therecord.media Open in urlscan Pro
172.64.155.75 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://therecord.media/cyberattack-leaked-data-nyc-bar
Submission: On November 23 via api (November 23rd 2023, 2:22:17 am UTC) from TR — Scanned from DE

Summary HTTP 119 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 19 domains to perform 119 HTTP transactions. The main IP is 172.64.155.75, located in United States and belongs to CLOUDFLARENET, US. The main domain is therecord.media. The Cisco Umbrella rank of the primary domain is 249418.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2023. Valid for: a year.

This is the only time therecord.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	172.64.155.75 172.64.155.75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
3	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
2	13.32.27.49 13.32.27.49	16509 (AMAZON-02) (AMAZON-02)
3	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	172.64.144.145 172.64.144.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	95.101.111.184 95.101.111.184	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	3.126.133.169 3.126.133.169	16509 (AMAZON-02) (AMAZON-02)
4	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
1	104.16.190.89 104.16.190.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	95.101.111.170 95.101.111.170	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	64.233.167.154 64.233.167.154	15169 (GOOGLE) (GOOGLE)
1	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
4	18.193.0.24 18.193.0.24	16509 (AMAZON-02) (AMAZON-02)
1	104.18.34.229 104.18.34.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.19.155.83 104.19.155.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.125.12 104.18.125.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.78.186 104.16.78.186	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.229.233.50 192.229.233.50	15133 (EDGECAST) (EDGECAST)
1	104.18.160.125 104.18.160.125	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	93.184.220.70 93.184.220.70	15133 (EDGECAST) (EDGECAST)
1	199.60.103.2 199.60.103.2	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
119	25

40 172.64.155.75 (United States)

ASN13335 (CLOUDFLARENET, US)

therecord.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.therecord.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-49.fra56.r.cloudfront.net

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.144.145 (United States)

ASN13335 (CLOUDFLARENET, US)

www.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 95.101.111.184 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-184.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.133.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com

recordedfuture.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.190.89 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.111.170 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-170.deploy.static.akamaitechnologies.com

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.193.0.24 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-0-24.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.34.229 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.19.155.83 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.125.12 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.78.186 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.233.50 (Marlborough, United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.160.125 (None, )

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.184.220.70 (London, United Kingdom)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.60.103.2 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	therecord.media therecord.media — Cisco Umbrella Rank: 249418 cms.therecord.media — Cisco Umbrella Rank: 489015	3 MB
29	6sc.co j.6sc.co — Cisco Umbrella Rank: 5465 c.6sc.co — Cisco Umbrella Rank: 8564 ipv6.6sc.co — Cisco Umbrella Rank: 5738 b.6sc.co — Cisco Umbrella Rank: 3759	52 KB
15	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1186 syndication.twitter.com — Cisco Umbrella Rank: 1447	439 KB
5	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 5485 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 5222 track.hubspot.com — Cisco Umbrella Rank: 2298 forms.hubspot.com — Cisco Umbrella Rank: 4747	28 KB
4	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 3672 pbs.twimg.com — Cisco Umbrella Rank: 1190	25 KB
4	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 9302	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
4	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 16488 recordedfuture.matomo.cloud — Cisco Umbrella Rank: 769413	67 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	170 KB
2	recordedfuture.com www.recordedfuture.com — Cisco Umbrella Rank: 418266 go.recordedfuture.com — Cisco Umbrella Rank: 659491	182 KB
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 5955	1 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2150	21 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4568	88 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2155	16 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6862	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	244 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040	253 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 495	571 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2386	1 KB
119	19

	Domain	Requested by
34	therecord.media	therecord.media
21	b.6sc.co
12	platform.twitter.com	therecord.media platform.twitter.com
6	cms.therecord.media	therecord.media
4	epsilon.6sense.com	j.6sc.co
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	pbs.twimg.com
3	c.6sc.co	j.6sc.co
3	j.6sc.co	www.googletagmanager.com therecord.media j.6sc.co
3	syndication.twitter.com	platform.twitter.com
3	www.googletagmanager.com	therecord.media www.googletagmanager.com www.google-analytics.com
2	track.hubspot.com
2	ipv6.6sc.co	j.6sc.co
2	recordedfuture.matomo.cloud	cdn.matomo.cloud
2	cdn.matomo.cloud	therecord.media
1	go.recordedfuture.com
1	perf-na1.hsforms.com
1	forms.hubspot.com	js.hsleadflows.net
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	secure.adnxs.com	j.6sc.co
1	js.hs-scripts.com	www.googletagmanager.com
1	www.recordedfuture.com	therecord.media
119	30

This site contains links to these domains. Also see Links.

Domain
www.recordedfuture.com
twitter.com
www.linkedin.com
www.facebook.com
www.reddit.com
news.ycombinator.com
apps.web.maine.gov
ago.vermont.gov
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M03	`2023-10-27` - `2024-11-23`	a year	crt.sh
syndication.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh
*.recordedfuture.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-03` - `2024-03-05`	a year	crt.sh
6sc.co R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.matomo.cloud Amazon RSA 2048 M02	`2023-06-21` - `2024-07-19`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
go.recordedfuture.com GTS CA 1P5	`2023-10-22` - `2024-01-20`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://therecord.media/cyberattack-leaked-data-nyc-bar
Frame ID: E20EE0CC77446896AE922BA9A905991C
Requests: 101 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Ftherecord.media
Frame ID: 6DBD9E103A0E9F1FAAEEC394C9AE626F
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1614118181710475265&lang=en&origin=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&sessionId=3e05951a1095ab809f086f9ee3ca93ce0f200bcc&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
Frame ID: 44A51F5578D1FCF8BC76A785D3BBE8F7
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cyberattackers leaked data of 27,000 NYC Bar Association membersers

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

119
Requests

100 %
HTTPS

0 %
IPv6

19
Domains

30
Subdomains

25
IPs

4
Countries

3903 kB
Transfer

8448 kB
Size

19
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.recordedfuture.com/privacy-policy/?__hstc=156209188.f93708ae1617bd39de35968451b5c13e.1700706131102.1700706131102.1700706131102.1&__hssc=156209188.1.1700706131102&__hsfp=4100969504
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/platform/mobile-app?__hstc=156209188.f93708ae1617bd39de35968451b5c13e.1700706131102.1700706131102.1700706131102.1&__hssc=156209188.1.1700706131102&__hsfp=4100969504
Title: Mobile App

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Cyberattackers%20leaked%20data%20of%2027,000%20NYC%20Bar%20Association%20members%20https://therecord.media/cyberattack-leaked-data-nyc-bar%20@TheRecord_Media

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://therecord.media/cyberattack-leaked-data-nyc-bar&title=Cyberattackers%20leaked%20data%20of%2027,000%20NYC%20Bar%20Association%20members

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://therecord.media/cyberattack-leaked-data-nyc-bar&src=sdkpreparse

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://therecord.media/cyberattack-leaked-data-nyc-bar

Search URL Search Domain Scan URL

URL: https://news.ycombinator.com/submitlink?u=https://therecord.media/cyberattack-leaked-data-nyc-bar&t=Cyberattackers%20leaked%20data%20of%2027,000%20NYC%20Bar%20Association%20members

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/platform?mtm_campaign=ad-unit-record&__hstc=156209188.f93708ae1617bd39de35968451b5c13e.1700706131102.1700706131102.1700706131102.1&__hssc=156209188.1.1700706131102&__hsfp=4100969504
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://apps.web.maine.gov/online/aeviewer/ME/40/c7e21539-931c-4dd4-8dc3-fa9f6434cb2d.shtml
Title: Maine

Search URL Search Domain Scan URL

URL: https://ago.vermont.gov/sites/ago/files/documents/2023-11-17%20The%20New%20York%20City%20Bar%20Association%20Data%20Breach%20Notice%20to%20Consumers.pdf
Title: Vermont

Search URL Search Domain Scan URL

URL: https://twitter.com/FalconFeedsio/status/1614118181710475265
Title: claimed

Search URL Search Domain Scan URL

URL: https://twitter.com/jgreigj

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/black-friday-trends-insights-mitigating-online-shopping-scams?__hstc=156209188.f93708ae1617bd39de35968451b5c13e.1700706131102.1700706131102.1700706131102.1&__hssc=156209188.1.1700706131102&__hsfp=4100969504
Title: As Black Friday Approaches, 3 Key Trends Offer Insights for Mitigating Online Shopping ScamsAs Black Friday Approaches, 3 Key Trends Offer Insights for Mitigating Online Shopping Scams

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/improving-automation-accessibility-drive-ad-fraud-losses?__hstc=156209188.f93708ae1617bd39de35968451b5c13e.1700706131102.1700706131102.1700706131102.1&__hssc=156209188.1.1700706131102&__hsfp=4100969504
Title: Improving Automation and Accessibility Drive $100 Billion in Projected Ad Fraud LossesImproving Automation and Accessibility Drive $100 Billion in Projected Ad Fraud Losses

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/charting-chinas-climb-leading-global-cyber-power?__hstc=156209188.f93708ae1617bd39de35968451b5c13e.1700706131102.1700706131102.1700706131102.1&__hssc=156209188.1.1700706131102&__hsfp=4100969504
Title: Charting China’s Climb as a Leading Global Cyber PowerCharting China’s Climb as a Leading Global Cyber Power

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/hamas-application-infrastructure-reveals-possible-overlap-tag-63-iranian-threat-activity?__hstc=156209188.f93708ae1617bd39de35968451b5c13e.1700706131102.1700706131102.1700706131102.1&__hssc=156209188.1.1700706131102&__hsfp=4100969504
Title: Hamas Application Infrastructure Reveals Possible Overlap With TAG-63 and Iranian Threat ActivityHamas Application Infrastructure Reveals Possible Overlap With TAG-63 and Iranian Threat Activity

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/russia-creates-no-win-situation-western-companies?__hstc=156209188.f93708ae1617bd39de35968451b5c13e.1700706131102.1700706131102.1700706131102.1&__hssc=156209188.1.1700706131102&__hsfp=4100969504
Title: Russia Creates No-Win Situation for Western CompaniesRussia Creates No-Win Situation for Western Companies

Search URL Search Domain Scan URL

URL: https://twitter.com/TheRecord_Media

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-record-by-recorded-future

Search URL Search Domain Scan URL

URL: https://www.instagram.com/therecord_media/

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/privacy-policy?__hstc=156209188.f93708ae1617bd39de35968451b5c13e.1700706131102.1700706131102.1700706131102.1&__hssc=156209188.1.1700706131102&__hsfp=4100969504
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

119 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request cyberattack-leaked-data-nyc-bar Show response
therecord.media/ 45 KB
10 KB 549ms
178ms Document
text/html 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/cyberattack-leaked-data-nyc-bar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

8e7e3a9c1e7f9a96bc30812e1746bc642b213e0c5582ee850dcb0ff99fe5f565

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 0
cache-control: s-maxage=60, stale-while-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82a5f1427d306ab9-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 23 Nov 2023 02:22:05 GMT
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
traceresponse: 00-179a142f75c55ee799a2416ec59b22d8-88cec32242fe647b-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 7, 1
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-powered-by: Next.js
x-served-by: cache-iad-kiad7000078-IAD, cache-fra-eddf8230121-FRA

GET
H2 200 New_York_City_Bar_Association_PP_52a26ccc01.jpg
cms.therecord.media/uploads/ 114 KB
114 KB 525ms
521ms Image
image/jpeg 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/New_York_City_Bar_Association_PP_52a26ccc01.jpg?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/cyberattack-leaked-data-nyc-bar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db81e8c32e9db96efdeee6faec1b67645e1baeb1ca225c48712d08bcb5138b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
traceresponse: 00-179a1f35e717d3eaf2a3461a271bd463-962fc74f01f25eb9-01
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
content-length: 116612
last-modified: Wed, 22 Nov 2023 19:52:38 GMT
server: cloudflare
etag: "655e5c06-1c784"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/jpeg
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 82a5f143bdf86ab9-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Thu, 23 Nov 2023 02:27:05 GMT

GET
H2 200 DSC_0283_1_a6f4e4e315.jpg
cms.therecord.media/uploads/ 1 MB
1 MB 529ms
527ms Image
image/jpeg 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/DSC_0283_1_a6f4e4e315.jpg?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/cyberattack-leaked-data-nyc-bar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04c7bd8acf65fb3710235e4be01a7c4d661638f9917c4c56a818fbcc89990fb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
traceresponse: 00-179a1f35e732d45ab1fd1117a0cdff2a-561e542bbd5bd866-01
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
content-length: 1438874
last-modified: Wed, 07 Jun 2023 14:35:08 GMT
server: cloudflare
etag: "6480959c-15f49a"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/jpeg
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 82a5f143bdf66ab9-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Thu, 23 Nov 2023 02:27:05 GMT

GET
H2 200 The_Record_Centered_9b27d79125.svg
cms.therecord.media/uploads/ 7 KB
2 KB 526ms
525ms Image
image/svg+xml 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/The_Record_Centered_9b27d79125.svg?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/cyberattack-leaked-data-nyc-bar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
traceresponse: 00-179a1f35e71089a9ca8cfe264dc47e86-9ac20c5c521bd9a7-01
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
last-modified: Thu, 12 Jan 2023 17:06:51 GMT
server: cloudflare
etag: W/"63c03e2b-1c5f"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/svg+xml
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 82a5f143bdf56ab9-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Thu, 23 Nov 2023 02:27:05 GMT

GET
H2 200 4c17d1f71f88fc67.css
therecord.media/_next/static/css/ 59 KB
11 KB 45ms
43ms Stylesheet
text/css 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/css/4c17d1f71f88fc67.css

Requested by

Host: therecord.media
URL: https://therecord.media/cyberattack-leaked-data-nyc-bar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a58b388aa664a867aed1d7003f116976a39a3b313ba508664f0a9c40e584d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 235446
traceresponse: 00-1799491298ea95250dba5efe7ce3619f-dde6c778855aff83-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100064-IAD, cache-fra-eddf8230121-FRA
last-modified: Mon, 20 Nov 2023 08:57:45 GMT
server: cloudflare
etag: W/"ecf6-18bebf3319a"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f143adf26ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 2, 4

GET
H2 200 ef46db3751d8e999.css
therecord.media/_next/static/css/ 0
190 B 55ms
53ms Stylesheet
text/css 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/css/ef46db3751d8e999.css

Requested by

Host: therecord.media
URL: https://therecord.media/cyberattack-leaked-data-nyc-bar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 1255026
traceresponse: 00-1795a9c57dfc4c4701d59344391904cb-26be8b2487cb2d39-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 0
x-served-by: cache-iad-kcgs7200091-IAD, cache-fra-etou8220055-FRA
last-modified: Wed, 01 Nov 2023 12:29:05 GMT
server: cloudflare
etag: W/"0-18b8adbd6d5"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
cf-ray: 82a5f143adf36ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 7543, 1

GET
H2 200 rocket-loader.min.js Show response
therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 32ms
30ms Script
application/javascript 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: therecord.media
URL: https://therecord.media/cyberattack-leaked-data-nyc-bar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
server: cloudflare
content-encoding: gzip
etag: W/"65568fe4-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 82a5f1440e3a6ab9-FRA
expires: Sat, 25 Nov 2023 02:22:05 GMT

GET
H2 200 Inter-SemiBold.ttf
therecord.media/fonts/ 308 KB
151 KB 292ms
292ms Font
font/ttf 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-SemiBold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/4c17d1f71f88fc67.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/4c17d1f71f88fc67.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-179a1f35e06b85ebd7e6161870bb12b4-f497ca7f9c8ee316-01
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000102-IAD, cache-fra-eddf8230057-FRA
last-modified: Wed, 22 Nov 2023 16:39:59 GMT
server: cloudflare
etag: W/"4d16c-18bf7e71718"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f1442e496ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 icomoon.ttf
therecord.media/icons/fonts/ 5 KB
3 KB 220ms
220ms Font
font/ttf 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/icons/fonts/icomoon.ttf?l2zjlc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/4c17d1f71f88fc67.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2ea411b32eb0f8f7ecee62a4a599e510c68d51c04b0246e436a50ea016b70e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/4c17d1f71f88fc67.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-179a1f35e024d5566106c5ac5900e5ba-93aab6e5fef6fa85-01
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100149-IAD, cache-fra-eddf8230090-FRA
last-modified: Wed, 22 Nov 2023 16:39:59 GMT
server: cloudflare
etag: W/"1304-18bf7e71718"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f1442e4c6ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-Medium.ttf
therecord.media/fonts/ 307 KB
149 KB 416ms
415ms Font
font/ttf 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Medium.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/4c17d1f71f88fc67.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0b1f949528f7a3a2d2ff3b6df67c6c1b5cb8f62a2eba6eb5e06adff2d5795f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/4c17d1f71f88fc67.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-179a1f35df90a2b0e4e3136508ed8655-72ea84ab77cbae12-01
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000051-IAD, cache-fra-etou8220055-FRA
last-modified: Wed, 22 Nov 2023 16:39:59 GMT
server: cloudflare
etag: W/"4cd58-18bf7e71718"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f1442e4d6ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-Bold.ttf
therecord.media/fonts/ 309 KB
151 KB 221ms
221ms Font
font/ttf 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Bold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/4c17d1f71f88fc67.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/4c17d1f71f88fc67.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-179a1f35df9f2399a5f98539e9976bd0-d5ce630ba8588fb8-01
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100134-IAD, cache-fra-eddf8230121-FRA
last-modified: Wed, 22 Nov 2023 16:39:59 GMT
server: cloudflare
etag: W/"4d2c4-18bf7e71718"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f1442e506ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-Regular.ttf
therecord.media/fonts/ 303 KB
140 KB 318ms
318ms Font
font/ttf 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Regular.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/4c17d1f71f88fc67.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/4c17d1f71f88fc67.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-179a1f35e0a0d98e0f7d91833ade8b64-8ce3bd3dfdb6096a-01
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000092-IAD, cache-fra-eddf8230057-FRA
last-modified: Wed, 22 Nov 2023 16:39:59 GMT
server: cloudflare
etag: W/"4ba44-18bf7e71718"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f1443e5a6ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-ExtraBold.ttf
therecord.media/fonts/ 309 KB
150 KB 259ms
258ms Font
font/ttf 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-ExtraBold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/4c17d1f71f88fc67.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fb3140db2839cabd3662044ef7791206df377b2211046abc71dd039f05fe082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/4c17d1f71f88fc67.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-179a1f35e0559152887f4d438d60267d-983931d2100e0b99-01
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200106-IAD, cache-fra-eddf8230022-FRA
last-modified: Wed, 22 Nov 2023 16:39:59 GMT
server: cloudflare
etag: W/"4d52c-18bf7e71718"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f1443e5b6ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 489ms
26ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B79) /
Resource Hash: 9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 02:22:05 GMT
Content-Encoding: gzip
Age: 946
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27598
Last-Modified: Mon, 09 Oct 2023 20:29:49 GMT
Server: ECS (amb/6B79)
Etag: "391b7fdf0c468036f27102529636f0ca+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 _middlewareManifest.js Show response
therecord.media/_next/static/U1DQFuTJAP5gHHlfZpe7Z/ 92 B
336 B 338ms
337ms Script
application/javascript 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/U1DQFuTJAP5gHHlfZpe7Z/_middlewareManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-179a1f35e3b26934ec39ce2cb1385458-c1ac65a6b9196295-01
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200175-IAD, cache-fra-etou8220046-FRA
last-modified: Wed, 22 Nov 2023 16:44:05 GMT
server: cloudflare
etag: W/"5c-18bf7eada93"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f1449e866ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 _ssgManifest.js Show response
therecord.media/_next/static/U1DQFuTJAP5gHHlfZpe7Z/ 99 B
236 B 340ms
339ms Script
application/javascript 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/U1DQFuTJAP5gHHlfZpe7Z/_ssgManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-179a1f35e415c18342f1a389196b8d48-743be33fa566ef59-01
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100157-IAD, cache-fra-eddf8230099-FRA
last-modified: Wed, 22 Nov 2023 16:44:05 GMT
server: cloudflare
etag: W/"63-18bf7eada94"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f1449e876ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 _buildManifest.js Show response
therecord.media/_next/static/U1DQFuTJAP5gHHlfZpe7Z/ 1 KB
607 B 358ms
358ms Script
application/javascript 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/U1DQFuTJAP5gHHlfZpe7Z/_buildManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b73949e7c2e7b93e9f295476e689bddb6a1f5ed7aeb97054369aa6f908e34d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-179a1f35e4c4ca13dc84f38743fcd4da-d351f3b473766f49-01
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200166-IAD, cache-fra-etou8220087-FRA
last-modified: Wed, 22 Nov 2023 16:44:05 GMT
server: cloudflare
etag: W/"4b7-18bf7eada93"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f144ae8d6ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 %5B%5B...slug%5D%5D-a0dcfc6f988298c5.js Show response
therecord.media/_next/static/chunks/pages/ 74 KB
16 KB 66ms
66ms Script
application/javascript 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/pages/%5B%5B...slug%5D%5D-a0dcfc6f988298c5.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67a279ab820fb834829c295735b1655c0293fcb6835be195d2d533ed88017dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 235447
traceresponse: 00-179949128fe1a48da3437ddd2a53b458-13f7143fba583fe8-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000170-IAD, cache-fra-etou8220023-FRA
last-modified: Mon, 20 Nov 2023 08:57:45 GMT
server: cloudflare
etag: W/"1261d-18bebf33194"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f144ae8e6ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 4, 1

GET
H2 200 654-c5e15c079aedb8cc.js Show response
therecord.media/_next/static/chunks/ 973 KB
253 KB 75ms
75ms Script
application/javascript 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/654-c5e15c079aedb8cc.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80b4dbc69bdce79e39361154bafc9c67b20c91277797b34f2752cb2a5450d9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 662861
traceresponse: 00-1797c45763c375577d1ff02e34d3c576-61dd0e0b8c73a4e6-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200086-IAD, cache-fra-eddf8230066-FRA
last-modified: Wed, 15 Nov 2023 10:14:10 GMT
server: cloudflare
etag: W/"f3508-18bd2795a7e"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f144ae8f6ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 2, 1

GET
H2 200 _app-81fffb486b1b3b59.js Show response
therecord.media/_next/static/chunks/pages/ 121 KB
40 KB 45ms
45ms Script
application/javascript 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/pages/_app-81fffb486b1b3b59.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01d876470991edc38b957d70eb1f344f7102884bd1173f1df1bdfff8602dd8b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 34666
traceresponse: 00-1799ffae9d2312d58dbec7b07f351e81-7b362fb757e452db-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000140-IAD, cache-fra-eddf8230044-FRA
last-modified: Wed, 22 Nov 2023 16:44:05 GMT
server: cloudflare
etag: W/"1e2fc-18bf7eada99"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f144ae906ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 2, 5

GET
H2 200 main-a4d9e436b9a532ca.js Show response
therecord.media/_next/static/chunks/ 98 KB
27 KB 76ms
76ms Script
application/javascript 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/main-a4d9e436b9a532ca.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b2c7013a195a3d74c9f7882e583bfe84db280ca66ef25e7ffe42e8d1b0edb7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 34666
traceresponse: 00-1799ffae91c451803ef8194e49de5906-93828404badca237-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200165-IAD, cache-fra-eddf8230048-FRA
last-modified: Wed, 22 Nov 2023 16:44:05 GMT
server: cloudflare
etag: W/"189e4-18bf7eada98"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f144ae916ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 2, 1

GET
H2 200 framework-5f4595e5518b5600.js Show response
therecord.media/_next/static/chunks/ 127 KB
42 KB 76ms
75ms Script
application/javascript 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/framework-5f4595e5518b5600.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 1935347
traceresponse: 00-17933f05bb5ae8306bb3c9607cda134e-1408f809c000a064-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200081-IAD, cache-fra-eddf8230039-FRA
last-modified: Tue, 17 Oct 2023 15:11:43 GMT
server: cloudflare
etag: W/"1fbbb-18b3e315916"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f144be936ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 13588, 5

GET
H2 200 webpack-5752944655d749a0.js Show response
therecord.media/_next/static/chunks/ 2 KB
1 KB 69ms
69ms Script
application/javascript 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/webpack-5752944655d749a0.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:05 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 3775490
traceresponse: 00-178cb56c22657f538bac7d6bdea64730-2a9aa89d715d7f76-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100179-IAD, cache-fra-eddf8230044-FRA
last-modified: Tue, 03 Oct 2023 11:54:42 GMT
server: cloudflare
etag: W/"673-18af563f020"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f144be956ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 11989, 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 223 KB
79 KB 576ms
108ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Requested by

Host: therecord.media
URL: https://therecord.media/cyberattack-leaked-data-nyc-bar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e909071f4ee32686e1327c63b1815ce6fb451babc2381b000b3cdd356cf233d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80705
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Nov 2023 02:22:06 GMT

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 199 KB
58 KB 636ms
145ms Script
application/javascript 13.32.27.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js

Requested by

Host: therecord.media
URL: https://therecord.media/cyberattack-leaked-data-nyc-bar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-49.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

1316977a854f25689e72527007b6254a726799eae07123b23392d71b50f17305

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:02:05 GMT
x-amz-version-id: 4.QmMWSqKXej0qnsAeUsu70FYPg7q0sT
content-encoding: gzip
strict-transport-security: max-age=31536000
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 8402
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sun, 19 Nov 2023 19:34:34 GMT
server: CloudFront
etag: W/"c28e87bb18e482bd1fa8843fb632e29a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: LZG8NzkPQNzCRkxqJT-F6uzTF4Ney2oCKGMTgbTAcAMNMbtm33oFxg==

GET
H2 200 container_41sBJe2I.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 27 KB
9 KB 638ms
147ms Script
application/javascript 13.32.27.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.matomo.cloud/recordedfuture.matomo.cloud/container_41sBJe2I.js

Requested by

Host: therecord.media
URL: https://therecord.media/cyberattack-leaked-data-nyc-bar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-49.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

3303db9454ead61f24fc598ad2a9d64aebd739493d1a07fffe1d1ead71b9419c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:02:05 GMT
x-amz-version-id: o_2NXjn2uS2BFeIRnGhjZvkcVYClttC5
content-encoding: gzip
strict-transport-security: max-age=31536000
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 8402
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sun, 19 Nov 2023 19:34:49 GMT
server: CloudFront
etag: W/"82547c1828a7d2e514c0b90201df744b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: ViDhEY8CwEgTS1dq017L-SCrtBijsa54765UtxH1dq2_5pqASqIuBQ==

GET
H/1.1 200
OK widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html Show response
platform.twitter.com/widgets/ Frame 6DBD 319 KB
104 KB 28ms
28ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Ftherecord.media
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B84) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://therecord.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3822581
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Thu, 23 Nov 2023 02:22:06 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B84)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 6DBD 870 B
660 B 497ms
169ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=3e05951a1095ab809f086f9ee3ca93ce0f200bcc

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Ftherecord.media

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 109
date: Thu, 23 Nov 2023 02:22:07 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Thu, 23 Nov 2023 02:22:07 GMT
server: tsa_f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: e439ed723ddd0ec9
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 6374ff804f748e8a8c0cd706c437e1077671cf6f919f1602f636bed613533d68
content-length: 338

GET
H2 200 articles Show response
cms.therecord.media/api/ 10 KB
5 KB 1146ms
333ms XHR
application/json 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editors&populate[3]=editors.page&populate[4]=editor&populate[5]=editor.page&populate[6]=image&populate[7]=image.desktop&populate[8]=image.tablet&populate[9]=image.mobile&populate[10]=tags&populate[11]=tags.page&populate[12]=page&filters[id][$ne]=3910&filters[date][$lte]=2023-11-22T19%3A45%3A00.000Z&filters[page][id][$notNull]=true&filters[page][publishedAt][$notNull]=true&filters[$and][0][$or][0][showFrom][$null]=true&filters[$and][0][$or][1][showFrom][$lte]=2023-11-23T02%3A22%3A07%2B00%3A00&filters[$and][1][$or][0][listingShowFrom][$null]=true&filters[$and][1][$or][1][listingShowFrom][$lte]=2023-11-23T02%3A22%3A07%2B00%3A00&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Adesc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/654-c5e15c079aedb8cc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

7c56de6fc51c1bb06a7beb004bfbd0a3411f7bda7d3b47755347fd9e8547ea8a

Security Headers

Name	Value
Content-Security-Policy	img-src * data: blob: https://market-assets.strapi.io;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:08 GMT
content-security-policy: img-src * data: blob: https://market-assets.strapi.io;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
traceresponse: 00-179a1f3689877d9beb52410e8abca5d9-ba0aec289b05c12b-01
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
referrer-policy: no-referrer
server: cloudflare
x-download-options: noopen
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
cf-ray: 82a5f154bf266945-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 articles Show response
cms.therecord.media/api/ 9 KB
3 KB 1229ms
382ms XHR
application/json 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editors&populate[3]=editors.page&populate[4]=editor&populate[5]=editor.page&populate[6]=image&populate[7]=image.desktop&populate[8]=image.tablet&populate[9]=image.mobile&populate[10]=tags&populate[11]=tags.page&populate[12]=page&filters[id][$ne]=3910&filters[date][$gte]=2023-11-22T19%3A45%3A00.000Z&filters[page][id][$notNull]=true&filters[page][publishedAt][$notNull]=true&filters[$and][0][$or][0][showFrom][$null]=true&filters[$and][0][$or][1][showFrom][$lte]=2023-11-23T02%3A22%3A07%2B00%3A00&filters[$and][1][$or][0][listingShowFrom][$null]=true&filters[$and][1][$or][1][listingShowFrom][$lte]=2023-11-23T02%3A22%3A07%2B00%3A00&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Aasc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/654-c5e15c079aedb8cc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

a4b10af1bc9d4772cf4692212f07b5f56e49012a5061832829e0daabd45b0555

Security Headers

Name	Value
Content-Security-Policy	img-src * data: blob: https://market-assets.strapi.io;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:08 GMT
content-security-policy: img-src * data: blob: https://market-assets.strapi.io;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
traceresponse: 00-179a1f36955496c3c4b1d66b39b8542a-ea653d1f65748be6-01
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
referrer-policy: no-referrer
server: cloudflare
x-download-options: noopen
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
cf-ray: 82a5f155ffd06945-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 articles Show response
cms.therecord.media/api/ 3 KB
997 B 1223ms
376ms XHR
application/json 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?fields[0]=title&fields[1]=date&fields[2]=publishedAt&filters[isBrief][$eq]=true&filters[page][id][$notNull]=true&filters[page][publishedAt][$notNull]=true&filters[$and][0][$or][0][showFrom][$null]=true&filters[$and][0][$or][1][showFrom][$lte]=2023-11-23T02%3A22%3A07%2B00%3A00&filters[$and][1][$or][0][listingShowFrom][$null]=true&filters[$and][1][$or][1][listingShowFrom][$lte]=2023-11-23T02%3A22%3A07%2B00%3A00&populate[page][fields][0]=slug&sort[0]=date%3Adesc&pagination[limit]=9

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/654-c5e15c079aedb8cc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

79c8691c3b05d24ad461dc18268c973c2fef5ae05eae7914eba37f482126a808

Security Headers

Name	Value
Content-Security-Policy	img-src * data: blob: https://market-assets.strapi.io;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:08 GMT
content-security-policy: img-src * data: blob: https://market-assets.strapi.io;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
traceresponse: 00-179a1f369570c026bbb67eecafe4fe86-c8e384f4379f86fa-01
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
referrer-policy: no-referrer
server: cloudflare
x-download-options: noopen
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
cf-ray: 82a5f155ffd16945-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 research Show response
www.recordedfuture.com/feed/ 342 KB
97 KB 293ms
42ms Fetch
text/xml 172.64.144.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/feed/research

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/654-c5e15c079aedb8cc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.144.145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

817a0c20d7d4ed15d8206f1e6554b05103ddfd6cf48944757f1f315585bbc201

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/rss+xml
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:07 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-bac7380798664d7697b0cf11d33520e7, i-bac7380798664d7697b0cf11d33520e7
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 2992
traceresponse: 00-179a1c7db1edd255f98963ff52f16475-2a6dbec047f5070a-01
x-cache: HIT
content-length: 98799
x-served-by: cache-fra-eddf8230041-FRA
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,DELETE,PATCH,POST,PUT,HEAD,OPTIONS
content-type: text/xml
access-control-allow-origin: *
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 82a5f1528ac94d4a-FRA
access-control-allow-headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, User-Agent, Authorization, Origin, Pragma, Cache-Control, Expires
x-cache-hits: 1

GET
H2 200 privacy.json Show response
therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/news/ 8 KB
2 KB 290ms
194ms Fetch
application/json 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/news/privacy.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a4d9e436b9a532ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

856d8806707a99ce11ae0f1b50bdf4f3ae32c4742d0fd6d4eaaaaf3e4da5bf9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:08 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 43
traceresponse: 00-179a1431ed1c869bab320e1137b797f3-da402082b0a33771-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000173-IAD, cache-fra-eddf8230044-FRA
server: cloudflare
etag: W/"20d6-XRBWNEZKmJXQoNJpopVnZGXX3T0"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f15668176ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 5, 1

GET
H2 200 news.json Show response
therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/news/ 8 KB
2 KB 131ms
41ms Fetch
application/json 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/news/news.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a4d9e436b9a532ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8dc798e45562ab60f19664226f8b0012d01f389fc84bab67c4f967d199c6509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:08 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 22
traceresponse: 00-179a142e496d00e77dcc34b26792ab50-0999d12ed3883740-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000032-IAD, cache-fra-eddf8230090-FRA
server: cloudflare
etag: W/"20d9-I+TtmDOHsnXWBQhcA1IUpw/ClTo"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f156681a6ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 7, 1

GET
H2 200 jonathan-greig.json Show response
therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/author/ 9 KB
3 KB 348ms
259ms Fetch
application/json 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/author/jonathan-greig.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a4d9e436b9a532ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30feee9f683a56e5cc039a8d44d0d58897cfb99fc01cf44a39c59bba882e6949

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:08 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 12
traceresponse: 00-179a141e14e5bb94ebaa54db39af8cdf-a6008e078802decb-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200086-IAD, cache-fra-eddf8230121-FRA
server: cloudflare
etag: W/"22c9-FX8sTJNZZNISys7zzQR1MDtjryQ"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f156681b6ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 3, 1

GET
H2 200 subscribe.json Show response
therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/ 8 KB
3 KB 125ms
38ms Fetch
application/json 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/subscribe.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a4d9e436b9a532ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a66777a430e8ef5d61a9c202d81c2baa3eabe9f3ef6e68b2a0682ab28c94529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:08 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 48
traceresponse: 00-179a1c5770855ccb65535bf7e62dd02e-8b1432994bddaa58-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100052-IAD, cache-fra-etou8220023-FRA
server: cloudflare
etag: W/"1f1e-1j5ZR/ZVAf4Z7rojrHpB45dr2VQ"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f156681c6ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 48, 1

GET
H2 200 contact.json Show response
therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/ 8 KB
2 KB 148ms
62ms Fetch
application/json 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/contact.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a4d9e436b9a532ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ea1a5620b0dc735bb71b1847034957ad5ff67c0185199f2d887b8d5a05e637d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:08 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 48
traceresponse: 00-179a1c5775ac050c7670b7174d256894-9bd3b64992f3e631-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000111-IAD, cache-fra-eddf8230022-FRA
server: cloudflare
etag: W/"2157-x5VufPT4NXq+RhTgyW/PF4sw0/4"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f156681e6ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 45, 1

GET
H2 200 podcast.json Show response
therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/ 172 KB
35 KB 221ms
136ms Fetch
application/json 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/podcast.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a4d9e436b9a532ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c134246479d0a86294643f8d65056c5fb4566c0715f0a089f8aa128e200f480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:08 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 48
traceresponse: 00-179a141c4d8a7ef5dc6a2994ca6b0b05-a2e7ace79dbae84f-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000134-IAD, cache-fra-eddf8230048-FRA
server: cloudflare
etag: W/"2af6a-OrmQsEj0OonhjeF713iJic82wQs"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f156681f6ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 11, 1

GET
H2 200 about.json Show response
therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/ 41 KB
7 KB 226ms
142ms Fetch
application/json 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/about.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a4d9e436b9a532ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5453685c761051beee3a1e943335b755ba7796aad17f6f2685b48c3710e091c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:08 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 48
traceresponse: 00-179a1c5772b2840972c3870ad5ed3cec-28e8d24319a5ef45-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100036-IAD, cache-fra-eddf8230057-FRA
server: cloudflare
etag: W/"a509-l7ZWb+epNCrpW5jOsTm/sBy/jik"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f15668206ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 45, 1

GET
H2 200 technology.json Show response
therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/news/ 8 KB
2 KB 270ms
188ms Fetch
application/json 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/news/technology.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a4d9e436b9a532ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4111fecbae00e5f8f4b0f78706bdbf4df459f086d0ede1453f96cfada131a3dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:08 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 48
traceresponse: 00-179a142a6e456bbb6d20f7c2df624190-2a57d889d7a9cca5-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200096-IAD, cache-fra-eddf8230099-FRA
server: cloudflare
etag: W/"20cb-9GMwI6RagGNEyllMP4kzJnxfujc"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f15668216ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 239, 1

GET
H2 200 people.json Show response
therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/news/ 8 KB
3 KB 279ms
198ms Fetch
application/json 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/news/people.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a4d9e436b9a532ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f40fa04be7a9b6d39ae4cf38fe14ff8d2c1a0f3ce0ccd6523098bb42c42658bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:08 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 48
traceresponse: 00-179a1c55a245948334d35d69e264ca44-7b3562e4555e0e57-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200149-IAD, cache-fra-etou8220046-FRA
server: cloudflare
etag: W/"20b9-veVB/9E1HVqL0SjLO5hsMzqh2zM"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f15668226ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 53, 1

GET
H2 200 nation-state.json Show response
therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/news/ 8 KB
2 KB 144ms
65ms Fetch
application/json 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/news/nation-state.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a4d9e436b9a532ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bc21cd5538cfdc6b7d696b1192084b1177ac9d0ed666afeecf34759869745ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:08 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 48
traceresponse: 00-179a142a6efac1dc3c9793c3a3511c4f-ba3a7a6455c455b0-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000042-IAD, cache-fra-eddf8230057-FRA
server: cloudflare
etag: W/"2117-LJo7G0QpQWb2RwVHbpcn36KBqTY"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f15668236ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 1339, 1

GET
H2 200 cybercrime.json Show response
therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/news/ 8 KB
2 KB 284ms
207ms Fetch
application/json 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/news/cybercrime.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a4d9e436b9a532ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35c258b76fe3fc46bdfc4a19c23e5595cc61071d412e51164c41c98760af4c6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:08 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 48
traceresponse: 00-179a142a6cf9fa449bb3728a84bb7918-cd2cb70d7bd5159e-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100135-IAD, cache-fra-etou8220087-FRA
server: cloudflare
etag: W/"20d8-e9KoOKaevNlTyN4AMqrZiHQOwvU"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f156782b6ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 771, 1

GET
H2 200 leadership.json Show response
therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/news/ 8 KB
2 KB 278ms
202ms Fetch
application/json 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/news/leadership.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a4d9e436b9a532ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

304c7476ceb2b819270cd573758576e7eb66985bd5b2a0d6f1555ecf22f9f689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:08 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 48
traceresponse: 00-179a1c55a2e4fda291ffcfde913d319b-8b0a733df11b7f7e-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000133-IAD, cache-fra-etou8220055-FRA
server: cloudflare
etag: W/"210f-msVVOJizqsSeUK3BTBeht6tiGtM"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f156782d6ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 65, 1

GET
H2 200 index.json Show response
therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/ 44 KB
11 KB 286ms
216ms Fetch
application/json 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/ptYrfTiX9dhGpisBJc4Ah/index.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a4d9e436b9a532ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e590571e99ebbf3f79a64b0005336aeccfd1ac82006a588e3a4ec0bd8fbbd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:08 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 22
traceresponse: 00-179a1e22e1a6afd00972089e852a62aa-35c1480354c5aa6b-01
x-cache: MISS, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000147-IAD, cache-fra-etou8220023-FRA
server: cloudflare
etag: W/"af6b-XsHFHwDhHiSV+1xSJwy3rLcJttc"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 82a5f156782e6ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 97ms
96ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EYNZBT8ZP2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

34ed82511bad7df3d5ab76cf398a3989de6c585da10b89c2480b31ded766a5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92921
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Nov 2023 02:22:08 GMT

GET
H2 200 64dc3ec5-330c-4652-88d3-147ee65e90ba.js Show response
j.6sc.co/j/ 6 KB
6 KB 317ms
63ms Script
application/javascript 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/64dc3ec5-330c-4652-88d3-147ee65e90ba.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-184.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 39e8ab0a041d182020ae83f95a3a1d50281858c8aa1799ddd36efaef1d27070d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 7m0OBCt5BkATksBixYP52UCbW6Y94DqA
date: Thu, 23 Nov 2023 02:22:08 GMT
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
x-amz-meta-content-type: application/json
content-length: 5748
pragma: no-cache
last-modified: Wed, 08 Nov 2023 15:40:25 GMT
server: AmazonS3
etag: "7f38a1a4384d2ace8d6716d4fa030233"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: Q9-lxmiYyOBDagBI3lyEDXXdYsVOWf7ZM9BRFbWYHxTzL5gBql28HQ==
expires: Thu, 23 Nov 2023 02:22:08 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 63 KB
17 KB 267ms
26ms Script
application/javascript 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: therecord.media
URL: https://therecord.media/cyberattack-leaked-data-nyc-bar

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

8c2b5a2945535269c1cefe505e56b663f26b3d322d35ab4fa835a24c543226dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 02:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 15 Nov 2023 22:43:30 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "65554992-fd89"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 17416
expires: Thu, 23 Nov 2023 02:22:08 GMT

POST
H2 204 matomo.php
recordedfuture.matomo.cloud/ 0
167 B 334ms
60ms Ping
text/plain 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/matomo.php?action_name=therecord.media%2FCyberattackers%20leaked%20data%20of%2027%2C000%20NYC%20Bar%20Association%20membersers&idsite=2&rec=1&r=230989&h=3&m=22&s=8&url=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&_id=aba80392171ca20c&_idn=1&send_image=0&_refts=0&pv_id=JuRVKu&fa_pv=1&fa_fp[0][fa_vid]=0PePHG&fa_fp[0][fa_fv]=1&pf_net=371&pf_srv=178&pf_tfr=18&pf_dm1=138&pf_dm2=906&pf_onl=28&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://therecord.media
date: Thu, 23 Nov 2023 02:22:08 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 configs.php Show response
recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/ 116 B
291 B 243ms
34ms Script
application/javascript 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=hstSrj&url=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 7ef246dd5947b2e66f19957a74adb2ced3622620350d0025fdb93c0b82943fe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:08 GMT
content-encoding: gzip
server: Apache
content-length: 119
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 740ms
71ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 01:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1951
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 23 Nov 2023 03:49:38 GMT

GET
H2 200 252628.js Show response
js.hs-scripts.com/ 2 KB
1 KB 762ms
96ms Script
application/javascript 104.16.190.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/252628.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b62f2cb3a1e1d13c377f857f321add6e049e0d74fd35e4b1fb27d59d259fe967

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-hubspot-correlation-id: b5266012-7c23-4cc0-91ac-c1a8d998028c
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=1972
age: 22
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b5266012-7c23-4cc0-91ac-c1a8d998028c
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 02:21:47 GMT
server: cloudflare
x-trace: 2B4719EC69D1CEAFA9543E8B08D7D7FAA4C22E8154000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://therecord.media
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-66c9b4c4f4-4xxld
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 82a5f15c3b031e14-FRA
expires: Thu, 23 Nov 2023 02:23:09 GMT

GET
H/1.1 200
OK tweet.2d13d9c81f3c2ba95ef78654d9a09632.js Show response
platform.twitter.com/js/ 8 KB
3 KB 82ms
40ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/tweet.2d13d9c81f3c2ba95ef78654d9a09632.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B91) /
Resource Hash: c1a684357f3962d1a9f8e930221d66b2be480972f48ab3017dbee0ca92bf1a11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 02:22:09 GMT
Content-Encoding: gzip
Age: 3822586
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2724
Last-Modified: Mon, 09 Oct 2023 20:29:15 GMT
Server: ECS (amb/6B91)
Etag: "f98aa7152272757269c4c8178e28219f+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 / Show response
c.6sc.co/ 7 B
192 B 62ms
39ms XHR
text/html 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:09 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 4 B
280 B 493ms
83ms XHR
text/html 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 02:22:10 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://therecord.media
cache-control: max-age=0, no-cache, no-store
6si-ipv6: null
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700706130101_35115178_1220031553_29_1328_14_38_219";dur=1
content-length: 4
expires: Thu, 23 Nov 2023 02:22:10 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 272ms
247ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=aff910fb-03aa-472e-86af-32bba23e02f9&session=04196a4e-84d2-41fc-8cd9-ffdd53153c2e&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2023%20Nov%202023%2002%3A22%3A09%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Clop%20ransomware%20gang%20claimed%20to%20have%20attacked%20the%20organization%20in%20January.%20Eleven%20months%20later%2C%20the%20New%20York%20City%20Bar%20Association%20has%20finally%20acknowledged%20the%20incident.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattackers%20leaked%20data%20of%2027%2C000%20NYC%20Bar%20Association%20membersers%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&pageViewId=be8751bd-a8cd-42bb-841c-c94abf94f107&v=1.1.11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:09 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 274ms
250ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=aff910fb-03aa-472e-86af-32bba23e02f9&session=04196a4e-84d2-41fc-8cd9-ffdd53153c2e&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2023%20Nov%202023%2002%3A22%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22f2675e8089b7d209a58fce8ad312f51c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2023%20Nov%202023%2002%3A22%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22edabaa1866fe08952dde1be9ff37302d63145f08%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2023%20Nov%202023%2002%3A22%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2023%20Nov%202023%2002%3A22%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2023%20Nov%202023%2002%3A22%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Clop%20ransomware%20gang%20claimed%20to%20have%20attacked%20the%20organization%20in%20January.%20Eleven%20months%20later%2C%20the%20New%20York%20City%20Bar%20Association%20has%20finally%20acknowledged%20the%20incident.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattackers%20leaked%20data%20of%2027%2C000%20NYC%20Bar%20Association%20membersers%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&pageViewId=be8751bd-a8cd-42bb-841c-c94abf94f107&v=1.1.11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:09 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
571 B 460ms
88ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 02:22:10 GMT
an-x-request-uuid: db1d6a95-2202-4b92-97c5-8220feec0818
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.133.93.105; 31.133.93.105; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
192 B 28ms
27ms XHR
text/html 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:09 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 6si.min.js Show response
j.6sc.co/ 63 KB
17 KB 27ms
26ms Script
application/javascript 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/j/64dc3ec5-330c-4652-88d3-147ee65e90ba.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

8c2b5a2945535269c1cefe505e56b663f26b3d322d35ab4fa835a24c543226dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 02:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 15 Nov 2023 22:43:30 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "65554992-fd89"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 17416
expires: Thu, 23 Nov 2023 02:22:09 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 222ms
220ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:09 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 247ms
247ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:09 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 249ms
248ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:09 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 248ms
247ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:09 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 262ms
251ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:10 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 264ms
253ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:10 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 266ms
256ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:10 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 252ms
249ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:10 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 258ms
255ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:10 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 259ms
257ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:10 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 301ms
271ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:10 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 310ms
280ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:10 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 image
therecord.media/_next/ 25 KB
26 KB 177ms
176ms Image
image/webp 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Fblack_friday_trends_insights_mitigating_online_shopping_scams_main_04b6039263.jpg&w=1920&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e735b96cc39e26c86bde1607206acc8e295c2c0bddfd655cf0362f262759d234

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:09 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-179a1f36e29fc5d3b9bae16d34ed63af-f834c9a4edaf8659-01
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="black_friday_trends_insights_mitigating_online_shopping_scams_main_04b6039263.webp"
content-length: 25938
x-served-by: cache-iad-kcgs7200020-IAD, cache-fra-eddf8230048-FRA
server: cloudflare
etag: 5zW5bMOeJshr3hYHIGrMjilcLAvd-WVc8DYvJidZ0jQ=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
cf-ray: 82a5f15f5c856ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 542ms
38ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EYNZBT8ZP2&gtm=45je3b81v9117850958z8832426714&_p=1700706126433&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=965624667.1700706130&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700706129&sct=1&seg=0&dl=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&dt=Cyberattackers%20leaked%20data%20of%2027%2C000%20NYC%20Bar%20Association%20membersers&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5122
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYNZBT8ZP2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 02:22:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://therecord.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
244 B 634ms
69ms Ping
text/plain 64.233.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EYNZBT8ZP2&cid=965624667.1700706130&gtm=45je3b81v9117850958z8832426714&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYNZBT8ZP2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wl-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 02:22:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://therecord.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 541ms
39ms Image
image/gif 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EYNZBT8ZP2&cid=965624667.1700706130&gtm=45je3b81v9117850958z8832426714&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=669888370

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 02:22:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 576 B
573 B 292ms
59ms XHR
application/json 18.193.0.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.0.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-0-24.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9fc50fea7f3d2c8a2352853b045c8588f74b52b95ecfb3ce452899463786218b

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
Authorization: Token 47c555096cc32557d3e6e7a333d7cb3ea692cee1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-6s-CustomID: WebTag 64dc3ec5-330c-4652-88d3-147ee65e90ba

Response headers

date: Thu, 23 Nov 2023 02:22:10 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
x-6si-region: eu-central-1a
access-control-allow-origin: https://therecord.media
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-length: 290

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 576 B
571 B 293ms
60ms XHR
application/json 18.193.0.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.0.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-0-24.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 089820c584b57296bf352bfeb26998c913b6ec7069cd1a71ef17f3d95790aac1

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
Authorization: Token 47c555096cc32557d3e6e7a333d7cb3ea692cee1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-6s-CustomID: WebTag 64dc3ec5-330c-4652-88d3-147ee65e90ba

Response headers

date: Thu, 23 Nov 2023 02:22:10 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
x-6si-region: eu-central-1a
access-control-allow-origin: https://therecord.media
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-length: 289

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 161ms
30ms Preflight 18.193.0.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.0.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-0-24.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://therecord.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://therecord.media
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Thu, 23 Nov 2023 02:22:10 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: eu-central-1a

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 159ms
29ms Preflight 18.193.0.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.0.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-0-24.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://therecord.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://therecord.media
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Thu, 23 Nov 2023 02:22:10 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: eu-central-1a

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
220 B 35ms
34ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1549869916&t=pageview&_s=1&dl=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&ul=en-us&de=UTF-8&dt=Cyberattackers%20leaked%20data%20of%2027%2C000%20NYC%20Bar%20Association%20membersers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1135135380&gjid=733603945&cid=965624667.1700706130&tid=UA-9153858-16&_gid=1429227934.1700706130&_r=1&_slc=1&gtm=45He3b81n81PVJ5W86v832426714&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=243392688

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

c6421f609cd61551ff948070601ddc54727d75ed1d42b77a65f349438ceab3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 02:22:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://therecord.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Tweet.html Show response
platform.twitter.com/embed/ Frame 44A5 345 B
918 B 29ms
26ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1614118181710475265&lang=en&origin=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&sessionId=3e05951a1095ab809f086f9ee3ca93ce0f200bcc&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA4) /
Resource Hash: 7c39b484830fe9d9a4ab6386523a55932b2798d53eda0256828c1c7019f30db5

Request headers

Referer: https://therecord.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 168
Cache-Control: public, max-age=1800
Content-Length: 345
Content-Type: text/html; charset=utf-8
Date: Thu, 23 Nov 2023 02:22:10 GMT
Etag: "f6d70a110dacf784d914a7bbb2a7d61b"
Last-Modified: Sat, 07 Oct 2023 22:50:35 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BA4)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 252628.js Show response
js.hs-banner.com/ 60 KB
16 KB 719ms
326ms Script
text/javascript 104.18.34.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9239f316beef45cfc6ba7c2b31298e0da40af5924c7c20894960238ede334d68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:10 GMT
x-amz-version-id: 1DTjZqz8w6c0vLd7dsrtWpmr4CMJx9XZ
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: KATTND5889M44RP7
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 07074f0c-236a-405d-8a2a-6d47ca5b9126
x-envoy-upstream-service-time: 32
x-amz-id-2: L2QB6vaGPYZvmKC9yPY3aHSukBiQdy70IqKnM8K3OuQtPktTzrhetGAO3kh8G+ENyiaHbpZxrSY=
x-evy-trace-listener: listener_https
x-request-id: 07074f0c-236a-405d-8a2a-6d47ca5b9126
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 17 Apr 2023 14:55:34 GMT
server: cloudflare
etag: W/"07022bb1d6cfa926ffae0fefc0ebffb7"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://therecord.media
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-576b4d6667-zfdp8
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 82a5f163cc1f18c9-FRA
expires: Thu, 23 Nov 2023 02:27:10 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 78 KB
23 KB 652ms
145ms Script
application/javascript 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5b3233d5d02cfdfc077b3e67483603395059c3fb90f3e0bbf376d43e84e7c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.700/bundles/project.js&cfRay=82a5f165bf7bbbe5-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"4e97934db1377f0d43c2d27811add59e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.700/bundles/project.js
date: Thu, 23 Nov 2023 02:22:10 GMT
x-amz-version-id: IoSVIvmdsNDANnV4L0lMf2ovJHFGDTUt
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 8f7bed5b-b181-419a-abfe-7adff8d9772b
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-evy-trace-route-configuration: listener_https/all
x-request-id: 8f7bed5b-b181-419a-abfe-7adff8d9772b
last-modified: Wed, 22 Nov 2023 11:55:20 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAsLKGJXsE09JbkdvqDB4se0AOAiXq57E2YEKArfbHlQMRqzi4VhKspc%2FoyBELGpp0ugAzKCpmKCrRdOQ9gXeS%2F0XJs3e%2F6v2FO1NIeylrjjMXYoKCgxL3%2FsDsc50I9R"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7b7f9459cc-ccl4z
cf-ray: 82a5f165bf7bbbe5-FRA
x-amz-cf-id: 1CoyGAQR4zHVI48lX9FpJmNiuxsOlvTfPhTF6VpyBdEba0UE3ltm7Q==

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
88 KB 540ms
33ms Script
application/javascript 104.18.125.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.125.12 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee041148b4d2b4bfb2a9dbff837265a3484bb6ef80a18174ee45309237654c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-encoding: br
age: 48064
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1275/bundle/main/lead-flows-release.js&cfRay=82a15beff8339042-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"df7c200fc1e8a1a0c9d50df4fbec7e86"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1275/bundle/main/lead-flows-release.js
date: Thu, 23 Nov 2023 02:22:10 GMT
x-amz-version-id: RTyeMetKvg_dT1r75rKZucXAeC83sdPJ
via: 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: ba604cf4-61cd-4d5d-bc6a-eb6be87ec62f
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 10
x-evy-trace-route-configuration: listener_https/all
x-request-id: ba604cf4-61cd-4d5d-bc6a-eb6be87ec62f
last-modified: Wed, 25 Oct 2023 14:35:17 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7b7f9459cc-q5s2s
cf-ray: 82a5f165b8cabbbf-FRA
x-amz-cf-id: BUY_yEQz63hP3MCGGYPo8M7XCp18ywzX3Gu9w51nlfYCUz_2-d79Zw==

GET
H2 200 252628.js Show response
js.hs-analytics.net/analytics/1700706000000/ 67 KB
21 KB 704ms
198ms Script
text/javascript 104.16.78.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1700706000000/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.78.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3c7d955218a0234e7e7305226cf4b816ba28a798d23f6e9d390d51f618f4391

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:11 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: CKH6BRAE0MZSKSQ5
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: ff4208fd-0a63-45eb-8718-593bfc8c917b
x-envoy-upstream-service-time: 41
x-amz-id-2: 6roMVe2z8uIEv1wPoxfTcTuSyIHlmOcLfuuP6UzBz99bXpeGFHQ3tFxDMtU+FEgTrRdju2wGzTS59TEZAt7G27XpTcx7EysOGvdVsChe/iQ=
x-evy-trace-listener: listener_https
x-request-id: ff4208fd-0a63-45eb-8718-593bfc8c917b
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 15 Nov 2023 17:11:58 GMT
server: cloudflare
etag: W/"2339bb23fde7cfa726c0931328200b59"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6849bc8697-s9pg8
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 82a5f165bbcc2c4a-FRA
expires: Thu, 23 Nov 2023 02:27:10 GMT

GET
H/1.1 200
OK embed.runtime.30e39e232aef74d6b314.js Show response
platform.twitter.com/embed/ Frame 44A5 9 KB
5 KB 101ms
31ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1614118181710475265&lang=en&origin=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&sessionId=3e05951a1095ab809f086f9ee3ca93ce0f200bcc&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B91) /
Resource Hash: 54e0bff3b45c5a11d6cbc7173c2bc1f95ed306d1dc968edd966ce6747c2ab6a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1614118181710475265&lang=en&origin=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&sessionId=3e05951a1095ab809f086f9ee3ca93ce0f200bcc&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 02:22:10 GMT
Content-Encoding: gzip
Age: 3822588
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 4231
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (amb/6B91)
Etag: "a94f2c8e562dd94ba8264b04299bbc31+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.9449.143d97ea3ade6f4824dc.js Show response
platform.twitter.com/embed/ Frame 44A5 488 KB
160 KB 119ms
49ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.9449.143d97ea3ade6f4824dc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1614118181710475265&lang=en&origin=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&sessionId=3e05951a1095ab809f086f9ee3ca93ce0f200bcc&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B79) /
Resource Hash: d821142be15916ca24d5c5257de8c518b37021e70b346af8e96cbd3aac5a1971

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1614118181710475265&lang=en&origin=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&sessionId=3e05951a1095ab809f086f9ee3ca93ce0f200bcc&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 02:22:10 GMT
Content-Encoding: gzip
Age: 3822588
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 162768
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (amb/6B79)
Etag: "a096d4d712d8664b5f72fc16777f624e+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.Tweet.61c9a11318b778002223.js Show response
platform.twitter.com/embed/ Frame 44A5 33 KB
14 KB 99ms
32ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.61c9a11318b778002223.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1614118181710475265&lang=en&origin=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&sessionId=3e05951a1095ab809f086f9ee3ca93ce0f200bcc&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7E) /
Resource Hash: a293e1e62926607a91fac1e70be95cff6b357be1162f8425a4ed1aba339e186d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1614118181710475265&lang=en&origin=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&sessionId=3e05951a1095ab809f086f9ee3ca93ce0f200bcc&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 02:22:10 GMT
Content-Encoding: gzip
Age: 3822588
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 14004
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (amb/6B7E)
Etag: "72cf5b19f8c06f163ed659346b6c0234+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 / Show response
c.6sc.co/ 47 B
233 B 154ms
58ms XHR
text/plain 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d32d879bc4c2194ec1e98dc6ecb768457071ce1185ca52abb63e91390d3de573

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:10 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/plain
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 47

GET
H2 200 / Show response
ipv6.6sc.co/ 4 B
278 B 378ms
282ms XHR
text/html 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 02:22:10 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://therecord.media
cache-control: max-age=0, no-cache, no-store
6si-ipv6: null
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700706130571_35115178_1220031612_15_859_11_0_219";dur=1
content-length: 4
expires: Thu, 23 Nov 2023 02:22:10 GMT

GET
H2 404 js
www.googletagmanager.com/gtag/ 0
0 54ms
53ms Script
text/html 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtag/js?id=G-F540L9EG7D&cx=c&_slc=1
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f8.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ef46db3751d8e999.css Show response
therecord.media/_next/static/css/ 0
475 B 100ms
66ms Fetch
text/css 172.64.155.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/css/ef46db3751d8e999.css

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a4d9e436b9a532ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/cyberattack-leaked-data-nyc-bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:10 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 1255031
traceresponse: 00-1795a9c57dfc4c4701d59344391904cb-26be8b2487cb2d39-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 0
x-served-by: cache-iad-kcgs7200091-IAD, cache-fra-eddf8230090-FRA
last-modified: Wed, 01 Nov 2023 12:29:05 GMT
server: cloudflare
etag: W/"0-18b8adbd6d5"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
cf-ray: 82a5f1632e8c6ab9-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 7543, 5

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 41ms
41ms Image
image/gif 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1549869916&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&ul=en-us&de=UTF-8&dt=Cyberattackers%20leaked%20data%20of%2027%2C000%20NYC%20Bar%20Association%20membersers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=965624667.1700706130&tid=UA-9153858-16&_gid=1429227934.1700706130&gtm=45He3b81n81PVJ5W86v832426714&cd1=&cd2=&cd3=&cd4=&cd5=&cd8=&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=2146293026

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 21:23:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17914
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 78ms
0ms Image
image/gif 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 21:23:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17914
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK embed.749.467388cca0b3fe9c3291.js Show response
platform.twitter.com/embed/ Frame 44A5 19 KB
7 KB 30ms
26ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB5) /
Resource Hash: afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1614118181710475265&lang=en&origin=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&sessionId=3e05951a1095ab809f086f9ee3ca93ce0f200bcc&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 02:22:10 GMT
Content-Encoding: gzip
Age: 3822588
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 6789
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (amb/6BB5)
Etag: "d3483b9c737e990765e6ba56d01154a3+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.i18n.en-js.3605b847d2e4afc15c0d.js Show response
platform.twitter.com/embed/ Frame 44A5 4 KB
2 KB 29ms
25ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.3605b847d2e4afc15c0d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B86) /
Resource Hash: dd59c3bc5375338336d621772a3e26ecf1f58c7253cc5e3dcf802047173a84b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1614118181710475265&lang=en&origin=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&sessionId=3e05951a1095ab809f086f9ee3ca93ce0f200bcc&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 02:22:10 GMT
Content-Encoding: gzip
Age: 3822588
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 1583
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (amb/6B86)
Etag: "11ef2c964d5d614da8c769c495a8855b+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.horizon-web.i18n.en-js.d681a6dcae4601184824.js Show response
platform.twitter.com/embed/ Frame 44A5 35 KB
12 KB 29ms
27ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.d681a6dcae4601184824.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7E) /
Resource Hash: a5cd8ec73857ce3a975bf82836e2e5b43c1e3ab5ee56dfa26e45172914226f60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1614118181710475265&lang=en&origin=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&sessionId=3e05951a1095ab809f086f9ee3ca93ce0f200bcc&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 02:22:10 GMT
Content-Encoding: gzip
Age: 3822588
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 11289
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (amb/6B7E)
Etag: "df117930505b95292615fd76b0e9369c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 245ms
245ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=b8d01702c5d6130051b75e65dd03000052930f00&visitor=aff910fb-03aa-472e-86af-32bba23e02f9&session=04196a4e-84d2-41fc-8cd9-ffdd53153c2e&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2023%20Nov%202023%2002%3A22%3A10%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2023%20Nov%202023%2002%3A22%3A09%20GMT%22%2C%22timeSpent%22%3A%221125%22%2C%22totalTimeSpent%22%3A%221125%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Clop%20ransomware%20gang%20claimed%20to%20have%20attacked%20the%20organization%20in%20January.%20Eleven%20months%20later%2C%20the%20New%20York%20City%20Bar%20Association%20has%20finally%20acknowledged%20the%20incident.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattackers%20leaked%20data%20of%2027%2C000%20NYC%20Bar%20Association%20membersers%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&pageViewId=be8751bd-a8cd-42bb-841c-c94abf94f107&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:11 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK embed.9203.97b040640e3b329435c9.js Show response
platform.twitter.com/embed/ Frame 44A5 267 KB
82 KB 26ms
25ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.9203.97b040640e3b329435c9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC6) /
Resource Hash: 1c009f307e70e03237797c7e3bbcc29fb1e683086cd36fe298cecdd8457921cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1614118181710475265&lang=en&origin=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&sessionId=3e05951a1095ab809f086f9ee3ca93ce0f200bcc&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 02:22:10 GMT
Content-Encoding: gzip
Age: 3822588
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 83738
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (amb/6BC6)
Etag: "691b9586fce0d937b25fcf4f3130bc97+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.Tweet.af3480c242f6c21a47e5.js Show response
platform.twitter.com/embed/ Frame 44A5 88 KB
21 KB 24ms
24ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.af3480c242f6c21a47e5.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA5) /
Resource Hash: 37442f83b7b4a4b95f0bf937cc8a545b218593f4d37f9176ab91374ba36894f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1614118181710475265&lang=en&origin=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&sessionId=3e05951a1095ab809f086f9ee3ca93ce0f200bcc&theme=light&widgetsVersion=01917f4d1d4cb%3A1696883169554&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 02:22:10 GMT
Content-Encoding: gzip
Age: 3822588
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 20752
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (amb/6BA5)
Etag: "984e7cbd45e0ff91dc7b610ed59f333d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 tweet-result Show response
cdn.syndication.twimg.com/ Frame 44A5 3 KB
2 KB 616ms
176ms XHR
application/json 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3A%3Btfw_follower_count_sunset%3Atrue%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_fosnr_soft_interventions_enabled%3Aon%3Btfw_mixed_media_15897%3Atreatment%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_show_birdwatch_pivots_enabled%3Aon%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_use_profile_image_shape_enabled%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_legacy_timeline_sunset%3Atrue%3Btfw_tweet_edit_frontend%3Aon&id=1614118181710475265&lang=en&token=3wuwgre4v8c&kckisx=wd8j40h9un7&yt8m7d=4ezm8s1jbszx&wna7aj=1d48psso9t1c&lh4d65=1cpiq85h789r&vug83s=4pj88pga3vd&nzhgy6=9no83s9182nb&r9on00=2yb17e833la8&rsq86o=7gycf80trrjj&wokowo=9no83s9182nb

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.9449.143d97ea3ade6f4824dc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Marlborough, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f / Express

Resource Hash

999d1225cf2dff452d367eb9e51d40b9558e2a76562676404b88e6fd13e5ee92

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
x-powered-by: Express
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ
content-length: 1120
x-response-time: 134
server: tsa_f
etag: W/"aa2-bk8Azh/xAdHnYlprjUBv6vQhaqQ"
vary: Accept-Encoding, Accept-Language
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 611570a08548db1f
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 2a0563f898bdaee749d28c6beab957f05cca1cb9eea707a466b75bba7711902c
x-tw-cdn: VZ, VZ, VZ
access-contol-allow-origin: platform.twitter.com

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 369 B
1 KB 207ms
206ms Fetch
application/json 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=252628&currentUrl=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14103b64df9857f9f7ad1f02efaafba97ce4772e8d8b448857de69c3537c338d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 4f54f42c-732c-4283-864c-861db6c2095b
content-encoding: br
x-envoy-upstream-service-time: 13
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4f54f42c-732c-4283-864c-861db6c2095b
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://therecord.media
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLgGzF1SKtB6%2FBt2kzrXygzFEy1WhqxQ3C1HGiDqumlufl3voAlOlgGaMakyeHx2EymDqvKuYXlMeeRpB4uVr3KVOhv9p1R6HJ1wjiaBra71nbF%2BKco0nCNiTpB%2FxTYhrbGQs2haxO1yCrMrPyE%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 82a5f1675886bbe5-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-56dcc87b5c-w6knk

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 500ms
137ms Image
image/gif 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4100969504&v=1.1&a=252628&pu=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&t=Cyberattackers+leaked+data+of+27%2C000+NYC+Bar+Association+membersers&cts=1700706131114&vi=f93708ae1617bd39de35968451b5c13e&nc=true&u=156209188.f93708ae1617bd39de35968451b5c13e.1700706131102.1700706131102.1700706131102.1&b=156209188.1.1700706131102&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 85da8420-6faf-40d1-a242-cd9954881db8
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 85da8420-6faf-40d1-a242-cd9954881db8
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KekQeY4fEmAvB0GXUM1NrPhOt2eOUPJA6w8xFfDjhF7X2o5SjYlF8zUaJEAB5Peq8Y80EBRINdmkqDAd8QcmKTHg16%2Fkuy5LvwV142ZhlSQQmiXLHDOQh23SUuYxVWu7HAnb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7d79fcfc45-gxskm
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 82a5f169dc561e56-FRA
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 2 KB
2 KB 166ms
165ms XHR
application/json 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=252628&utk=f93708ae1617bd39de35968451b5c13e&__hstc=156209188.f93708ae1617bd39de35968451b5c13e.1700706131102.1700706131102.1700706131102.1&__hssc=156209188.1.1700706131102&currentUrl=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf8d514deb5862c37b665da9a12a30ac8c48a8ec089639bf4ff66fea87b3b948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 48972e7a-7966-4c52-a676-3e37d621b7ab
content-encoding: br
x-envoy-upstream-service-time: 22
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 48972e7a-7966-4c52-a676-3e37d621b7ab
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://therecord.media
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LiacnaTFLKfMBGndh%2FWziFDT%2FM1zrYbJLAIRzCa5%2BbzrCd533HaMwXz9kMYMFD6sNzFzsmZ24Iu8jh3QLvnq11FmqEDu879PGsOWT1VzES4D%2BOcUog%2FD47H2SZYop1GrqKu"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 82a5f16798b5bbe5-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-56dcc87b5c-2mvph

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 511ms
131ms Image
image/gif 104.18.160.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.125 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 02:22:11 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: cf78abd5-8780-46c4-b6e1-1af9f533f9b7
x-envoy-upstream-service-time: 1
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cf78abd5-8780-46c4-b6e1-1af9f533f9b7
Last-Modified: Thu, 23 Nov 2023 02:22:11 GMT
Server: cloudflare
X-Trace: 2BBCA04EAF7F9F0BB622C531EBF6E90D9DC90A02B7000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-56dcc87b5c-lr4lv
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 82a5f16abada1c8b-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
728 B 317ms
140ms Image
image/gif 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=1b047a85-2db0-47ce-a965-8fa2de5a991b&lfi=2694169&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4100969504&v=1.1&a=252628&pu=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&t=Cyberattackers+leaked+data+of+27%2C000+NYC+Bar+Association+membersers&cts=1700706131308&vi=f93708ae1617bd39de35968451b5c13e&nc=true&u=156209188.f93708ae1617bd39de35968451b5c13e.1700706131102.1700706131102.1700706131102.1&b=156209188.1.1700706131102&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a43596dc-c154-472e-b4fb-2762bbf23fcc
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 9
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a43596dc-c154-472e-b4fb-2762bbf23fcc
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okPp%2FKdZGsZMGTGpB0UzoF78JCeN22gQ6CG7H7C0st2qjijEHNEWL06Q7D%2FHD69IfnF1EKXJietVXQrXr1pp%2FIClDxY0X0CKOCaAqDgSn2UnUkP89E3VesgOAoOX5QVfJZjo"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7d79fcfc45-sxfh7
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 82a5f169dc581e56-FRA
x-robots-tag: none

GET
H2 200 embeds
syndication.twitter.com/i/jot/ Frame 44A5 43 B
145 B 375ms
374ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1700706131693%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%222423e1d6feef8%3A1696717678980%22%2C%22item_ids%22%3A%5B%221614118181710475265%22%5D%2C%22item_details%22%3A%7B%221614118181710475265%22%3A%7B%22item_type%22%3A0%7D%7D%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 109
date: Thu, 23 Nov 2023 02:22:11 GMT
strict-transport-security: max-age=631138519
last-modified: Thu, 23 Nov 2023 02:22:11 GMT
server: tsa_f
vary: Origin
content-type: image/gif
x-transaction-id: 29e7c8ab32627125
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 6374ff804f748e8a8c0cd706c437e1077671cf6f919f1602f636bed613533d68
content-length: 43

GET
H2 200 FplPKGMF_normal.jpg
pbs.twimg.com/profile_images/1554826323365085184/ Frame 44A5 2 KB
3 KB 465ms
25ms Image
image/jpeg 93.184.220.70
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1554826323365085184/FplPKGMF_normal.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BC8) /

Resource Hash

b927c7bb2affcbad9facd49f8f71ef04e69b7de8eb4feb073133722f3b3027c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:12 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 29998
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 2491
x-response-time: 106
surrogate-key: profile_images profile_images/bucket/1 profile_images/1554826323365085184
last-modified: Wed, 03 Aug 2022 13:45:37 GMT
server: ECS (amb/6BC8)
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 6e51a3a70467bb73
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: bd7a9914fa0c5f4fc30cb91cace533ec2e470c1c2ec073fb0c53510c9a3bced9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FmZ_4rHXwAIWlHY
pbs.twimg.com/media/ Frame 44A5 5 KB
5 KB 472ms
34ms Image
image/jpeg 93.184.220.70
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FmZ_4rHXwAIWlHY?format=jpg&name=360x360

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B8E) /

Resource Hash

e4b14522e1eded56479f5a9217eb0f6be41c95070153b9b2c2d0b062e0b0b69f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:12 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 1046
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 5369
x-response-time: 145
surrogate-key: media media/bucket/3 media/1614118128081944578
last-modified: Sat, 14 Jan 2023 04:30:05 GMT
server: ECS (amb/6B8E)
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 3742fe1025d096fd
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: efa477cadf841d22601a0a2d732cafcf3a7c334732848ef64ddd3803e6be054c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FmZ_4rHXwAIWlHY
pbs.twimg.com/media/ Frame 44A5 15 KB
15 KB 470ms
35ms Image
image/jpeg 93.184.220.70
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FmZ_4rHXwAIWlHY?format=jpg&name=small

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B8E) /

Resource Hash

f626daded31b8168aad17dafb652264cf9e8b357847eb21335c8bab1a761a7c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:12 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 18310
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 15553
x-response-time: 254
surrogate-key: media media/bucket/3 media/1614118128081944578
last-modified: Sat, 14 Jan 2023 04:30:05 GMT
server: ECS (amb/6B8E)
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 9180235adf489151
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 1dab8c926f9eaeaa02e8bf391cc823a738f4db4a71eee5d8f606ed91c74fe9e7
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 452ms
452ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=b8d01702c5d6130051b75e65dd03000052930f00&visitor=aff910fb-03aa-472e-86af-32bba23e02f9&session=04196a4e-84d2-41fc-8cd9-ffdd53153c2e&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2023%20Nov%202023%2002%3A22%3A11%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2023%20Nov%202023%2002%3A22%3A10%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222126%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Clop%20ransomware%20gang%20claimed%20to%20have%20attacked%20the%20organization%20in%20January.%20Eleven%20months%20later%2C%20the%20New%20York%20City%20Bar%20Association%20has%20finally%20acknowledged%20the%20incident.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattackers%20leaked%20data%20of%2027%2C000%20NYC%20Bar%20Association%20membersers%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&pageViewId=be8751bd-a8cd-42bb-841c-c94abf94f107&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:12 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 embeds
syndication.twitter.com/i/jot/ Frame 44A5 43 B
119 B 272ms
272ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1700706131939%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%222423e1d6feef8%3A1696717678980%22%2C%22item_ids%22%3A%5B%221614118181710475265%22%5D%2C%22item_details%22%3A%7B%221614118181710475265%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1814.599998474121%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 117
date: Thu, 23 Nov 2023 02:22:11 GMT
strict-transport-security: max-age=631138519
last-modified: Thu, 23 Nov 2023 02:22:12 GMT
server: tsa_f
vary: Origin
content-type: image/gif
x-transaction-id: b2d3bc4468205af7
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 6374ff804f748e8a8c0cd706c437e1077671cf6f919f1602f636bed613533d68
content-length: 43

GET
H2 200 iphone-cd1.jpg
go.recordedfuture.com/hubfs/ 83 KB
85 KB 463ms
53ms Image
image/webp 199.60.103.2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.recordedfuture.com/hubfs/iphone-cd1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab221b9e81a8439634c9f73c15c96457f75d3632fea1f6256fa4833acc6a314a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-99167145604,P-252628,FLS-ALL
age: 761439
x-amz-request-id: BKCS81MFQGXM7MV0
x-amz-server-side-encryption: AES256
edge-cache-tag: F-99167145604,P-252628,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="iphone-cd1.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "f5c3d1b581a50e5c3637310137a43f0e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1674144065940
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 23 Nov 2023 02:22:12 GMT
strict-transport-security: max-age=31536000
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CyJHfLHHqfqm77ShwrX4xZ78eMxn5Xvx
x-amz-cf-pop: FRA56-C1
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=229013
x-cache: Miss from cloudfront
cache-tag: F-99167145604,P-252628,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 85082
x-amz-id-2: Q/iCa321ldXoPG0FIA/CaLKrEkqiVEg8wFHtojAZ+EI5575oLHDCfsm5dxddix6tuYVKKFpxkwU=
last-modified: Thu, 19 Jan 2023 16:01:07 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZA9HjyfA2Vs6o4IM3hA9InEsjAffsjzwrJ1fPiwFkpAXLymQ0jw4h%2FMTbkAyyubmkHWcL0Cz99toCG5tgg2YXp9Gqu%2F1fKm%2Fj5BHPxhOiFggalBs4Z0aAbTTmgkSCgP3UrHw%2B%2Fb3g%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 82a5f1718de41c19-FRA
x-amz-cf-id: DBVjXdcuhwarJFZDKv_roYt8RpCfc-7egaxHIdQbwuRnNw7xg2otlA==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 232ms
231ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=b8d01702c5d6130051b75e65dd03000052930f00&visitor=aff910fb-03aa-472e-86af-32bba23e02f9&session=04196a4e-84d2-41fc-8cd9-ffdd53153c2e&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2023%20Nov%202023%2002%3A22%3A12%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2023%20Nov%202023%2002%3A22%3A11%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223127%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Clop%20ransomware%20gang%20claimed%20to%20have%20attacked%20the%20organization%20in%20January.%20Eleven%20months%20later%2C%20the%20New%20York%20City%20Bar%20Association%20has%20finally%20acknowledged%20the%20incident.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattackers%20leaked%20data%20of%2027%2C000%20NYC%20Bar%20Association%20membersers%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&pageViewId=be8751bd-a8cd-42bb-841c-c94abf94f107&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:13 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 225ms
223ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=b8d01702c5d6130051b75e65dd03000052930f00&visitor=aff910fb-03aa-472e-86af-32bba23e02f9&session=04196a4e-84d2-41fc-8cd9-ffdd53153c2e&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2023%20Nov%202023%2002%3A22%3A13%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2023%20Nov%202023%2002%3A22%3A12%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%224130%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Clop%20ransomware%20gang%20claimed%20to%20have%20attacked%20the%20organization%20in%20January.%20Eleven%20months%20later%2C%20the%20New%20York%20City%20Bar%20Association%20has%20finally%20acknowledged%20the%20incident.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattackers%20leaked%20data%20of%2027%2C000%20NYC%20Bar%20Association%20membersers%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&pageViewId=be8751bd-a8cd-42bb-841c-c94abf94f107&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:14 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 222ms
220ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=b8d01702c5d6130051b75e65dd03000052930f00&visitor=aff910fb-03aa-472e-86af-32bba23e02f9&session=04196a4e-84d2-41fc-8cd9-ffdd53153c2e&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2023%20Nov%202023%2002%3A22%3A14%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2023%20Nov%202023%2002%3A22%3A13%20GMT%22%2C%22timeSpent%22%3A%221008%22%2C%22totalTimeSpent%22%3A%225138%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Clop%20ransomware%20gang%20claimed%20to%20have%20attacked%20the%20organization%20in%20January.%20Eleven%20months%20later%2C%20the%20New%20York%20City%20Bar%20Association%20has%20finally%20acknowledged%20the%20incident.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattackers%20leaked%20data%20of%2027%2C000%20NYC%20Bar%20Association%20membersers%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&pageViewId=be8751bd-a8cd-42bb-841c-c94abf94f107&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:15 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 228ms
228ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=b8d01702c5d6130051b75e65dd03000052930f00&visitor=aff910fb-03aa-472e-86af-32bba23e02f9&session=04196a4e-84d2-41fc-8cd9-ffdd53153c2e&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2023%20Nov%202023%2002%3A22%3A15%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2023%20Nov%202023%2002%3A22%3A14%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%226141%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Clop%20ransomware%20gang%20claimed%20to%20have%20attacked%20the%20organization%20in%20January.%20Eleven%20months%20later%2C%20the%20New%20York%20City%20Bar%20Association%20has%20finally%20acknowledged%20the%20incident.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattackers%20leaked%20data%20of%2027%2C000%20NYC%20Bar%20Association%20membersers%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&pageViewId=be8751bd-a8cd-42bb-841c-c94abf94f107&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:16 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 219ms
219ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=b8d01702c5d6130051b75e65dd03000052930f00&visitor=aff910fb-03aa-472e-86af-32bba23e02f9&session=04196a4e-84d2-41fc-8cd9-ffdd53153c2e&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2023%20Nov%202023%2002%3A22%3A16%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2023%20Nov%202023%2002%3A22%3A15%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%227142%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Clop%20ransomware%20gang%20claimed%20to%20have%20attacked%20the%20organization%20in%20January.%20Eleven%20months%20later%2C%20the%20New%20York%20City%20Bar%20Association%20has%20finally%20acknowledged%20the%20incident.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattackers%20leaked%20data%20of%2027%2C000%20NYC%20Bar%20Association%20membersers%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcyberattack-leaked-data-nyc-bar&pageViewId=be8751bd-a8cd-42bb-841c-c94abf94f107&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:22:17 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.therecord.media/	1970-01-21 01:51:01	Name: _pk_id.2.de70 Value: aba80392171ca20c.1700706128.
.therecord.media/	1970-01-20 16:25:07	Name: _pk_ses.2.de70 Value: 1
therecord.media/	1970-01-21 02:01:06	Name: _gd_visitor Value: aff910fb-03aa-472e-86af-32bba23e02f9
therecord.media/	1970-01-20 16:25:20	Name: _gd_session Value: 04196a4e-84d2-41fc-8cd9-ffdd53153c2e
.therecord.media/	1970-01-21 02:01:06	Name: _ga_EYNZBT8ZP2 Value: GS1.1.1700706129.1.0.1700706129.60.0.0
.therecord.media/	1970-01-21 02:01:06	Name: _ga Value: GA1.2.965624667.1700706130
.therecord.media/	1970-01-20 16:26:32	Name: _gid Value: GA1.2.1429227934.1700706130
.therecord.media/	1970-01-20 16:25:06	Name: _gat_UA-9153858-16 Value: 1
.6sc.co/	1970-01-21 02:01:06	Name: 6suuid Value: b8d01702c5d6130051b75e65dd03000052930f00
therecord.media/	1970-01-20 16:35:10	Name: _an_uid Value: 0
therecord.media/	1970-01-21 02:01:06	Name: _gd_svisitor Value: b8d01702c5d6130051b75e65dd03000052930f00
.therecord.media/	1970-01-20 20:44:18	Name: __hstc Value: 156209188.f93708ae1617bd39de35968451b5c13e.1700706131102.1700706131102.1700706131102.1
.therecord.media/	1970-01-20 20:44:18	Name: hubspotutk Value: f93708ae1617bd39de35968451b5c13e
.therecord.media/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.therecord.media/	1970-01-20 16:25:07	Name: __hssc Value: 156209188.1.1700706131102
.hubspot.com/	1970-01-20 16:25:07	Name: __cf_bm Value: r72M5Rx8ciPkh47bGFtvyixsVvRhnLV_bKdpEHoaH7o-1700706131-0-AelZbPNJHLhNbJi3rQ2IUEF8ozOmErKvygKzVZrNNniJFjpDaKn7W77aSFiBu+L9pmPzVdIiw8dTtNvRBy18SRw=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: ZIh3zbSB.miLkGt8Ilke8l3biDFRVbewaLynW4jcug0-1700706131612-0-604800000
.go.recordedfuture.com/	1970-01-20 16:25:07	Name: __cf_bm Value: zbs2.clDO8SdVahOnOz.iUvLR_WyTwDiVx7dVi6RmBs-1700706132-0-AToyLekNWqZSHROmQEiYgUrwveQn+vpHuXKBV3Pv4GgYjPX/XKpBC/bdRGh+jB0NiYYfKQ42aPSJ7dGZYI7Q8tY=
.go.recordedfuture.com/	1969-12-31 23:59:59	Name: __cfruid Value: aa84d5fb1a4c05ca69db92e12ca5e9a12a99c873-1700706132

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.googletagmanager.com/gtag/js?id=G-F540L9EG7D&cx=c&_slc=1 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.6sc.co
c.6sc.co
cdn.matomo.cloud
cdn.syndication.twimg.com
cms.therecord.media
cta-service-cms2.hubspot.com
epsilon.6sense.com
forms.hubspot.com
go.recordedfuture.com
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
js.hubspot.com
pbs.twimg.com
perf-na1.hsforms.com
platform.twitter.com
recordedfuture.matomo.cloud
region1.analytics.google.com
secure.adnxs.com
stats.g.doubleclick.net
syndication.twitter.com
therecord.media
track.hubspot.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.recordedfuture.com
104.16.190.89
104.16.78.186
104.18.125.12
104.18.160.125
104.18.34.229
104.19.155.83
104.244.42.136
13.32.27.49
142.250.184.200
142.250.184.227
142.250.184.238
172.64.144.145
172.64.155.75
18.193.0.24
185.89.210.153
192.229.233.50
199.60.103.2
216.239.32.36
3.126.133.169
64.233.167.154
93.184.220.66
93.184.220.70
95.101.111.170
95.101.111.184
01d876470991edc38b957d70eb1f344f7102884bd1173f1df1bdfff8602dd8b9
04c7bd8acf65fb3710235e4be01a7c4d661638f9917c4c56a818fbcc89990fb1
089820c584b57296bf352bfeb26998c913b6ec7069cd1a71ef17f3d95790aac1
11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029
1316977a854f25689e72527007b6254a726799eae07123b23392d71b50f17305
14103b64df9857f9f7ad1f02efaafba97ce4772e8d8b448857de69c3537c338d
1c009f307e70e03237797c7e3bbcc29fb1e683086cd36fe298cecdd8457921cf
2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470
304c7476ceb2b819270cd573758576e7eb66985bd5b2a0d6f1555ecf22f9f689
30feee9f683a56e5cc039a8d44d0d58897cfb99fc01cf44a39c59bba882e6949
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3303db9454ead61f24fc598ad2a9d64aebd739493d1a07fffe1d1ead71b9419c
34ed82511bad7df3d5ab76cf398a3989de6c585da10b89c2480b31ded766a5d6
35c258b76fe3fc46bdfc4a19c23e5595cc61071d412e51164c41c98760af4c6a
37442f83b7b4a4b95f0bf937cc8a545b218593f4d37f9176ab91374ba36894f3
39e8ab0a041d182020ae83f95a3a1d50281858c8aa1799ddd36efaef1d27070d
3c134246479d0a86294643f8d65056c5fb4566c0715f0a089f8aa128e200f480
4111fecbae00e5f8f4b0f78706bdbf4df459f086d0ede1453f96cfada131a3dd
494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a
4b2c7013a195a3d74c9f7882e583bfe84db280ca66ef25e7ffe42e8d1b0edb7b
4b73949e7c2e7b93e9f295476e689bddb6a1f5ed7aeb97054369aa6f908e34d4
5453685c761051beee3a1e943335b755ba7796aad17f6f2685b48c3710e091c1
54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7
54e0bff3b45c5a11d6cbc7173c2bc1f95ed306d1dc968edd966ce6747c2ab6a8
67a279ab820fb834829c295735b1655c0293fcb6835be195d2d533ed88017dad
6a66777a430e8ef5d61a9c202d81c2baa3eabe9f3ef6e68b2a0682ab28c94529
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6fb3140db2839cabd3662044ef7791206df377b2211046abc71dd039f05fe082
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
79c8691c3b05d24ad461dc18268c973c2fef5ae05eae7914eba37f482126a808
7a58b388aa664a867aed1d7003f116976a39a3b313ba508664f0a9c40e584d72
7c39b484830fe9d9a4ab6386523a55932b2798d53eda0256828c1c7019f30db5
7c56de6fc51c1bb06a7beb004bfbd0a3411f7bda7d3b47755347fd9e8547ea8a
7ef246dd5947b2e66f19957a74adb2ced3622620350d0025fdb93c0b82943fe6
80b4dbc69bdce79e39361154bafc9c67b20c91277797b34f2752cb2a5450d9e5
817a0c20d7d4ed15d8206f1e6554b05103ddfd6cf48944757f1f315585bbc201
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e590571e99ebbf3f79a64b0005336aeccfd1ac82006a588e3a4ec0bd8fbbd0
856d8806707a99ce11ae0f1b50bdf4f3ae32c4742d0fd6d4eaaaaf3e4da5bf9f
8c2b5a2945535269c1cefe505e56b663f26b3d322d35ab4fa835a24c543226dc
8e7e3a9c1e7f9a96bc30812e1746bc642b213e0c5582ee850dcb0ff99fe5f565
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
9239f316beef45cfc6ba7c2b31298e0da40af5924c7c20894960238ede334d68
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
999d1225cf2dff452d367eb9e51d40b9558e2a76562676404b88e6fd13e5ee92
9bc21cd5538cfdc6b7d696b1192084b1177ac9d0ed666afeecf34759869745ae
9ea1a5620b0dc735bb71b1847034957ad5ff67c0185199f2d887b8d5a05e637d
9fc50fea7f3d2c8a2352853b045c8588f74b52b95ecfb3ce452899463786218b
a0b1f949528f7a3a2d2ff3b6df67c6c1b5cb8f62a2eba6eb5e06adff2d5795f3
a293e1e62926607a91fac1e70be95cff6b357be1162f8425a4ed1aba339e186d
a4b10af1bc9d4772cf4692212f07b5f56e49012a5061832829e0daabd45b0555
a5cd8ec73857ce3a975bf82836e2e5b43c1e3ab5ee56dfa26e45172914226f60
ab221b9e81a8439634c9f73c15c96457f75d3632fea1f6256fa4833acc6a314a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d
b5b3233d5d02cfdfc077b3e67483603395059c3fb90f3e0bbf376d43e84e7c3e
b62f2cb3a1e1d13c377f857f321add6e049e0d74fd35e4b1fb27d59d259fe967
b927c7bb2affcbad9facd49f8f71ef04e69b7de8eb4feb073133722f3b3027c0
bf8d514deb5862c37b665da9a12a30ac8c48a8ec089639bf4ff66fea87b3b948
c1a684357f3962d1a9f8e930221d66b2be480972f48ab3017dbee0ca92bf1a11
c6421f609cd61551ff948070601ddc54727d75ed1d42b77a65f349438ceab3c3
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d32d879bc4c2194ec1e98dc6ecb768457071ce1185ca52abb63e91390d3de573
d3c7d955218a0234e7e7305226cf4b816ba28a798d23f6e9d390d51f618f4391
d821142be15916ca24d5c5257de8c518b37021e70b346af8e96cbd3aac5a1971
db81e8c32e9db96efdeee6faec1b67645e1baeb1ca225c48712d08bcb5138b31
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd59c3bc5375338336d621772a3e26ecf1f58c7253cc5e3dcf802047173a84b0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e2ea411b32eb0f8f7ecee62a4a599e510c68d51c04b0246e436a50ea016b70e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b14522e1eded56479f5a9217eb0f6be41c95070153b9b2c2d0b062e0b0b69f
e735b96cc39e26c86bde1607206acc8e295c2c0bddfd655cf0362f262759d234
e8dc798e45562ab60f19664226f8b0012d01f389fc84bab67c4f967d199c6509
e909071f4ee32686e1327c63b1815ce6fb451babc2381b000b3cdd356cf233d9
ee041148b4d2b4bfb2a9dbff837265a3484bb6ef80a18174ee45309237654c74
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8
f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635
f40fa04be7a9b6d39ae4cf38fe14ff8d2c1a0f3ce0ccd6523098bb42c42658bc
f626daded31b8168aad17dafb652264cf9e8b357847eb21335c8bab1a761a7c1
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

therecord.media Open in urlscan Pro 172.64.155.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

119 Requests

100 %HTTPS

0 %IPv6

19 Domains

30 Subdomains

25 IPs

4 Countries

3903 kBTransfer

8448 kBSize

19 Cookies

21 Outgoing links

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

therecord.media Open in urlscan Pro
172.64.155.75 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

100 %
HTTPS

0 %
IPv6

19
Domains

30
Subdomains

25
IPs

4
Countries

3903 kB
Transfer

8448 kB
Size

19
Cookies

119 HTTP transactions
1 data transactions