"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e031b3e98bb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 44, 1

GET
H2 200 subscribe.json Show response
therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/ 8 KB
2 KB 41ms
40ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/subscribe.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94e884652e4f6b5a6a1a447b5e0b63e718a3501033829a7f0e2e906633a661e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 47
traceresponse: 00-17713273b66b04a191b7b21eb8d2abcf-bf7d85561d1172b2-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100134-IAD, cache-fra-eddf8230073-FRA
server: cloudflare
etag: W/"1f1e-BWYzycqxQ39VanSEoPCKYZnYs0c"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e031b3e99bb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 20, 1

GET
H2 200 contact.json Show response
therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/ 8 KB
2 KB 39ms
39ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/contact.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43e9d56098d69382620d29c21628254895bd5b9f9ae2ba3d122f0f7f1c625536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 59
traceresponse: 00-17713273b92783a629366c0ea7fa8d7c-d15f25efe53bf7e8-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000153-IAD, cache-fra-eddf8230128-FRA
server: cloudflare
etag: W/"2157-wnmM0AJxI3yt5Z0KKJ8ngzHG8Nc"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e031b3e9abb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 18, 1

GET
H2 200 podcast.json Show response
therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/ 140 KB
29 KB 41ms
40ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/podcast.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc14e80a2b8c50ad21ee044198f305e7ca681ddafb197fec9536dc747d7a3145

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 59
traceresponse: 00-177140034d9873edeeaf47710b84eefc-8058453cc35f6aef-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000057-IAD, cache-fra-eddf8230077-FRA
server: cloudflare
etag: W/"22e2d-1XJqOTPL7bakfiffNSQBRoa0uaY"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e031b3e9bbb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 6, 1

GET
H2 200 about.json Show response
therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/ 36 KB
7 KB 44ms
44ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/about.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94a152a4825ae880c03c2c9eb45f6ea28efb81b4531a25c91dac8189d15e1743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 59
traceresponse: 00-17713273b8e48fca23b97ef9a6441768-b9b0337ae679d64c-00
x-cache: MISS, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100062-IAD, cache-fra-eddf8230096-FRA
server: cloudflare
etag: W/"91b3-DKZ8EXRML4bhU5vbM9l75baZOgs"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e031b3e9dbb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 1

GET
H2 200 technology.json Show response
therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/news/ 7 KB
2 KB 40ms
39ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/news/technology.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c4347d8e60e5d8b02b0909d7b09b5d20cc6f48cc99b9c89f0b6dd431f7a1f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 59
traceresponse: 00-17713273b69d92885f1b8fb765f81576-efe6985b365163ac-00
x-cache: MISS, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100146-IAD, cache-fra-eddf8230095-FRA
server: cloudflare
etag: W/"1c59-6g6xi9gnQVi8cI9OEb44W32JbIw"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e031b3e9ebb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 1

GET
H2 200 people.json Show response
therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/news/ 7 KB
2 KB 39ms
39ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/news/people.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f937aad0b77870af6fd56e5fe55e7bd11c6428fcf841341d7b06be0e400eda13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 59
traceresponse: 00-17713273b93b90449ccc207fd7b63c3e-8ce208f40e7dd75a-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100143-IAD, cache-fra-eddf8230097-FRA
server: cloudflare
etag: W/"1c45-qF84qAgWTiFX1EzsURDAduv4YvM"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e031b3e9fbb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 165, 1

GET
H2 200 nation-state.json Show response
therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/news/ 7 KB
2 KB 40ms
39ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/news/nation-state.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

995174f614ebea8bc49d350830b7360a847d087bda02e887cd1b1f88ec437cef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 59
traceresponse: 00-17713f3e9bed4b4e39466dd792a99957-e007e14074fecdd5-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100133-IAD, cache-fra-eddf8230134-FRA
server: cloudflare
etag: W/"1c62-GJ4wB2D5FDaPxtPVorO4oP2ykKA"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e031b4ea0bb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 598, 1

GET
H2 200 cybercrime.json Show response
therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/news/ 7 KB
2 KB 55ms
55ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/news/cybercrime.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c7699c1770e1e8726aa9dca6250ecd1d82bdabd4ba16a96a5b9f0497d707d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 59
traceresponse: 00-177140034e75e014e4dc53fde6949c7c-daed4281bd0b0db8-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000027-IAD, cache-fra-eddf8230132-FRA
server: cloudflare
etag: W/"1c59-zH2kEA8y9El9MvE0SaiE3C4QF6M"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e031b4ea1bb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 467, 1

GET
H2 200 leadership.json Show response
therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/news/ 7 KB
2 KB 51ms
50ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/news/leadership.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a17ccb07cdf1000121ad323eb27493a5bc8a53a04d844702852a27eb9304113b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 59
traceresponse: 00-177140034c28fca8b5c16aa9b9e8da4f-53d76dc2181c6919-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100124-IAD, cache-fra-eddf8230105-FRA
server: cloudflare
etag: W/"1c59-5gNPqM/Xz5fnWf4Lr1IjR9Teg9Q"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e031b5eb2bb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 486, 1

GET
H2 200 index.json Show response
therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/ 48 KB
13 KB 141ms
141ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tjRoO-1bbZYAN86TYSS0X/index.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32808cd91a09ba14de58be676fb9b429b7d9b7276b20544c92499aaff2649bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 6
traceresponse: 00-1771494694e9525df5b8e28c137760e2-de5c75a3a83243cf-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100080-IAD, cache-fra-eddf8230134-FRA
server: cloudflare
etag: W/"be78-eVPrvKr6jGMFVy2R1VhkygL9HPA"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7e5e031b5eb3bb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 8, 1

GET
H2 200 64dc3ec5-330c-4652-88d3-147ee65e90ba.js Show response
j.6sc.co/j/ 4 KB
2 KB 507ms
425ms Script
application/javascript 23.213.161.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/64dc3ec5-330c-4652-88d3-147ee65e90ba.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-224.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7b0b9f163454a2d476c3930174ed354b5d661060c2a2581e434f8b0b74392d76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: XiK7k1K4G4_9UcBg2.S65sIFd54SfIcU
content-encoding: gzip
date: Thu, 13 Jul 2023 02:14:23 GMT
x-amz-cf-pop: HKG60-C1
x-amz-server-side-encryption: AES256
x-amz-meta-content-type: application/json
content-length: 1176
pragma: no-cache
last-modified: Fri, 31 Mar 2023 18:59:38 GMT
server: AmazonS3
etag: "29e881d3528b8d3d0ef42c057d73a114"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: wD6_FuW7OxrtKugrC_ymO0qK0rR4S0Md0BEwYgPdjmVWuhAoqtlY8w==
expires: Thu, 13 Jul 2023 02:14:23 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 31 KB
10 KB 105ms
25ms Script
application/javascript 23.213.161.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: therecord.media
URL: https://therecord.media/ransomware-gangs-extorted-record-amounts

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-224.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4585de074993b4da8a79534bcff1888de422aa3eeb91e4abe7c0717e208db0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 02:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Mar 2022 23:40:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "623bafe1-7ad3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 9828
expires: Thu, 13 Jul 2023 02:14:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
87 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EYNZBT8ZP2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f5303f7f0e1b4b89ce87c41f6f86795f7d2216aba94b373d2d9328bc0c920673

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88851
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Jul 2023 02:14:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jul 2023 01:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4186
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 13 Jul 2023 03:04:37 GMT

GET
H2 200 252628.js Show response
js.hs-scripts.com/ 1 KB
1 KB 455ms
409ms Script
application/javascript 2606:4700::6812:853b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/252628.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:853b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c24ab16baf905f92e3ee45572f24f2167995186c66c2aed823f491ed85986c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
content-encoding: br
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 159815eb-71f7-4170-8072-c1ad75c4ee1a
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 159815eb-71f7-4170-8072-c1ad75c4ee1a
last-modified: Thu, 13 Jul 2023 02:08:12 GMT
server: cloudflare
x-trace: 2BF48F77A8596B31CC06090762D1B191C6B6EC156D000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://therecord.media
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-4lp8p
cf-ray: 7e5e031b9cfe3677-FRA
expires: Thu, 13 Jul 2023 02:15:23 GMT

GET
H2 200 ef46db3751d8e999.css Show response
therecord.media/_next/static/css/ 0
232 B 40ms
40ms Fetch
text/css 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/css/ef46db3751d8e999.css

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 1873082
traceresponse: 00-176aa40bb4cd147f68dc9fcad48e9b13-8c1bd056201c33f1-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 0
x-served-by: cache-iad-kcgs7200091-IAD, cache-fra-eddf8230055-FRA
last-modified: Wed, 21 Jun 2023 09:56:09 GMT
server: cloudflare
etag: W/"0-188dd6206ae"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
cf-ray: 7e5e031b5eb5bb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 1, 2

POST
H2 204 matomo.php
recordedfuture.matomo.cloud/ 0
167 B 111ms
50ms Ping
text/plain 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/matomo.php?action_name=therecord.media%2FRansomware%20gangs%20have%20extorted%20%24449%20million%20this%20year%3A%20Chainalysis&idsite=2&rec=1&r=480952&h=2&m=14&s=23&url=https%3A%2F%2Ftherecord.media%2Fransomware-gangs-extorted-record-amounts&_id=b2a7f66f8e668c86&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=iNVA1j&fa_pv=1&fa_fp[0][fa_vid]=oHcEVd&fa_fp[0][fa_fv]=1&pf_net=57&pf_srv=126&pf_tfr=2&pf_dm1=9&pf_dm2=973&pf_onl=7&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://therecord.media
date: Thu, 13 Jul 2023 02:14:23 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 configs.php Show response
recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/ 116 B
291 B 66ms
29ms Script
application/javascript 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=fExMr2&url=https%3A%2F%2Ftherecord.media%2Fransomware-gangs-extorted-record-amounts
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: d79e68c9a687c4dc5796a6125516666215cb90876bdf257b5302320144e56290

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
content-encoding: gzip
server: Apache
content-length: 119
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type: application/javascript

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 83ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EYNZBT8ZP2&gtm=45je37a0&_p=1959447490&_gaz=1&cid=1461841339.1689214463&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689214463&sct=1&seg=0&dl=https%3A%2F%2Ftherecord.media%2Fransomware-gangs-extorted-record-amounts&dt=Ransomware%20gangs%20have%20extorted%20%24449%20million%20this%20year%3A%20Chainalysis&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYNZBT8ZP2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 02:14:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://therecord.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 83ms
28ms Ping
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EYNZBT8ZP2&cid=1461841339.1689214463&gtm=45je37a0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYNZBT8ZP2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 02:14:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://therecord.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 104ms
53ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EYNZBT8ZP2&cid=1461841339.1689214463&gtm=45je37a0&aip=1&z=539981319

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 02:14:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
220 B 27ms
27ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1959447490&t=pageview&_s=1&dl=https%3A%2F%2Ftherecord.media%2Fransomware-gangs-extorted-record-amounts&ul=en-us&de=UTF-8&dt=Ransomware%20gangs%20have%20extorted%20%24449%20million%20this%20year%3A%20Chainalysis&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=540912470&gjid=1252573824&cid=1461841339.1689214463&tid=UA-9153858-16&_gid=543021284.1689214463&_r=1&_slc=1&gtm=45He37a0n81PVJ5W86&z=843117263

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

c6421f609cd61551ff948070601ddc54727d75ed1d42b77a65f349438ceab3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 02:14:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://therecord.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
573 B 114ms
35ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 02:14:23 GMT
an-x-request-uuid: bf997a23-d612-43a3-82ad-712460a04e9e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.21; 217.114.218.21; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
192 B 23ms
22ms XHR
text/html 23.213.161.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
80 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F540L9EG7D&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3eb68a5d3fbcdfeec043d4615560356b74793dfe5e35571a2746e451e9060cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81949
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Jul 2023 02:14:23 GMT

GET
H2 200 image
therecord.media/_next/ 139 KB
140 KB 183ms
182ms Image
image/webp 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2F2023_0710_Blog_China_s_Targeting_of_International_Companies_in_Geopolitical_Competition_Main_Feature_7e6549facc.jpg&w=1920&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e4982cc8291d2497cfa5956d4bf01b7ffba61425a9e2f5276e30f7c2ecbdf07

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17714b9acf9dfca60ccd44ca02350ed5-b1c083b25b4fe185-00
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="2023_0710_Blog_China_s_Targeting_of_International_Companies_in_Geopolitical_Competition_Main_Feature_7e6549facc.webp"
content-length: 142794
x-served-by: cache-iad-kiad7000052-IAD, cache-fra-eddf8230097-FRA
server: cloudflare
etag: TkmCzIKR0kl8+llW1L8Bt-+6YUJani9SduMPfC7L3wc=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
cf-ray: 7e5e031c9f7bbb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 image
therecord.media/_next/ 79 KB
79 KB 170ms
170ms Image
image/webp 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Fescalating_global_risk_main_987e9e8dfe.jpg&w=1920&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5b613210dc3870d08fc0a5999a8d1b380dee391c98db3cc4fb5b236d742144

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17714b9acf99e24321d3f5a871254b9b-ea1a803c4e83f874-00
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="escalating_global_risk_main_987e9e8dfe.webp"
content-length: 80874
x-served-by: cache-iad-kjyo7100097-IAD, cache-fra-eddf8230128-FRA
server: cloudflare
etag: DFthMhDcOHDQj8ClmZqNGzgN7jkcmNs8xPtbI210IUQ=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
cf-ray: 7e5e031c9f7cbb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 image
therecord.media/_next/ 111 KB
111 KB 187ms
187ms Image
image/webp 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2F2023_0620_North_Korea_s_Cyber_Strategy_Main_Feature_96145be877.jpg&w=1920&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25b2648b4197b20e9610873babad67a5cff62911eed8dc7a31dc34acaacda3e7

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/ransomware-gangs-extorted-record-amounts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17714b9acfabeb96d866f7cf54a746ea-66d8a94645815b26-00
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="2023_0620_North_Korea_s_Cyber_Strategy_Main_Feature_96145be877.webp"
content-length: 113470
x-served-by: cache-iad-kjyo7100109-IAD, cache-fra-eddf8230095-FRA
server: cloudflare
etag: JbJki0GXsg6WEIc7q61npc-2KRHu2Nx6Mdw0rKrNo+c=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
cf-ray: 7e5e031c9f7dbb3b-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 34ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-F540L9EG7D&gtm=45je37a0&_p=1959447490&ul=en-us&sr=1600x1200&cid=1461841339.1689214463&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBA&ngs=1&_s=1&dl=https%3A%2F%2Ftherecord.media%2Fransomware-gangs-extorted-record-amounts&dt=Ransomware%20gangs%20have%20extorted%20%24449%20million%20this%20year%3A%20Chainalysis&sid=1689214463&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F540L9EG7D&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 02:14:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://therecord.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 220ms
219ms Image
image/gif 23.213.161.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=16f8075e-bc25-4b85-8b7a-63c9321b28e8&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2013%20Jul%202023%2002%3A14%3A23%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Ransomware%20gangs%20have%20operated%20at%20a%20near-record%20profit%20in%20the%20first%20six%20months%20of%20the%20year%2C%20extorting%20more%20than%20%24449%20million%20from%20victims%2C%20according%20to%20blockchain%20research%20firm%20Chainalysis.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Ransomware%20gangs%20have%20extorted%20%24449%20million%20this%20year%3A%20Chainalysis%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fransomware-gangs-extorted-record-amounts&pageViewId=d72d6361-6a85-4821-8ad9-63478a039454&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-224.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 770 B
594 B 72ms
26ms XHR
application/json 18.158.110.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.110.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-110-93.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ad78f5aa98b6c9095dad4b4e9a6ccb95eccc863a0a595c2b1bf26b03a364422b

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
Authorization: Token edabaa1866fe08952dde1be9ff37302d63145f08
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
content-length: 410

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ 0
0 90ms
22ms Preflight 18.158.110.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.110.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-110-93.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://therecord.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://therecord.media
access-control-max-age: 1800
date: Thu, 13 Jul 2023 02:14:23 GMT
server: nginx

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1959447490&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftherecord.media%2Fransomware-gangs-extorted-record-amounts&ul=en-us&de=UTF-8&dt=Ransomware%20gangs%20have%20extorted%20%24449%20million%20this%20year%3A%20Chainalysis&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=1461841339.1689214463&tid=UA-9153858-16&_gid=543021284.1689214463&gtm=45He37a0n81PVJ5W86&cd1=&cd2=&cd3=&cd4=&cd5=&cd8=&z=731419890

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 00:37:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5790
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
386 B 220ms
219ms Image
image/gif 23.213.161.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6sense-temp-analytics&svisitor=null&session=16f8075e-bc25-4b85-8b7a-63c9321b28e8&event=epsilon&q=%7B%22name%22%3A%22https%3A%2F%2Fepsilon.6sense.com%2Fv3%2Fcompany%2Fdetails%22%2C%22entryType%22%3A%22resource%22%2C%22startTime%22%3A1695.6999969482422%2C%22duration%22%3A162.9000015258789%2C%22initiatorType%22%3A%22xmlhttprequest%22%2C%22nextHopProtocol%22%3A%22%22%2C%22renderBlockingStatus%22%3A%22non-blocking%22%2C%22workerStart%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A1695.6999969482422%2C%22domainLookupStart%22%3A0%2C%22domainLookupEnd%22%3A0%2C%22connectStart%22%3A0%2C%22secureConnectionStart%22%3A0%2C%22connectEnd%22%3A0%2C%22requestStart%22%3A0%2C%22responseStart%22%3A0%2C%22responseEnd%22%3A1858.599998474121%2C%22transferSize%22%3A0%2C%22encodedBodySize%22%3A0%2C%22decodedBodySize%22%3A0%2C%22responseStatus%22%3A200%2C%22serverTiming%22%3A%5B%5D%7D&isIframe=false&m=%7B%22endpoint%22%3A%22epsilon.6sense.com%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fransomware-gangs-extorted-record-amounts&pageViewId=&d=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-224.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
572 B 37ms
36ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 02:14:23 GMT
an-x-request-uuid: 8385f793-55c2-4600-ae29-14a1f3af972e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.21; 217.114.218.21; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 252628.js Show response
js.hs-analytics.net/analytics/1689214200000/ 67 KB
21 KB 202ms
158ms Script
text/javascript 2606:4700::6810:8cce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1689214200000/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8cce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8633ec224fea54aae1a35df142012bf73b209ea420d5632566c23e73819034a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:23 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: A5SX64PZZKPFXMYH
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 0cd0c7e3-2ee2-4686-8d9a-55b6329a0067
x-envoy-upstream-service-time: 20
x-amz-id-2: otUwT/bb6IiOo6YCp6reSOi1XEiijMKlztd7KTGX1F176qFan0twsqS7ppWoABmuXbvQNTsTE/qA+wyi/ANngwBIwTGQob7+PTR56nP1Q9E=
x-evy-trace-listener: listener_https
x-request-id: 0cd0c7e3-2ee2-4686-8d9a-55b6329a0067
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 15 Jun 2023 14:39:44 GMT
server: cloudflare
etag: W/"1a185f04189c5f62ac3781efe763d279"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-ns2gd
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7e5e031ecfc919ad-FRA
expires: Thu, 13 Jul 2023 02:19:23 GMT

GET
H2 200 252628.js Show response
js.hs-banner.com/ 60 KB
16 KB 451ms
407ms Script
text/javascript 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9239f316beef45cfc6ba7c2b31298e0da40af5924c7c20894960238ede334d68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:24 GMT
x-amz-version-id: 1DTjZqz8w6c0vLd7dsrtWpmr4CMJx9XZ
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 05T9RBA099SZW30V
x-amz-server-side-encryption: AES256
x-amz-id-2: sQFE6Re8sEZBEhbEaeKqrTEH5VzO6YVW8rmjDOUORON5CYZSTNYOne3blIxiOB2PmFa7JgQEyNBspRdH7Y5VXrBH5tor7SCF1Y/Oh+mfZZ4=
last-modified: Mon, 17 Apr 2023 14:55:34 GMT
server: cloudflare
etag: W/"07022bb1d6cfa926ffae0fefc0ebffb7"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://securitytrails.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7e5e031ecda38fe2-FRA
expires: Thu, 13 Jul 2023 02:19:24 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 539 KB
86 KB 84ms
28ms Script
application/javascript 2606:4700::6811:806e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:806e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 992bfde39df74e4de1e68bfa77c0e87a92c514b16a8b65232e0d459527cb4293

Request headers

Referer: https://therecord.media/
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-encoding: br
age: 38537
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1218/bundle/main/lead-flows-release.js&cfRay=7e5a56467f5d2c5f-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"eb706f9fd4ffcb4af82e3943cdb4fca7"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1218/bundle/main/lead-flows-release.js
date: Thu, 13 Jul 2023 02:14:23 GMT
x-amz-version-id: Bo6b2RHyIMWAhD5zAaPrMpUIv7qDcQIq
via: 1.1 c3d335addde48969fafe25d4064cee80.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 44833bf5-9be2-4b65-81c4-9fd2123986fd
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-request-id: 44833bf5-9be2-4b65-81c4-9fd2123986fd
last-modified: Tue, 11 Jul 2023 12:52:50 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-mm66x
cf-ray: 7e5e031edb092c5b-FRA
x-amz-cf-id: anFFG7MMGPEt41W3rpU6buRwyENTOwKCb4bwpVeJm5AjTZqUITdjbw==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 186ms
139ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2241961375&v=1.1&a=252628&pu=https%3A%2F%2Ftherecord.media%2Fransomware-gangs-extorted-record-amounts&t=Ransomware+gangs+have+extorted+%24449+million+this+year%3A+Chainalysis&cts=1689214463965&vi=5d11f331b05fc4b3ecef360d59175fcc&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a60811f8-b309-4159-852b-f9c43de1c32e
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a60811f8-b309-4159-852b-f9c43de1c32e
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGJv4X7MFgRVm4DV7ik%2FjnnWVB0qcj8JWT31IL4xe3G6gKPgvWdRnAtwgGHTpoY1rqmVf8gECt3SGkYeTEdYec0hhlk5Rd7OZ5lcYDaGjBFgVva6Pnq7GKW6KMKvAUjhMDRurN%2F7WlCzeajWX0wm"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-vrlgm
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7e5e03202daf5b32-FRA
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 2 KB
2 KB 509ms
457ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=252628&utk=5d11f331b05fc4b3ecef360d59175fcc&__hstc=156209188.5d11f331b05fc4b3ecef360d59175fcc.1689214463963.1689214463963.1689214463963.1&__hssc=156209188.1.1689214463963&currentUrl=https%3A%2F%2Ftherecord.media%2Fransomware-gangs-extorted-record-amounts

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4c48f987113185ab0716c676a5661043abbcf1c732d3ea031346b7480dc8802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1ce0c938-819b-43b7-aa4f-d3ce98039f56
x-envoy-upstream-service-time: 62
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1ce0c938-819b-43b7-aa4f-d3ce98039f56
server: cloudflare
access-control-max-age: 180
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://therecord.media
x-evy-trace-virtual-host: all
content-type: application/json;charset=utf-8
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-rgcrk
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JUoqYC1%2FRVOWVpmYCsBdd5FBSX3GOkbgJsbE%2BZD1MVFuF7%2BKgDcL4ZGp5zpvsbJ7%2B364zxxrhzVu6gm0zU%2FmEw06KcXkgWLTCANNYnPB74Ys9AMmA7PauMYgq08Lttx6XuKVUkCuTzEcs941xsg1"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7e5e0321b94f9bf2-FRA

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 221ms
220ms Image
image/gif 23.213.161.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=16f8075e-bc25-4b85-8b7a-63c9321b28e8&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2013%20Jul%202023%2002%3A14%3A24%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2013%20Jul%202023%2002%3A14%3A23%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%221001%22%7D&isIframe=false&m=%7B%22description%22%3A%22Ransomware%20gangs%20have%20operated%20at%20a%20near-record%20profit%20in%20the%20first%20six%20months%20of%20the%20year%2C%20extorting%20more%20than%20%24449%20million%20from%20victims%2C%20according%20to%20blockchain%20research%20firm%20Chainalysis.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Ransomware%20gangs%20have%20extorted%20%24449%20million%20this%20year%3A%20Chainalysis%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fransomware-gangs-extorted-record-amounts&pageViewId=d72d6361-6a85-4821-8ad9-63478a039454&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-224.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:24 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
460 B 388ms
388ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=1b047a85-2db0-47ce-a965-8fa2de5a991b&lfi=2694169&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2241961375&v=1.1&a=252628&pu=https%3A%2F%2Ftherecord.media%2Fransomware-gangs-extorted-record-amounts&t=Ransomware+gangs+have+extorted+%24449+million+this+year%3A+Chainalysis&cts=1689214464731&vi=5d11f331b05fc4b3ecef360d59175fcc&nc=true&u=156209188.5d11f331b05fc4b3ecef360d59175fcc.1689214463963.1689214463963.1689214463963.1&b=156209188.1.1689214463963&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d2a5113e-81d2-4823-9403-5a0c54a49189
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d2a5113e-81d2-4823-9403-5a0c54a49189
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sg%2FAo5QeCgUIdht8Vn5BYZhvZl%2FbsB46CMFrU92HoSj6w%2FllHAUVoNjonM%2BdCbMkvJvOL5HlLA6lh7ZhMK7CVIsTd9yQ60jo5gF5T3VhYTAF7h3SVT9P2WdJGAjkMCz0t%2FjYjZpIxlaojD1Mrh3u"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-j9299
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7e5e0324af065b32-FRA
x-robots-tag: none

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 218ms
218ms Image
image/gif 23.213.161.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=16f8075e-bc25-4b85-8b7a-63c9321b28e8&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2013%20Jul%202023%2002%3A14%3A25%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2013%20Jul%202023%2002%3A14%3A24%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%222004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Ransomware%20gangs%20have%20operated%20at%20a%20near-record%20profit%20in%20the%20first%20six%20months%20of%20the%20year%2C%20extorting%20more%20than%20%24449%20million%20from%20victims%2C%20according%20to%20blockchain%20research%20firm%20Chainalysis.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Ransomware%20gangs%20have%20extorted%20%24449%20million%20this%20year%3A%20Chainalysis%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fransomware-gangs-extorted-record-amounts&pageViewId=d72d6361-6a85-4821-8ad9-63478a039454&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-224.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:25 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 iphone-cd1.jpg
go.recordedfuture.com/hubfs/ 83 KB
85 KB 147ms
46ms Image
image/webp 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.recordedfuture.com/hubfs/iphone-cd1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab221b9e81a8439634c9f73c15c96457f75d3632fea1f6256fa4833acc6a314a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-99167145604,P-252628,FLS-ALL
age: 521993
x-amz-request-id: YEDW691B6KWPBZZZ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-99167145604,P-252628,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="iphone-cd1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "f5c3d1b581a50e5c3637310137a43f0e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1674144065940
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Thu, 13 Jul 2023 02:14:25 GMT
strict-transport-security: max-age=31536000
via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CyJHfLHHqfqm77ShwrX4xZ78eMxn5Xvx
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=229013
x-cache: RefreshHit from cloudfront
cache-tag: F-99167145604,P-252628,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 85082
x-amz-id-2: ZfrB6ECwXqdn05btDZ/UCQ2ck4nbjMkZdUcmNa/7pyhKH9N7X1JVjA7o4DJetMrYS6NlDOhlJ70gTY3i5a+FHWRMreaWyUZeE7M2xZU1LgQ=
last-modified: Thu, 19 Jan 2023 16:01:07 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjILnDkxPgIcphBQa5xhpCp6vsj1PAqnGVLMOT9j9ICJwbk0kyEBYb%2B8Fc0PDQkJBtR%2BXhzv6aeIyLa%2BjmVvvY2DlCJ8lBloU0puWHcSaOvAFlz5sQxpSFkUI%2B4J3SC60Zwq1709eehBPU2H8zj1DjPSpA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e5e032b7e8c3611-FRA
x-amz-cf-id: Ez3nqwAu8qdKnRqhQ-XYclwqknV9JkNlgtn-cq1HKtjegSUPzRxExg==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 220ms
220ms Image
image/gif 23.213.161.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=16f8075e-bc25-4b85-8b7a-63c9321b28e8&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2013%20Jul%202023%2002%3A14%3A26%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2013%20Jul%202023%2002%3A14%3A25%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Ransomware%20gangs%20have%20operated%20at%20a%20near-record%20profit%20in%20the%20first%20six%20months%20of%20the%20year%2C%20extorting%20more%20than%20%24449%20million%20from%20victims%2C%20according%20to%20blockchain%20research%20firm%20Chainalysis.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Ransomware%20gangs%20have%20extorted%20%24449%20million%20this%20year%3A%20Chainalysis%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fransomware-gangs-extorted-record-amounts&pageViewId=d72d6361-6a85-4821-8ad9-63478a039454&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-224.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:26 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 220ms
220ms Image
image/gif 23.213.161.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=16f8075e-bc25-4b85-8b7a-63c9321b28e8&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2013%20Jul%202023%2002%3A14%3A27%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2013%20Jul%202023%2002%3A14%3A26%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224006%22%7D&isIframe=false&m=%7B%22description%22%3A%22Ransomware%20gangs%20have%20operated%20at%20a%20near-record%20profit%20in%20the%20first%20six%20months%20of%20the%20year%2C%20extorting%20more%20than%20%24449%20million%20from%20victims%2C%20according%20to%20blockchain%20research%20firm%20Chainalysis.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Ransomware%20gangs%20have%20extorted%20%24449%20million%20this%20year%3A%20Chainalysis%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fransomware-gangs-extorted-record-amounts&pageViewId=d72d6361-6a85-4821-8ad9-63478a039454&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-224.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 02:14:27 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.therecord.media/	1970-01-20 22:39:29	Name: _pk_id.2.de70 Value: b2a7f66f8e668c86.1689214463.
.therecord.media/	1970-01-20 13:13:36	Name: _pk_ses.2.de70 Value: 1
.therecord.media/	1970-01-20 22:49:34	Name: _ga_EYNZBT8ZP2 Value: GS1.1.1689214463.1.0.1689214463.60.0.0
.therecord.media/	1970-01-20 22:49:34	Name: _ga Value: GA1.2.1461841339.1689214463
.therecord.media/	1970-01-20 13:15:00	Name: _gid Value: GA1.2.543021284.1689214463
.therecord.media/	1970-01-20 13:13:34	Name: _gat_UA-9153858-16 Value: 1
therecord.media/	1970-01-20 13:23:39	Name: _an_uid Value: 0
therecord.media/	1970-01-20 22:49:34	Name: _gd_visitor Value: 82d55048-d0ce-471d-8cd4-0cc8356c3990
therecord.media/	1970-01-20 13:13:48	Name: _gd_session Value: 16f8075e-bc25-4b85-8b7a-63c9321b28e8
.therecord.media/	1970-01-20 22:49:34	Name: _ga_F540L9EG7D Value: GS1.2.1689214463.1.0.1689214463.0.0.0
.6sc.co/	1970-01-20 22:49:34	Name: 6suuid Value: e0a0d5173b5a1200ff5daf64f6020000a4d51f00
.hubspot.com/	1970-01-20 13:13:36	Name: __cf_bm Value: 527xE.EJPUaXBG_wVHn2IXuW95cvtHWTgQWx0ux8vZQ-1689214464-0-AdcfjNu/MeSKDpXWc4d1CNxsI3GIZwBr5nBziyc/e8cGLLn2gvdGRdZIFK5BdA/ESyEkFLdYmUvauV7u7hPccXc=
.therecord.media/	1970-01-20 17:32:46	Name: __hstc Value: 156209188.5d11f331b05fc4b3ecef360d59175fcc.1689214463963.1689214463963.1689214463963.1
.therecord.media/	1970-01-20 17:32:46	Name: hubspotutk Value: 5d11f331b05fc4b3ecef360d59175fcc
.therecord.media/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.therecord.media/	1970-01-20 13:13:36	Name: __hssc Value: 156209188.1.1689214463963
.go.recordedfuture.com/	1970-01-20 13:13:36	Name: __cf_bm Value: a.d66UnitxLLDsGUTvn8_kEmBXYSfxaTT6RJ9cPWzzY-1689214465-0-AeVgnhe5T9K2M00vJRABFWWNS9xMD8e1LwJpoFh35cxhRogVp7fXY0cho+FZS4WV81NOWmWuJCjv5ZYoBfZv6vU=
.go.recordedfuture.com/	1969-12-31 23:59:59	Name: __cfruid Value: f280649bbfa80a68c597903721ff00c305778b22-1689214465

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.6sc.co
c.6sc.co
cdn.matomo.cloud
cms.therecord.media
epsilon.6sense.com
forms.hubspot.com
go.recordedfuture.com
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
recordedfuture.matomo.cloud
region1.analytics.google.com
region1.google-analytics.com
secure.adnxs.com
stats.g.doubleclick.net
therecord.media
track.hubspot.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.recordedfuture.com
104.18.6.66
18.158.110.93
185.89.211.12
2001:4860:4802:32::36
23.213.161.224
2600:9000:224a:2c00:c:7d55:b3c0:93a1
2606:2c40::c73c:67fe
2606:4700::6810:8cce
2606:4700::6811:806e
2606:4700::6812:18c4
2606:4700::6812:1c78
2606:4700::6812:853b
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c0a::9b
3.126.133.169
04b586d07a484c8434549bce3719c6b222f543da3992280d7d0e5aba73e58cc7
04c7bd8acf65fb3710235e4be01a7c4d661638f9917c4c56a818fbcc89990fb1
0c5b613210dc3870d08fc0a5999a8d1b380dee391c98db3cc4fb5b236d742144
11060f78f8b7bfe604ceeaa3241e4a42903d6fa9e8e4076d1e7080b9caecef0a
11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029
25b2648b4197b20e9610873babad67a5cff62911eed8dc7a31dc34acaacda3e7
2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470
2c4347d8e60e5d8b02b0909d7b09b5d20cc6f48cc99b9c89f0b6dd431f7a1f29
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32808cd91a09ba14de58be676fb9b429b7d9b7276b20544c92499aaff2649bbf
3c24ab16baf905f92e3ee45572f24f2167995186c66c2aed823f491ed85986c8
3c7699c1770e1e8726aa9dca6250ecd1d82bdabd4ba16a96a5b9f0497d707d84
3eb68a5d3fbcdfeec043d4615560356b74793dfe5e35571a2746e451e9060cab
4079636a69b73ee4cfa29eefa53395404418880d43ab2602acc76b164acca12a
4219d81a1c3a24a3d56b48388f38233c67bee491f2277b1a49381cdd48fd84a2
43d6ff096e1053bba99248308fa1f9233a56a80a0923b74d3a0a532d8fc1d84a
43e9d56098d69382620d29c21628254895bd5b9f9ae2ba3d122f0f7f1c625536
4585de074993b4da8a79534bcff1888de422aa3eeb91e4abe7c0717e208db0ea
494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a
4e4982cc8291d2497cfa5956d4bf01b7ffba61425a9e2f5276e30f7c2ecbdf07
54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7
58b7835fb7b6028146a46edd3ef238b71759d0a5d597ce39f90b7de730899e92
64a217a3c2da627b89665866a31a16a9fd805bc0c5b89e8bdd58580b0c921d3c
6dfb5a4ffffb53c23cc9494463b701a66bb41b82017e72ea13e67d9075490e5f
6fb145f1185850a1f9937c5d5afb3260adbcef791d0a94e1c09b54aa00808982
6fb3140db2839cabd3662044ef7791206df377b2211046abc71dd039f05fe082
7506f47d43bf49db6d46d19333d8a5aba269a9c821254745dc664af42284ce02
7b0b9f163454a2d476c3930174ed354b5d661060c2a2581e434f8b0b74392d76
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85c2f11f840da71800278a065aeb77c269e6b63a30def8593d7dc50243024395
8633ec224fea54aae1a35df142012bf73b209ea420d5632566c23e73819034a6
8dcafc830421e0ccd37e6af654f8d070cb867b80fc3ff264df07750d6b3952c9
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
918d5f92873c78e0d9711cfc920a12cfc2f2e0a821adb0af1c9b19e6a8d3620b
91bdc8029d05b1a5ab2a992b8a75ec154043241f793b5d433ddf744eaca261b4
9239f316beef45cfc6ba7c2b31298e0da40af5924c7c20894960238ede334d68
94a152a4825ae880c03c2c9eb45f6ea28efb81b4531a25c91dac8189d15e1743
94e884652e4f6b5a6a1a447b5e0b63e718a3501033829a7f0e2e906633a661e6
992bfde39df74e4de1e68bfa77c0e87a92c514b16a8b65232e0d459527cb4293
995174f614ebea8bc49d350830b7360a847d087bda02e887cd1b1f88ec437cef
a0b1f949528f7a3a2d2ff3b6df67c6c1b5cb8f62a2eba6eb5e06adff2d5795f3
a17ccb07cdf1000121ad323eb27493a5bc8a53a04d844702852a27eb9304113b
ab221b9e81a8439634c9f73c15c96457f75d3632fea1f6256fa4833acc6a314a
ad78f5aa98b6c9095dad4b4e9a6ccb95eccc863a0a595c2b1bf26b03a364422b
b4c48f987113185ab0716c676a5661043abbcf1c732d3ea031346b7480dc8802
c6421f609cd61551ff948070601ddc54727d75ed1d42b77a65f349438ceab3c3
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd14b4431af4600a0abf6e1e85fea4c174a733afbd86bdcbdbda2833f9214ed8
d79e68c9a687c4dc5796a6125516666215cb90876bdf257b5302320144e56290
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e124a35269796f901308dc9c34f157d82046399bedefbf417c7b9d8be8cbf892
e1885518498078290fc8152f0618b843ebfa8df10726b4571b11ec0355be9ee3
e2ea411b32eb0f8f7ecee62a4a599e510c68d51c04b0246e436a50ea016b70e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8
f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635
f30589d022e5188750a266bf379789ace026df4171a2c22236e9f665c84f0edb
f5303f7f0e1b4b89ce87c41f6f86795f7d2216aba94b373d2d9328bc0c920673
f7047d04ac0867b38a1d4832a478678ed751c21563159f714bfc78036ed21c1c
f937aad0b77870af6fd56e5fe55e7bd11c6428fcf841341d7b06be0e400eda13
fc14e80a2b8c50ad21ee044198f305e7ca681ddafb197fec9536dc747d7a3145
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

therecord.media Open in urlscan Pro 2606:4700::6812:1c78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

79 Requests

100 %HTTPS

74 %IPv6

16 Domains

23 Subdomains

20 IPs

4 Countries

3914 kBTransfer

7568 kBSize

18 Cookies

19 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

therecord.media Open in urlscan Pro
2606:4700::6812:1c78 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

100 %
HTTPS

74 %
IPv6

16
Domains

23
Subdomains

20
IPs

4
Countries

3914 kB
Transfer

7568 kB
Size

18
Cookies

79 HTTP transactions
1 data transactions