urlscan.io logo urlscan.io
SecurityTrails logo

therecord.media Open in urlscan Pro
2606:4700:4400::6812:20b5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.email.sans.org/?qs=c7eea00bf2a97ffc42805df41f767b0427e3a72372086d470ad8accb7c32f2ea162f3907c30a3a0cbea9cd6485ec...
Effective URL: https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632ba...
Submission: On April 10 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 2606:4700:4400::6812:20b5, located in United States and belongs to CLOUDFLARENET, US. The main domain is therecord.media. The Cisco Umbrella rank of the primary domain is 192109.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2023. Valid for: a year.
This is the only time therecord.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 136.147.189.155 14340 (SALESFORCE)
11 2606:4700:440... 13335 (CLOUDFLAR...)
2 104.17.2.184 13335 (CLOUDFLAR...)
2 104.17.3.184 13335 (CLOUDFLAR...)
19 4
Apex Domain
Subdomains		 Transfer
11 therecord.media
therecord.media — Cisco Umbrella Rank: 192109
267 KB
4 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4630
27 KB
1 sans.org
click.email.sans.org — Cisco Umbrella Rank: 802418
307 B
19 3
Domain Requested by
11 therecord.media therecord.media
4 challenges.cloudflare.com therecord.media
challenges.cloudflare.com
1 click.email.sans.org 1 redirects
19 3

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-18 -
2024-05-17		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 3 frames:

Primary Page: https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Frame ID: C78BDB9B9D1E31301DAF38FA5A1D93BD
Requests: 17 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/76afi/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: C89F84BD534A1FAE15FF17ECF0036808
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qyzca/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: 314292BB78A185A9281A2C117B070A46
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://click.email.sans.org/?qs=c7eea00bf2a97ffc42805df41f767b0427e3a72372086d470ad8accb7c32f2ea162f3907... HTTP 302
    https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021ee... Page URL
  2. https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021ee... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • Nuvem

Page Statistics

19
Requests

79 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

294 kB
Transfer

993 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.email.sans.org/?qs=c7eea00bf2a97ffc42805df41f767b0427e3a72372086d470ad8accb7c32f2ea162f3907c30a3a0cbea9cd6485ecc558894b8c64645e288a HTTP 302
    https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74 Page URL
  2. https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://click.email.sans.org/?qs=c7eea00bf2a97ffc42805df41f767b0427e3a72372086d470ad8accb7c32f2ea162f3907c30a3a0cbea9cd6485ecc558894b8c64645e288a HTTP 302
  • https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
new-york-city-government-smishing-attack
therecord.media/
Redirect Chain
  • https://click.email.sans.org/?qs=c7eea00bf2a97ffc42805df41f767b0427e3a72372086d470ad8accb7c32f2ea162f3907c30a3a0cbea9cd6485ecc558894b8c64645e288a
  • https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
17 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef964e096ae72a3aaf01ffa5104629993456df4bbd455d4186fc9ab4c4ceded
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
I99VMLjWlpnOGjLqctlJmq32OnT2wmTP0BNHh2bLc3A8d1RfuSqD7d/NLMuekS6H+tcTw8QZBKEvL8/lD7WdXpVv9XQRESZN0Esc42P+6pNsOjmrO6C9i2BwgIlvAyswmw0G10cxUf5zV/xMxCzfqA==$cPjhTIEvrfpvwdvtBzNHsw==
cf-mitigated
challenge
cf-ray
872007c82fc11e68-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Wed, 10 Apr 2024 04:35:28 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Cache-Control
private
Connection
close
Content-Length
249
Content-Type
text/html; charset=utf-8
Date
Wed, 10 Apr 2024 04:35:27 GMT
Location
https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
v1
therecord.media/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		392 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therecord.media/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=872007c82fc11e68
Requested by
Host: therecord.media
URL: https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
189f001fff5672a7ea81ded39d691aa173456bc3166989b3da0f1d17dce3f480
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"123.0.6312.105"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74&__cf_chl_rt_tk=99BnGg2ti_wweYRpoqSFcBj85sBgneupmxftdojShWE-1712723728-0.0.1.1-1557
sec-ch-ua-full-version-list
"Google Chrome";v="123.0.6312.105", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.105"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:35:28 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
cloudflare
cf-ray
872007c86fdb1e68-FRA
content-type
application/javascript; charset=UTF-8
api.js
challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js?onload=HrjuF1&render=explicit
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=872007c82fc11e68
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f1ad19042c2f9ee60c2de21f37f788af7b1ecccda8eec1d877f9b9c0e994370

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://therecord.media
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:35:28 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
872007c8c89f372f-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
therecord.media/ 		15 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://therecord.media/favicon.ico
Requested by
Host: therecord.media
URL: https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44d67f420e330a9318e4260095b42f5c865da44bcd52b0a72cf8d367956f0e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"123.0.6312.105"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
sec-ch-ua-full-version-list
"Google Chrome";v="123.0.6312.105", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.105"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:35:28 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
0
traceresponse
00-17c4d12832036c17276e8398b226f60a-9b5a36b31a881b41-01
x-cache
MISS, MISS
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kiad7000141-IAD, cache-fra-eddf8230085-FRA
last-modified
Wed, 03 Apr 2024 17:48:22 GMT
server
cloudflare
etag
W/"3c2e-18ea5137e70"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=0
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
872007c8b81e1e68-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
0, 0
894387f8-5cc7-4002-9e78-9acbbfeece24
https://therecord.media/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://therecord.media/894387f8-5cc7-4002-9e78-9acbbfeece24
Requested by
Host: therecord.media
URL: https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
fe711fdafbe1c75
therecord.media/cdn-cgi/challenge-platform/h/b/flow/ov1/1935640720:1712722140:1LDhhEcdn_GDznxbCgwys_3uuWUqT6rzjvey9F1Z3iE/872007c82fc11e68/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://therecord.media/cdn-cgi/challenge-platform/h/b/flow/ov1/1935640720:1712722140:1LDhhEcdn_GDznxbCgwys_3uuWUqT6rzjvey9F1Z3iE/872007c82fc11e68/fe711fdafbe1c75
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=872007c82fc11e68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c95a8f6647f75b4213678048a572173cf7b3db609b7fb3f860597501cb57fff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
Content-type
application/x-www-form-urlencoded
sec-ch-ua-full-version
"123.0.6312.105"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
sec-ch-ua-full-version-list
"Google Chrome";v="123.0.6312.105", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.105"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
CF-Challenge
fe711fdafbe1c75
sec-ch-ua-platform
"Win32"

Response headers

cf-chl-gen
dm0oleX7XOiji/TehznGTwqHe1wTrsfJJegTVxD2ztaMwqFubKF90EPvae2OCQyp$YgrRrvA82p1B1qpSRewuZA==
date
Wed, 10 Apr 2024 04:35:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
server
cloudflare
cf-ray
872007c958ad1e68-FRA
content-type
text/plain; charset=UTF-8
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/76afi/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame C89F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/76afi/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js?onload=HrjuF1&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
872007c9eb6e5d7c-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 10 Apr 2024 04:35:29 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
8e36a6f2-e9d1-4652-a4be-15c8ec89b3cb
https://therecord.media/ 		80 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://therecord.media/8e36a6f2-e9d1-4652-a4be-15c8ec89b3cb
Requested by
Host: therecord.media
URL: https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d5d7571ddb9876d6bdb02c3291e62d788f660b71e6eb9d9032234a691db4680

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
80
Content-Type
text/javascript
favicon.ico
therecord.media/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://therecord.media/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44d67f420e330a9318e4260095b42f5c865da44bcd52b0a72cf8d367956f0e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"123.0.6312.105"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
sec-ch-ua-full-version-list
"Google Chrome";v="123.0.6312.105", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.105"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:35:29 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
0
traceresponse
00-17c4d128445937e3ae1a242d31ccee87-cc3d54cb23130c86-01
x-cache
MISS, MISS
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kiad7000141-IAD, cache-fra-eddf8230085-FRA
last-modified
Wed, 03 Apr 2024 17:48:22 GMT
server
cloudflare
etag
W/"3c2e-18ea5137e70"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=0
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
872007caf9e41e68-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
0, 0
fe711fdafbe1c75
therecord.media/cdn-cgi/challenge-platform/h/b/flow/ov1/1935640720:1712722140:1LDhhEcdn_GDznxbCgwys_3uuWUqT6rzjvey9F1Z3iE/872007c82fc11e68/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://therecord.media/cdn-cgi/challenge-platform/h/b/flow/ov1/1935640720:1712722140:1LDhhEcdn_GDznxbCgwys_3uuWUqT6rzjvey9F1Z3iE/872007c82fc11e68/fe711fdafbe1c75
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=872007c82fc11e68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7e179752676d50f2dc5bd53e52c96f8c0712589d363f45699d28bf001d84796
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
Content-type
application/x-www-form-urlencoded
sec-ch-ua-full-version
"123.0.6312.105"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
sec-ch-ua-full-version-list
"Google Chrome";v="123.0.6312.105", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.105"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
CF-Challenge
fe711fdafbe1c75
sec-ch-ua-platform
"Win32"

Response headers

cf-chl-out
OH2KzqiXnBm2kByRjUX1OGuHzFxJRrV9RnXTPMH+yhcuLOiCevAYu7qoqkFKDQi2C3tu1WHnCmabDpxU3aUF3kOGVMNqv27C5WMk1rn1Vjk=$BDfVTSpUR7HFtZ5U4e+VZQ==
cf-chl-out-s
z5LwPSfjs/LNidHxMjDT1kokrmkSNO7IBTAXQDYxq+dfEVkQOtCXaliM45HjBWUBrstu2GJzFZHRzk3jsui2XIXIuELCUF0+00u1VshZNEdpNIuX2DGWqdfwCGgYWGwuFQSlGa/UnGA1ohhZXPlwFhXw26uh0MWu4tGx7ZlyrqBWX/uUfrBowgsg+pVSH+lCQLkp2qWxXaPhP+sq8YRdkQzw7eCcpXYSM5IA634ptvwoHMcmySRnTJa3l1rFI8p7$40echUJxxrbh7hbhPpGJJg==
date
Wed, 10 Apr 2024 04:35:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
server
cloudflare
content-type
text/html; charset=UTF-8
cf-ray
872007cfcd241e68-FRA
Primary Request new-york-city-government-smishing-attack
therecord.media/ 		16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=872007c82fc11e68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ccd98a88e86b0209df128af5aaa98076e36e62376a46eab441941a24dd930b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"123.0.6312.105"
sec-ch-ua-full-version-list
"Google Chrome";v="123.0.6312.105", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.105"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"
sec-ch-ua-platform-version
"10.0.0"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
59PlbFV+DIRLWe2dD+LmWMVLDvEs0+CSFaE+lXrhjF9vJCGamiEH93hvfCmsSH0Yp9Zvrpym+82BNH0SD93FGNMJyrURcM3y1eO8H55JaakJgrehDtvfeDkPyeO7Rb6s7S5BR1wceMzCkxBj9cLpAQ==$VpJS5mnZlB4U8kSdPCuosg==
cf-mitigated
challenge
cf-ray
872007dc7df71e68-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Wed, 10 Apr 2024 04:35:31 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
v1
therecord.media/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		395 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therecord.media/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=872007dc7df71e68
Requested by
Host: therecord.media
URL: https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d342728182a82e8d1a60e453e6edf617a25e5db0efa7d23c7771742d93c4ac50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"123.0.6312.105"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74&__cf_chl_rt_tk=lxUfGXFrTzS_V2eWfLwHSu3aYjLtCaK7SRW3IJqETao-1712723731-0.0.1.1-1557
sec-ch-ua-full-version-list
"Google Chrome";v="123.0.6312.105", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.105"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:35:31 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
cloudflare
cf-ray
872007dcae1c1e68-FRA
content-type
application/javascript; charset=UTF-8
api.js
challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js?onload=HrjuF1&render=explicit
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=872007dc7df71e68
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f1ad19042c2f9ee60c2de21f37f788af7b1ecccda8eec1d877f9b9c0e994370

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://therecord.media
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:35:31 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
872007dcdde1372f-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
therecord.media/ 		15 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://therecord.media/favicon.ico
Requested by
Host: therecord.media
URL: https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44d67f420e330a9318e4260095b42f5c865da44bcd52b0a72cf8d367956f0e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"123.0.6312.105"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
sec-ch-ua-full-version-list
"Google Chrome";v="123.0.6312.105", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.105"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:35:32 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
0
traceresponse
00-17c4d128f193fc2e4f89ad5d2595fbf1-cbbaa2e43c37e04d-01
x-cache
MISS, MISS
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kiad7000141-IAD, cache-fra-eddf8230085-FRA
last-modified
Wed, 03 Apr 2024 17:48:22 GMT
server
cloudflare
etag
W/"3c2e-18ea5137e70"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=0
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
872007dcee4a1e68-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
0, 0
3aaf7391-f194-4746-97d8-7afc816bde82
https://therecord.media/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://therecord.media/3aaf7391-f194-4746-97d8-7afc816bde82
Requested by
Host: therecord.media
URL: https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
cb1d0b7ecb93b87
therecord.media/cdn-cgi/challenge-platform/h/b/flow/ov1/1216545247:1712722072:u1v_vY2Kqi_qhLKEoSoI3VZqTmpKo4Tz4sGgwNuvEmI/872007dc7df71e68/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://therecord.media/cdn-cgi/challenge-platform/h/b/flow/ov1/1216545247:1712722072:u1v_vY2Kqi_qhLKEoSoI3VZqTmpKo4Tz4sGgwNuvEmI/872007dc7df71e68/cb1d0b7ecb93b87
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=872007dc7df71e68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9892053e531605a32d4f5a6f7065177b9938b0cab7c2d062f1973c27cdf535b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
Content-type
application/x-www-form-urlencoded
sec-ch-ua-full-version
"123.0.6312.105"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
sec-ch-ua-full-version-list
"Google Chrome";v="123.0.6312.105", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.105"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
CF-Challenge
cb1d0b7ecb93b87
sec-ch-ua-platform
"Win32"

Response headers

cf-chl-gen
6A22XRMgf8SRi11GJwikRzZb61ycCk97K78dsbJH4AGvYe3NoIujNw2KKEiCssYl$Fyur792PpqmO/FDL98PB8A==
date
Wed, 10 Apr 2024 04:35:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
server
cloudflare
cf-ray
872007dd8ecc1e68-FRA
content-type
text/plain; charset=UTF-8
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qyzca/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame 3142 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qyzca/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js?onload=HrjuF1&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
872007ddff1b5d7c-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 10 Apr 2024 04:35:32 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
429cfd04-7dd9-4906-af76-d30022396c21
https://therecord.media/ 		80 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://therecord.media/429cfd04-7dd9-4906-af76-d30022396c21
Requested by
Host: therecord.media
URL: https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d5d7571ddb9876d6bdb02c3291e62d788f660b71e6eb9d9032234a691db4680

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
80
Content-Type
text/javascript
favicon.ico
therecord.media/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://therecord.media/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44d67f420e330a9318e4260095b42f5c865da44bcd52b0a72cf8d367956f0e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"123.0.6312.105"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
sec-ch-ua-full-version-list
"Google Chrome";v="123.0.6312.105", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.105"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:35:32 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
0
traceresponse
00-17c4d128fc72dad22fd756cc6bbb2130-499d13e0732049a5-01
x-cache
MISS, MISS
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kiad7000141-IAD, cache-fra-eddf8230085-FRA
last-modified
Wed, 03 Apr 2024 17:48:22 GMT
server
cloudflare
etag
W/"3c2e-18ea5137e70"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=0
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
872007de4f471e68-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
0, 0

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _cf_chl_opt function| rQHZa5 function| wXagv3 function| PsSt8 function| HrjuF1 boolean| KaiqDo8 function| wYHO8 function| XxXBN3 function| rTya5 object| FvgJ7 object| CzJOu7 object| gKrrTp6 number| Dekg1 object| angular object| turnstile boolean| epUoWW3 string| tvUPr7

1 Cookies

Domain/Path Name / Value
therecord.media/ Name: cf_chl_rc_ni
Value: 1

6 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://therecord.media/new-york-city-government-smishing-attack?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN