therecord.media Open in urlscan Pro
2606:4700::6812:1c78 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
Submission: On June 01 via api (June 1st 2023, 2:13:37 am UTC) from TR — Scanned from DE

Summary HTTP 89 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 16 domains to perform 89 HTTP transactions. The main IP is 2606:4700::6812:1c78, located in United States and belongs to CLOUDFLARENET, US. The main domain is therecord.media. The Cisco Umbrella rank of the primary domain is 338853.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2023. Valid for: a year.

This is the only time therecord.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	2606:4700::68... 2606:4700::6812:1c78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223f:a00:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.18.7.66 104.18.7.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.195.235.189 18.195.235.189	16509 (AMAZON-02) (AMAZON-02)
19	95.101.111.184 95.101.111.184	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:853b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:23::1726:629c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	3.121.177.147 3.121.177.147	16509 (AMAZON-02) (AMAZON-02)
1	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700::68... 2606:4700::6812:19c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:806e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:88ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2c40::c7... 2606:2c40::c73c:67fe	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
89	20

40 2606:4700::6812:1c78 (United States)

ASN13335 (CLOUDFLARENET, US)

therecord.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.therecord.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:a00:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.7.66 (None, )

ASN13335 (CLOUDFLARENET, US)

www.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.235.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-235-189.eu-central-1.compute.amazonaws.com

recordedfuture.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 95.101.111.184 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-184.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:853b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:23::1726:629c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.121.177.147 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-177-147.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:19c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:806e (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:88ce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2c40::c73c:67fe (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	therecord.media therecord.media — Cisco Umbrella Rank: 338853 cms.therecord.media — Cisco Umbrella Rank: 980938	2 MB
21	6sc.co j.6sc.co — Cisco Umbrella Rank: 6133 c.6sc.co — Cisco Umbrella Rank: 9309 ipv6.6sc.co — Cisco Umbrella Rank: 6383 b.6sc.co — Cisco Umbrella Rank: 4113	34 KB
4	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 10726	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	21 KB
4	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 20759 recordedfuture.matomo.cloud — Cisco Umbrella Rank: 901309	67 KB
3	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2419 forms.hubspot.com — Cisco Umbrella Rank: 4606	4 KB
2	recordedfuture.com www.recordedfuture.com — Cisco Umbrella Rank: 508775 go.recordedfuture.com — Cisco Umbrella Rank: 420091	155 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	146 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2306	21 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4460	88 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2307	16 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 446	818 B
1	google.de www.google.de — Cisco Umbrella Rank: 5230	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 111	244 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3105	253 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2538	1 KB
89	16

	Domain	Requested by
33	therecord.media	therecord.media
14	b.6sc.co
7	cms.therecord.media	therecord.media
4	epsilon.6sense.com	j.6sc.co
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	j.6sc.co	www.googletagmanager.com therecord.media j.6sc.co
2	track.hubspot.com
2	ipv6.6sc.co	j.6sc.co
2	c.6sc.co	j.6sc.co
2	recordedfuture.matomo.cloud	cdn.matomo.cloud
2	cdn.matomo.cloud	therecord.media
2	www.googletagmanager.com	therecord.media www.googletagmanager.com
1	go.recordedfuture.com
1	forms.hubspot.com	js.hsleadflows.net
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	secure.adnxs.com	j.6sc.co
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	www.recordedfuture.com	therecord.media
89	23

This site contains links to these domains. Also see Links.

Domain
www.recordedfuture.com
twitter.com
www.linkedin.com
www.facebook.com
www.reddit.com
news.ycombinator.com
www.mountainviewhospital.org
www.hhs.gov
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M01	`2023-02-24` - `2023-12-25`	10 months	crt.sh
*.recordedfuture.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-03` - `2024-03-05`	a year	crt.sh
*.matomo.cloud Amazon RSA 2048 M01	`2023-02-10` - `2023-08-19`	6 months	crt.sh
6sc.co R3	`2023-05-25` - `2023-08-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
go.recordedfuture.com GTS CA 1P5	`2023-04-28` - `2023-07-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
Frame ID: 45F752E7BFC738DB7F59ED1483C9BA7C
Requests: 88 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Idaho hospital diverting ambulances after cyberattack

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

89
Requests

99 %
HTTPS

74 %
IPv6

16
Domains

23
Subdomains

20
IPs

4
Countries

2366 kB
Transfer

5809 kB
Size

18
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.recordedfuture.com/privacy-policy/?__hstc=156209188.e70ece6c737f4bc045aef30daec43925.1685585611266.1685585611266.1685585611266.1&__hssc=156209188.1.1685585611266&__hsfp=1987118913
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/platform/mobile-app?__hstc=156209188.e70ece6c737f4bc045aef30daec43925.1685585611266.1685585611266.1685585611266.1&__hssc=156209188.1.1685585611266&__hsfp=1987118913
Title: Mobile App

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack%20https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack%20@TheRecord_Media

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack&title=Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack&src=sdkpreparse

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack

Search URL Search Domain Scan URL

URL: https://news.ycombinator.com/submitlink?u=https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack&t=Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack

Search URL Search Domain Scan URL

URL: https://www.mountainviewhospital.org/blog/posts/2023/may/mountain-view-managing-it-issue/
Title: a statement

Search URL Search Domain Scan URL

URL: https://www.hhs.gov/sites/default/files/cuba-ransomware-alert-tlpclear.pdf
Title: Cuba

Search URL Search Domain Scan URL

URL: https://www.hhs.gov/sites/default/files/venus-ransomware-analyst-note.pdf
Title: Venus

Search URL Search Domain Scan URL

URL: https://www.hhs.gov/sites/default/files/lorenz-analyst-note.pdf
Title: Lorenz

Search URL Search Domain Scan URL

URL: https://www.hhs.gov/sites/default/files/hive-ransomware-analyst-note.pdf
Title: Hive

Search URL Search Domain Scan URL

URL: https://twitter.com/jgreigj

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/i-have-no-mouth-and-i-must-do-crime?__hstc=156209188.e70ece6c737f4bc045aef30daec43925.1685585611266.1685585611266.1685585611266.1&__hssc=156209188.1.1685585611266&__hsfp=1987118913
Title: I Have No Mouth, and I Must Do CrimeI Have No Mouth, and I Must Do Crime

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/oilalpha-likely-pro-houthi-group-targeting-arabian-peninsula?__hstc=156209188.e70ece6c737f4bc045aef30daec43925.1685585611266.1685585611266.1685585611266.1&__hssc=156209188.1.1685585611266&__hsfp=1987118913
Title: OilAlpha: A Likely Pro-Houthi Group Targeting Entities Across the Arabian PeninsulaOilAlpha: A Likely Pro-Houthi Group Targeting Entities Across the Arabian Peninsula

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/latin-americas-second-pink-tide-opens-avenues-iranian-influence?__hstc=156209188.e70ece6c737f4bc045aef30daec43925.1685585611266.1685585611266.1685585611266.1&__hssc=156209188.1.1685585611266&__hsfp=1987118913
Title: Latin America's Second "Pink Tide" Opens Avenues for Iranian InfluenceLatin America's Second "Pink Tide" Opens Avenues for Iranian Influence

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/xiaoqiying-genesis-day-threat-actor-group-targets-south-korea-taiwan?__hstc=156209188.e70ece6c737f4bc045aef30daec43925.1685585611266.1685585611266.1685585611266.1&__hssc=156209188.1.1685585611266&__hsfp=1987118913
Title: Xiaoqiying/Genesis Day Threat Actor Group Targets South Korea, TaiwanXiaoqiying/Genesis Day Threat Actor Group Targets South Korea, Taiwan

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/joker-dpr-and-the-information-war?__hstc=156209188.e70ece6c737f4bc045aef30daec43925.1685585611266.1685585611266.1685585611266.1&__hssc=156209188.1.1685585611266&__hsfp=1987118913
Title: Joker DPR and the Information WarJoker DPR and the Information War

Search URL Search Domain Scan URL

URL: https://twitter.com/TheRecord_Media

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-record-by-recorded-future

Search URL Search Domain Scan URL

URL: https://www.instagram.com/therecord_media/

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/privacy-policy?__hstc=156209188.e70ece6c737f4bc045aef30daec43925.1685585611266.1685585611266.1685585611266.1&__hssc=156209188.1.1685585611266&__hsfp=1987118913
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

89 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request idaho-hospital-diverting-ambulances-after-cyberattack Show response
therecord.media/ 40 KB
8 KB 191ms
158ms Document
text/html 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

9ee11adc1b8a07690a50fd39754716e40c4b4bea9b92d29814d40b684c39cd22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: s-maxage=60, stale-while-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d03f00839c19b40-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 01 Jun 2023 02:13:29 GMT
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
traceresponse: 00-1764578aee95a2be8c95522a5b6e40c6-d86aa0154c812e39-00
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 7, 1
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-powered-by: Next.js
x-served-by: cache-iad-kiad7000165-IAD, cache-fra-eddf8230048-FRA

GET
H2 200 Idaho_Falls_Community_Hospital_0709d91606.jpg
cms.therecord.media/uploads/ 83 KB
84 KB 429ms
321ms Image
image/jpeg 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/Idaho_Falls_Community_Hospital_0709d91606.jpg?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dd18c75482a45781775121cf8db14c760274d053f5fcc23d22862c2cc3abfe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
traceresponse: 00-1764672e669d86f85b55e84824c605f0-01305c7995ce631c-00
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
content-length: 85478
last-modified: Wed, 31 May 2023 20:23:22 GMT
server: cloudflare
etag: "6477acba-14de6"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/jpeg
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7d03f009eabb9b40-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Thu, 01 Jun 2023 02:18:29 GMT

GET
H2 200 T03_JN_5_SNQ_U037_HMEJK_61_e471a4980693_512_e7fa91f931.jpg
cms.therecord.media/uploads/ 52 KB
53 KB 432ms
325ms Image
image/jpeg 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/T03_JN_5_SNQ_U037_HMEJK_61_e471a4980693_512_e7fa91f931.jpg?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e462bff299dcf3d0e319045b9b4d79cd70615adb8be2af3be5ba9f6c1700d7ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
traceresponse: 00-1764672e66d084f36bc1d218ec01c1db-312a902497fd1e41-00
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
content-length: 53612
last-modified: Mon, 06 Mar 2023 21:07:55 GMT
server: cloudflare
etag: "6406562b-d16c"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/jpeg
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7d03f009eabf9b40-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Thu, 01 Jun 2023 02:18:29 GMT

GET
H2 200 The_Record_Centered_9b27d79125.svg
cms.therecord.media/uploads/ 7 KB
2 KB 434ms
328ms Image
image/svg+xml 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/The_Record_Centered_9b27d79125.svg?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
traceresponse: 00-1764672e66eb6e3a082c944462d988d9-56afd6d37cf772c3-00
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
last-modified: Thu, 12 Jan 2023 17:06:51 GMT
server: cloudflare
etag: W/"63c03e2b-1c5f"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/svg+xml
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7d03f009eabe9b40-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Thu, 01 Jun 2023 02:18:29 GMT

GET
H2 200 2316ea99ccec0eed.css
therecord.media/_next/static/css/ 53 KB
10 KB 25ms
25ms Stylesheet
text/css 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/css/2316ea99ccec0eed.css

Requested by

Host: therecord.media
URL: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0542d1f64615cdf1d0e76b28a3f39dccb487f3d4f382ab920536235c116ab42a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 566882
traceresponse: 00-1762639abd62f1967da743b1799b2b93-669d9337198eab67-00
x-cache: MISS, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100026-IAD, cache-fra-eddf8230139-FRA
last-modified: Thu, 25 May 2023 12:45:18 GMT
server: cloudflare
etag: W/"d26c-18852f131a6"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f0094a459b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 3

GET
H2 200 Mountain_View_Facebook_1e0e9543b2.png
cms.therecord.media/uploads/ 156 KB
156 KB 432ms
326ms Image
image/png 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/Mountain_View_Facebook_1e0e9543b2.png

Requested by

Host: therecord.media
URL: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

065d11c3edc7d6f3d7809c6df1c007b011810a7df894b0e0c1368997cf17f507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
traceresponse: 00-1764672e66ebb8ccc40adc34124348bc-561118cfe7fa876b-00
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
content-length: 159649
last-modified: Wed, 31 May 2023 20:24:55 GMT
server: cloudflare
etag: "6477ad17-26fa1"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/png
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7d03f009eabd9b40-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Thu, 01 Jun 2023 02:18:29 GMT

GET
H2 200 rocket-loader.min.js Show response
therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 8ms
8ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: therecord.media
URL: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 25 May 2023 08:39:22 GMT
server: cloudflare
content-encoding: gzip
etag: W/"646f1eba-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7d03f0094a479b40-FRA
expires: Sat, 03 Jun 2023 02:13:29 GMT

GET
H2 200 _middlewareManifest.js Show response
therecord.media/_next/static/Rg7gl721yQ-mC2yBXm-8q/ 92 B
246 B 26ms
25ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/Rg7gl721yQ-mC2yBXm-8q/_middlewareManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 49781
traceresponse: 00-176439e71c94beda0d711671afa2ed6a-698791316d1f222f-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200161-IAD, cache-fra-eddf8230020-FRA
last-modified: Wed, 31 May 2023 12:23:36 GMT
server: cloudflare
etag: W/"5c-18871c379b1"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjoyfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f0098a7b9b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 4, 3

GET
H2 200 _ssgManifest.js Show response
therecord.media/_next/static/Rg7gl721yQ-mC2yBXm-8q/ 99 B
297 B 23ms
22ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/Rg7gl721yQ-mC2yBXm-8q/_ssgManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 49784
traceresponse: 00-176439e71d45fe1efadcc0267b13026e-03497d0505f0bfe9-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000140-IAD, cache-fra-eddf8230138-FRA
last-modified: Wed, 31 May 2023 12:23:36 GMT
server: cloudflare
etag: W/"63-18871c379b1"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f0098a7c9b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 3, 2

GET
H2 200 _buildManifest.js Show response
therecord.media/_next/static/Rg7gl721yQ-mC2yBXm-8q/ 1 KB
600 B 27ms
26ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/Rg7gl721yQ-mC2yBXm-8q/_buildManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5dc34a658afe8d1574fa290eb62dcc0732143107a72da190f04ef5ceea4e547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 40293
traceresponse: 00-17644288d1cf4304bd5fd70f4cbd51c7-e757660666811486-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100024-IAD, cache-fra-eddf8230024-FRA
last-modified: Wed, 31 May 2023 12:23:36 GMT
server: cloudflare
etag: W/"495-18871c379b1"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f0098a7e9b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 463, 1

GET
H2 200 %5B%5B...slug%5D%5D-1761512f30198b1f.js Show response
therecord.media/_next/static/chunks/pages/ 59 KB
13 KB 25ms
24ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/pages/%5B%5B...slug%5D%5D-1761512f30198b1f.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0126459d9043b28cbe745a157a1194b4abffe32ce0dd9e0afdbab6e1a3af2eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 566880
traceresponse: 00-1762639b383dbeef1b592ba03f200dd7-e0a09a019cdb79e2-00
x-cache: MISS, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000149-IAD, cache-fra-eddf8230064-FRA
last-modified: Thu, 25 May 2023 12:45:18 GMT
server: cloudflare
etag: W/"eaa3-18852f131a2"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f0098a7f9b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 2

GET
H2 200 735-7645aca2d71731dd.js Show response
therecord.media/_next/static/chunks/ 937 KB
242 KB 40ms
39ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75ef329dcdc3a24cb69b9057b00d785e7ce58c751f55aed75205871c3c62809a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 2635633
traceresponse: 00-175b0a161b85e13f97d2c1496b44fe0b-87074989c0c5b6e3-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200088-IAD, cache-fra-eddf8230058-FRA
last-modified: Thu, 27 Apr 2023 17:07:16 GMT
server: cloudflare
etag: W/"ea276-187c3aef93c"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f0098a809b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 22757, 1

GET
H2 200 _app-2024e4aaf5b4a59e.js Show response
therecord.media/_next/static/chunks/pages/ 114 KB
38 KB 32ms
31ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/pages/_app-2024e4aaf5b4a59e.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04b586d07a484c8434549bce3719c6b222f543da3992280d7d0e5aba73e58cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 1359246
traceresponse: 00-175f92f40f5cfce2c4c18ffd9ddcb591-7291d00a045af600-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100055-IAD, cache-fra-eddf8230135-FRA
last-modified: Mon, 15 May 2023 15:46:22 GMT
server: cloudflare
etag: W/"1c769-18820175f71"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f0098a819b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 3037, 1

GET
H2 200 main-a054bbf31fb90f6a.js Show response
therecord.media/_next/static/chunks/ 98 KB
27 KB 29ms
28ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1885518498078290fc8152f0618b843ebfa8df10726b4571b11ec0355be9ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 3271625
traceresponse: 00-1758c7a7b8f44eea63117b3ad6d40158-9a048438777e3cac-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100095-IAD, cache-fra-eddf8230107-FRA
last-modified: Wed, 22 Mar 2023 13:46:13 GMT
server: cloudflare
etag: W/"186c8-1870991f55c"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f0098a829b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 6645, 2

GET
H2 200 framework-5f4595e5518b5600.js Show response
therecord.media/_next/static/chunks/ 127 KB
42 KB 34ms
34ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/framework-5f4595e5518b5600.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 1942692
traceresponse: 00-175d804ff7a1d9332e5ddb9ba30c4feb-838115e2a03b934b-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200081-IAD, cache-fra-eddf8230081-FRA
last-modified: Fri, 05 May 2023 15:55:00 GMT
server: cloudflare
etag: W/"1fbbb-187ec9fade1"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f0098a839b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 6167, 1

GET
H2 200 webpack-5752944655d749a0.js Show response
therecord.media/_next/static/chunks/ 2 KB
1 KB 31ms
30ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/webpack-5752944655d749a0.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 1413674
traceresponse: 00-175f6173e449f18bf468de69365c31ad-8cf90b17b8dc8539-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100179-IAD, cache-fra-eddf8230137-FRA
last-modified: Mon, 15 May 2023 15:46:22 GMT
server: cloudflare
etag: W/"673-18820175f73"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f0098a849b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 6739, 3

GET
H2 200 Inter-Medium.ttf
therecord.media/fonts/ 307 KB
149 KB 197ms
196ms Font
font/ttf 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Medium.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/2316ea99ccec0eed.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0b1f949528f7a3a2d2ff3b6df67c6c1b5cb8f62a2eba6eb5e06adff2d5795f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/2316ea99ccec0eed.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-1764672e5838f60019df17c8eccdda94-55e526f38630ea90-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000051-IAD, cache-fra-eddf8230032-FRA
last-modified: Wed, 31 May 2023 12:19:02 GMT
server: cloudflare
etag: W/"4cd58-18871bf4af0"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f0099a889b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 icomoon.ttf
therecord.media/icons/fonts/ 5 KB
3 KB 151ms
149ms Font
font/ttf 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/icons/fonts/icomoon.ttf?l2zjlc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/2316ea99ccec0eed.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2ea411b32eb0f8f7ecee62a4a599e510c68d51c04b0246e436a50ea016b70e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/2316ea99ccec0eed.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-1764672e587b906dbb3690c574b8ed2d-4ce7d3865cb330b3-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100149-IAD, cache-fra-etou8220039-FRA
last-modified: Wed, 31 May 2023 12:19:02 GMT
server: cloudflare
etag: W/"1304-18871bf4af0"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f0099a899b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-Bold.ttf
therecord.media/fonts/ 309 KB
151 KB 234ms
233ms Font
font/ttf 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Bold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/2316ea99ccec0eed.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/2316ea99ccec0eed.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-1764672e586c5414561bfcad663d93cc-a8412e47bcf29215-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100134-IAD, cache-fra-eddf8230075-FRA
last-modified: Wed, 31 May 2023 12:19:02 GMT
server: cloudflare
etag: W/"4d2c4-18871bf4af0"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f0099a8a9b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-SemiBold.ttf
therecord.media/fonts/ 308 KB
150 KB 206ms
206ms Font
font/ttf 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-SemiBold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/2316ea99ccec0eed.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/2316ea99ccec0eed.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-1764672e5888c3244996662c01df0e1a-1cb4c70aa2993846-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000102-IAD, cache-fra-etou8220070-FRA
last-modified: Wed, 31 May 2023 12:19:02 GMT
server: cloudflare
etag: W/"4d16c-18871bf4af0"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f0099a8b9b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-Regular.ttf
therecord.media/fonts/ 303 KB
140 KB 190ms
189ms Font
font/ttf 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Regular.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/2316ea99ccec0eed.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/2316ea99ccec0eed.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-1764672e58655504eb0cbe157f1b3fb9-26f6e01399e99559-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000092-IAD, cache-fra-etou8220027-FRA
last-modified: Wed, 31 May 2023 12:19:02 GMT
server: cloudflare
etag: W/"4ba44-18871bf4af0"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f0099a8c9b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-ExtraBold.ttf
therecord.media/fonts/ 309 KB
151 KB 179ms
178ms Font
font/ttf 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-ExtraBold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/2316ea99ccec0eed.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fb3140db2839cabd3662044ef7791206df377b2211046abc71dd039f05fe082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/2316ea99ccec0eed.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-1764672e57d1923aee4f2305031dc966-14ecbaba4e511954-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200106-IAD, cache-fra-eddf8230138-FRA
last-modified: Wed, 31 May 2023 12:19:02 GMT
server: cloudflare
etag: W/"4d52c-18871bf4af0"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f0099a8d9b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 160 KB
60 KB 37ms
15ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Requested by

Host: therecord.media
URL: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5b615b0ea3700aa39353e3efe4de55958456635c01391ad2f67dbed0b58c756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60790
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Jun 2023 02:13:29 GMT

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 199 KB
58 KB 32ms
7ms Script
application/javascript 2600:9000:223f:a00:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Requested by: Host: therecord.media
URL: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fb145f1185850a1f9937c5d5afb3260adbcef791d0a94e1c09b54aa00808982

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 00:01:59 GMT
x-amz-version-id: T3VVylcW4ZUVSABprJtJmBafSdXY4jAi
content-encoding: gzip
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7891
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 07 Feb 2023 02:15:06 GMT
server: AmazonS3
etag: W/"3e98a39e2d8f2b464999b40df3c2172d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: SZ7NARaX_kf5B7SgZzS3GqkkF2EvobwlHgiYqH7gaugSdEVgopxXGg==

GET
H2 200 container_41sBJe2I.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 27 KB
9 KB 39ms
14ms Script
application/javascript 2600:9000:223f:a00:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/container_41sBJe2I.js
Requested by: Host: therecord.media
URL: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58b7835fb7b6028146a46edd3ef238b71759d0a5d597ce39f90b7de730899e92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 00:01:59 GMT
x-amz-version-id: Xp.qiLs.ZhMcRdIRto4WxBiX5kNGHcfO
content-encoding: gzip
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7891
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 17 Apr 2023 04:07:33 GMT
server: AmazonS3
etag: W/"839ec9cd752c4e512960109f6ac6b404"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: xn4-0u10lCAcXsLnoSfYPh1OCg1IfV-m0VwWMidJIhnls7_gnIw8cA==

GET
H2 200 articles Show response
cms.therecord.media/api/ 11 KB
5 KB 211ms
193ms XHR
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editor&populate[3]=editor.page&populate[4]=image&populate[5]=image.desktop&populate[6]=image.tablet&populate[7]=image.mobile&populate[8]=tags&populate[9]=tags.page&populate[10]=page&filters[id][$ne]=3032&filters[date][$lte]=2023-05-31T20%3A21%3A00.000Z&$or[0][showFrom][$null]=true&$or[1][showFrom][$lte]=2023-06-01T00%3A00%3A00.000Z&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Adesc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

a8ba4b2611ad2d0d83b1eaad739555f188f7b552bb8fdc7dd446295386699394

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
traceresponse: 00-1764672e89a8c2fc7d755e8e3ce90fb4-711c400126ca6167-00
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
referrer-policy: no-referrer
server: cloudflare
expect-ct: max-age=0
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-download-options: noopen
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
cf-ray: 7d03f00edd5d37f6-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 articles Show response
cms.therecord.media/api/ 9 KB
3 KB 398ms
381ms XHR
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editor&populate[3]=editor.page&populate[4]=image&populate[5]=image.desktop&populate[6]=image.tablet&populate[7]=image.mobile&populate[8]=tags&populate[9]=tags.page&populate[10]=page&filters[id][$ne]=3032&filters[date][$gte]=2023-05-31T20%3A21%3A00.000Z&filters[$or][0][showFrom][$null]=true&filters[$or][1][showFrom][$lte]=2023-06-01T00%3A00%3A00.000Z&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Aasc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

0896412eb077b01ea4bf1579f105263d1a28373d9eeb6affb1800c9bc7c5a061

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
traceresponse: 00-1764672e95e360bafa065a8eb4330a88-9a91a6e1f172bc6d-00
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
referrer-policy: no-referrer
server: cloudflare
expect-ct: max-age=0
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-download-options: noopen
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
cf-ray: 7d03f00edd5e37f6-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 articles Show response
cms.therecord.media/api/ 199 KB
46 KB 478ms
461ms XHR
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editor&populate[3]=editor.page&populate[4]=image&populate[5]=image.desktop&populate[6]=image.tablet&populate[7]=image.mobile&populate[8]=tags&populate[9]=tags.page&populate[10]=page&filters[isBrief][$eq]=true&filters[$or][0][showFrom][$null]=true&filters[$or][1][showFrom][$lte]=2023-06-01T00%3A00%3A00.000Z&sort[0]=date%3Adesc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

8918e9265090b780339139838df284944fdd545be8a8b0e8bb2c20afe63f051e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://market-assets.strapi.io;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
traceresponse: 00-1764672e95bb3e92cea4e898d6e94fd8-3cac44f1232b2a2d-00
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
referrer-policy: no-referrer
server: cloudflare
expect-ct: max-age=0
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-download-options: noopen
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
cf-ray: 7d03f00edd5f37f6-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 research Show response
www.recordedfuture.com/feed/ 248 KB
70 KB 74ms
22ms Fetch
text/xml 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/feed/research

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

315b695fcd50b58f25bcef0becc53aa578aac40b355a414bcbfebed92f14978c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/rss+xml
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1227
traceresponse: 00-17646610c922ff98ecf4a1b48d6958cf-3fdff360c9aa107c-00
x-cache: HIT
foo: bar
content-length: 71104
x-served-by: cache-fra-eddf8230087-FRA
server: cloudflare
vary: Accept-Encoding
content-type: text/xml
access-control-allow-origin: *
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7d03f00f1be0362b-FRA
x-cache-hits: 1

GET
H2 200 briefs.json Show response
therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/news/ 7 KB
2 KB 116ms
115ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/news/briefs.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ee991a0c7b4e97c3f3bed105ec45c51539d713e24dda231aac9f42513b661af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 7
traceresponse: 00-176458afbaa189a51963ec1955240024-6f9de2b88fcc74a5-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000030-IAD, cache-fra-eddf8230047-FRA
server: cloudflare
etag: W/"1c32-Z7jq0dJ/mztWIiK3URynH0XgNKM"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f00f2d989b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 91, 1

GET
H2 200 nearly-nine-million-affected-by-mcna-breach.json Show response
therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/ 18 KB
4 KB 130ms
128ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/nearly-nine-million-affected-by-mcna-breach.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54e6f24f5bf51402947931f3227cf889515c1e5d7e7bfe5f3f1417ecfedaa5ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 7
traceresponse: 00-17645795329a8d6d944943c06321df2a-b24c1b1a136d8df5-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200164-IAD, cache-fra-eddf8230048-FRA
server: cloudflare
etag: W/"4916-PJ38A5mzVnHyVKaSsNSJ5OjABwk"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f00f2d9a9b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 317, 1

GET
H2 200 subscribe.json Show response
therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/ 8 KB
2 KB 116ms
115ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/subscribe.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

457a3cd5890ef5f0c41b74038b0b0cd9386b1a52e8be6a118d1a94cce0e4c8fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 21
traceresponse: 00-1764579f8cd4c74b51dcab9f7add8bcf-8fc8a6096dd2890f-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000106-IAD, cache-fra-eddf8230134-FRA
server: cloudflare
etag: W/"1f08-JRlY2/yrea4Ez26SNRiDXyRDp30"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f00f2d9b9b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 13, 1

GET
H2 200 contact.json Show response
therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/ 8 KB
2 KB 33ms
31ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/contact.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

004ad7ae328326c88e491f481311cba704a9b9fbf0df2a0ed802d1930cf5f81f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 51
traceresponse: 00-1764579f8f4dfbc8e9626679be47d74b-898414482e5076c6-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000088-IAD, cache-fra-eddf8230048-FRA
server: cloudflare
etag: W/"2141-8Xut22Mmi8Md7lpIcJD44BvHdec"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f00f2d9c9b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 111, 1

GET
H2 200 podcast.json Show response
therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/ 132 KB
27 KB 44ms
42ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/podcast.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

342c8bd1bd1f5b7406f1bfad705ed27cd753b772e1391552a77909a1578559a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 51
traceresponse: 00-1764579f8d0d74e9cd0009f8ecb662d6-ade853ece5142046-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100103-IAD, cache-fra-eddf8230049-FRA
server: cloudflare
etag: W/"20e7a-4WXzg7W3cfP5eapydXOgHjQ7jfg"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f00f2d9d9b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 105, 1

GET
H2 200 about.json Show response
therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/ 36 KB
7 KB 118ms
116ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/about.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26a2efe457f5f50a49594cea2ddddc306b802786b9e2c01ddd090236b9ea166d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 21
traceresponse: 00-176458d305a44a849b5994bc54656cee-41f304f422be3ed2-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200085-IAD, cache-fra-eddf8230071-FRA
server: cloudflare
etag: W/"906e-RmfpkZNmejX4y2KwMRPHQ5NWBLo"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f00f2d9f9b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 821, 1

GET
H2 200 technology.json Show response
therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/news/ 7 KB
2 KB 33ms
32ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/news/technology.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de0b8e63c2af265233efeaf73a0e92df6d840705785f6381232e013fd550d5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 51
traceresponse: 00-1764584fd199d78b097ca1bfbdea0c93-e1280972fd14ad3e-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100038-IAD, cache-fra-eddf8230094-FRA
server: cloudflare
etag: W/"1c43-o9nKwm3TnZojCDfJ3hi8/KGpPXY"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f00f2da09b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 995, 1

GET
H2 200 people.json Show response
therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/news/ 7 KB
2 KB 183ms
182ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/news/people.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a733205c0b397c37de87301bbbf39491fd37c51d1b5694654942fec38a6df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-176457903aba2171de53b40dea42cf3a-4886bbd823c3dd55-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000058-IAD, cache-fra-eddf8230082-FRA
server: cloudflare
etag: W/"1c2f-+FK2FZRgjApdXNiHc66puUVlefk"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f00f2da19b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 7, 1

GET
H2 200 nation-state.json Show response
therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/news/ 7 KB
2 KB 34ms
32ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/news/nation-state.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfa0c8eba7dda53830cf673d2704ff934d0e3160454003d4517860dfaea978ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 51
traceresponse: 00-176457951f6fd92d57e8baba30da5b34-137f07247b9eee73-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200135-IAD, cache-fra-eddf8230137-FRA
server: cloudflare
etag: W/"1c4c-7/P3WI/CHCg6EeSLXuglSvIjL7M"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f00f2da39b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 123, 1

GET
H2 200 cybercrime.json Show response
therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/news/ 7 KB
2 KB 121ms
120ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/news/cybercrime.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0750969185b9aaa2428428bc464092c46f8455a9e882eeb417cb49b2b229d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 21
traceresponse: 00-176457951fdbcf6dac225daacc5431c6-ea6c4393f0d3b399-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200163-IAD, cache-fra-eddf8230132-FRA
server: cloudflare
etag: W/"1c43-K1TozEOfFGA3eHpT6nHJ2w9z8+A"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f00f2da49b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 1135, 1

GET
H2 200 leadership.json Show response
therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/news/ 7 KB
2 KB 182ms
181ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/news/leadership.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

470dd11ae872e1455ea918fb6cb9476a129b731cf3e2185f8a3e152ed4bf8aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-176457939b08a25cc1d6c551d7c7e4e7-bd3c793d15a73f7d-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000152-IAD, cache-fra-eddf8230032-FRA
server: cloudflare
etag: W/"1c43-MiQM2O44tifIHVibfgihpwlRtEE"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f00f2da99b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 5, 1

GET
H2 200 index.json Show response
therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/ 28 KB
9 KB 179ms
178ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/Rg7gl721yQ-mC2yBXm-8q/index.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e2cca35da71cc90dd97a2099da49bce8052f3a04fe2856851150aad2ca9071f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17645789ecee94ae95a5e5b683e92832-8d79ed15fca34ad6-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000130-IAD, cache-fra-eddf8230139-FRA
server: cloudflare
etag: W/"7079-i+rR4LcjMS4vIXN0nPPUV2qpx4A"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7d03f00f2daa9b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 1520, 1

POST
H2 204 matomo.php
recordedfuture.matomo.cloud/ 0
167 B 84ms
48ms Ping
text/plain 18.195.235.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/matomo.php?action_name=therecord.media%2FIdaho%20hospital%20diverting%20ambulances%20after%20cyberattack&idsite=2&rec=1&r=595415&h=2&m=13&s=30&url=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&_id=1a91c1e84c9ec163&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=MU1U9X&fa_pv=1&fa_fp[0][fa_vid]=X7oN6S&fa_fp[0][fa_fv]=1&pf_net=34&pf_srv=158&pf_tfr=1&pf_dm1=5&pf_dm2=734&pf_onl=3&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.195.235.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://therecord.media
date: Thu, 01 Jun 2023 02:13:30 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 64dc3ec5-330c-4652-88d3-147ee65e90ba.js Show response
j.6sc.co/j/ 4 KB
4 KB 1029ms
559ms Script
application/javascript 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/64dc3ec5-330c-4652-88d3-147ee65e90ba.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-184.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7b0b9f163454a2d476c3930174ed354b5d661060c2a2581e434f8b0b74392d76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: XiK7k1K4G4_9UcBg2.S65sIFd54SfIcU
date: Thu, 01 Jun 2023 02:13:31 GMT
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-amz-meta-content-type: application/json
content-length: 3771
pragma: no-cache
last-modified: Fri, 31 Mar 2023 18:59:38 GMT
server: AmazonS3
etag: "29e881d3528b8d3d0ef42c057d73a114"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: 9XpfuUS2ri5AD1JEbeyKaxgiHabgUeDBeIq1czoZBqgafXtu0ONaxQ==
expires: Thu, 01 Jun 2023 02:13:31 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 35 KB
11 KB 621ms
155ms Script
application/javascript 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: therecord.media
URL: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4aec96eddab69454e554bb60664da2e5043c363ebef6921644f619523e7274d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 May 2023 00:27:16 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64641f64-8a3f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 11052
expires: Thu, 01 Jun 2023 02:13:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 253 KB
86 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EYNZBT8ZP2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0785814c9f17a5fc55185f968de26cf6b19e8ff5007cf66fcec37e7b8a0dd1ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87807
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jun 2023 02:13:30 GMT

GET
H2 200 configs.php Show response
recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/ 116 B
291 B 37ms
12ms Script
application/javascript 18.195.235.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=m0cMSD&url=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.195.235.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 855cb45a2acd289ec3a95989aecfc607f462dd901db826445842249de79ef9c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
content-encoding: gzip
server: Apache
content-length: 119
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 01 Jun 2023 00:35:34 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5876
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 01 Jun 2023 02:35:34 GMT

GET
H2 200 252628.js Show response
js.hs-scripts.com/ 1 KB
1 KB 44ms
20ms Script
application/javascript 2606:4700::6812:853b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/252628.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:853b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863992fc545e342de7de4eae469939153b13fea3521535abd460dee5acc48aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
content-encoding: br
cf-cache-status: HIT
x-hubspot-correlation-id: 35798203-815f-4427-8bb5-1a2a11038ff2
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=1482
age: 51
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: afab5bcd-ffaa-40de-ab6b-93779885246e
cf-bgj: minify
last-modified: Thu, 01 Jun 2023 02:12:39 GMT
server: cloudflare
x-trace: 2B69A7688D2E26940CDAA614E069527B5FB48E605D000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://securitytrails.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-qcqs6
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 7d03f00f68b61c07-FRA
expires: Thu, 01 Jun 2023 02:14:30 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 36ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EYNZBT8ZP2&gtm=45je35v0&_p=1257100176&_gaz=1&cid=1313951068.1685585610&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1685585610&sct=1&seg=0&dl=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&dt=Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYNZBT8ZP2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:13:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://therecord.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
244 B 71ms
27ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EYNZBT8ZP2&cid=1313951068.1685585610&gtm=45je35v0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYNZBT8ZP2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:13:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://therecord.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 39ms
18ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EYNZBT8ZP2&cid=1313951068.1685585610&gtm=45je35v0&aip=1&z=1649753293

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:13:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 14ms
13ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1257100176&t=pageview&_s=1&dl=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&ul=en-us&de=UTF-8&dt=Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=618690208&gjid=417006421&cid=1313951068.1685585610&tid=UA-9153858-16&_gid=408399814.1685585610&_r=1&_slc=1&gtm=45He35v0n81PVJ5W86&z=1588790899

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:13:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://therecord.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 image
therecord.media/_next/ 69 KB
70 KB 207ms
206ms Image
image/webp 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Fi_have_no_mouth_and_i_must_do_crime_5f42a07a66.jpg&w=1920&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7be024e3f21c8f68e4c0698b0c37f6133523673b78f9115aa2559392cca923c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-1764672e98d184d29d840e104484d74f-5c8d2399d41ec4e8-00
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="i_have_no_mouth_and_i_must_do_crime_5f42a07a66.webp"
content-length: 70752
x-served-by: cache-iad-kiad7000044-IAD, cache-fra-eddf8230048-FRA
server: cloudflare
etag: t74CTj8hyPaOTAaYsMN-YTNSNnO3j5EVqiVZOSzKkjw=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
cf-ray: 7d03f0102e489b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 image
therecord.media/_next/ 45 KB
45 KB 260ms
259ms Image
image/webp 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Foilalpha_likely_pro_houthi_group_targeting_arabian_peninsula_2aebae6036.jpg&w=1920&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9ef58db6fdde274335fb270945ec10a93dce52344bfef544070bab8ec4d2ec7

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-1764672e98ac49403d8929647a2c8007-f591be7799ba81ee-00
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="oilalpha_likely_pro_houthi_group_targeting_arabian_peninsula_2aebae6036.webp"
content-length: 45712
x-served-by: cache-iad-kcgs7200179-IAD, cache-fra-eddf8230094-FRA
server: cloudflare
etag: 6e9Y22-d4nQzX7JwlF7BCpPc5SNEv+9UQHC6uOxNLsc=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
cf-ray: 7d03f0102e4a9b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 image
therecord.media/_next/ 153 KB
153 KB 222ms
222ms Image
image/webp 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Flatin_americas_second_pink_tide_opens_avenues_iranian_influence_9fc728c7f5.jpg&w=1920&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee9e9d7a8d5f2a8b5ecb6df3c8a57c53f0647a840eade6ec56c96c583caf0b2c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/idaho-hospital-diverting-ambulances-after-cyberattack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-1764672e993a079b1f1d7ce1509e73c5-3b54828da986279b-00
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="latin_americas_second_pink_tide_opens_avenues_iranian_influence_9fc728c7f5.webp"
content-length: 156174
x-served-by: cache-iad-kiad7000057-IAD, cache-fra-eddf8230137-FRA
server: cloudflare
etag: 7p6deo1fKotey23zyKV8U-BkeoQOrebsVslsWDyvCyw=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
cf-ray: 7d03f0102e4c9b40-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 / Show response
c.6sc.co/ 7 B
192 B 173ms
172ms XHR
text/html 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 36 B
327 B 43ms
7ms XHR
text/html 2a02:26f0:480:23::1726:629c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:23::1726:629c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4a387f22d24171757e70738cc0751155bc4f81cbec0e85d03a290651e9ed5c02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:13:30 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://therecord.media
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:ac8:20:3a00:1012:4616:caba:1ba6
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468218_388391900_173252794_20_850_5_0";dur=1
content-length: 36
expires: Thu, 01 Jun 2023 02:13:30 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 369ms
368ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=c181d0f8-4fdf-4ec0-8ac6-378cded794d8&session=4a488fd8-4cec-4458-8469-084c2b72a393&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2001%20Jun%202023%2002%3A13%3A30%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2001%20Jun%202023%2002%3A13%3A30%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22f2675e8089b7d209a58fce8ad312f51c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2001%20Jun%202023%2002%3A13%3A30%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22edabaa1866fe08952dde1be9ff37302d63145f08%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2001%20Jun%202023%2002%3A13%3A30%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2001%20Jun%202023%2002%3A13%3A30%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2001%20Jun%202023%2002%3A13%3A30%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20hospital%20serving%20a%20large%20community%20in%20Idaho%20is%20diverting%20ambulances%20to%20other%20clinics%20after%20a%20cyberattack%20damaged%20its%20computer%20systems.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&pageViewId=27571c84-1035-4472-8913-bcd4bb0de69f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:31 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 351ms
350ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=c181d0f8-4fdf-4ec0-8ac6-378cded794d8&session=4a488fd8-4cec-4458-8469-084c2b72a393&event=ipv6&q=%7B%22address%22%3A%222001%3Aac8%3A20%3A3a00%3A1012%3A4616%3Acaba%3A1ba6%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20hospital%20serving%20a%20large%20community%20in%20Idaho%20is%20diverting%20ambulances%20to%20other%20clinics%20after%20a%20cyberattack%20damaged%20its%20computer%20systems.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&pageViewId=27571c84-1035-4472-8913-bcd4bb0de69f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:31 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 726 B
573 B 25ms
12ms XHR
application/json 3.121.177.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.177.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-177-147.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9caa51975dc97351ceb4e544fab746be9aee637db3095652a84b8dc68241e6ec

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
Authorization: Token edabaa1866fe08952dde1be9ff37302d63145f08
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:30 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
content-length: 389

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ 0
0 56ms
8ms Preflight 3.121.177.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.177.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-177-147.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://therecord.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://therecord.media
access-control-max-age: 1800
date: Thu, 01 Jun 2023 02:13:30 GMT
server: nginx

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1257100176&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&ul=en-us&de=UTF-8&dt=Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=1313951068.1685585610&tid=UA-9153858-16&_gid=408399814.1685585610&gtm=45He35v0n81PVJ5W86&cd1=&cd2=&cd3=&cd4=&cd5=&cd8=&z=2119386779

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 17:42:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 30689
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
818 B 32ms
7ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 02:13:31 GMT
AN-X-Request-Uuid: d27799a9-2d68-4f95-8d02-c24b5aaac1e6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://therecord.media
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.28; 217.64.151.28; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 47 B
233 B 155ms
154ms XHR
text/plain 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 06ab3d562254b2f89a9fb09746c836f3d56e8e00bd06d76b775b15ff5823604e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:31 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/plain
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 47

GET
H2 200 6si.min.js Show response
j.6sc.co/ 35 KB
11 KB 155ms
153ms Script
application/javascript 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/j/64dc3ec5-330c-4652-88d3-147ee65e90ba.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4aec96eddab69454e554bb60664da2e5043c363ebef6921644f619523e7274d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:13:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 May 2023 00:27:16 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64641f64-8a3f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 11052
expires: Thu, 01 Jun 2023 02:13:31 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 352ms
351ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=c181d0f8-4fdf-4ec0-8ac6-378cded794d8&session=4a488fd8-4cec-4458-8469-084c2b72a393&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22f2675e8089b7d209a58fce8ad312f51c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2001%20Jun%202023%2002%3A13%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%22393%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20hospital%20serving%20a%20large%20community%20in%20Idaho%20is%20diverting%20ambulances%20to%20other%20clinics%20after%20a%20cyberattack%20damaged%20its%20computer%20systems.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&pageViewId=27571c84-1035-4472-8913-bcd4bb0de69f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:31 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 656ms
654ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=c181d0f8-4fdf-4ec0-8ac6-378cded794d8&session=4a488fd8-4cec-4458-8469-084c2b72a393&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%2247c555096cc32557d3e6e7a333d7cb3ea692cee1%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2001%20Jun%202023%2002%3A13%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%22394%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20hospital%20serving%20a%20large%20community%20in%20Idaho%20is%20diverting%20ambulances%20to%20other%20clinics%20after%20a%20cyberattack%20damaged%20its%20computer%20systems.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&pageViewId=27571c84-1035-4472-8913-bcd4bb0de69f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:31 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 548ms
546ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=c181d0f8-4fdf-4ec0-8ac6-378cded794d8&session=4a488fd8-4cec-4458-8469-084c2b72a393&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2001%20Jun%202023%2002%3A13%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%22395%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20hospital%20serving%20a%20large%20community%20in%20Idaho%20is%20diverting%20ambulances%20to%20other%20clinics%20after%20a%20cyberattack%20damaged%20its%20computer%20systems.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&pageViewId=27571c84-1035-4472-8913-bcd4bb0de69f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:31 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 349ms
348ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=c181d0f8-4fdf-4ec0-8ac6-378cded794d8&session=4a488fd8-4cec-4458-8469-084c2b72a393&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2001%20Jun%202023%2002%3A13%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%22397%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20hospital%20serving%20a%20large%20community%20in%20Idaho%20is%20diverting%20ambulances%20to%20other%20clinics%20after%20a%20cyberattack%20damaged%20its%20computer%20systems.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&pageViewId=27571c84-1035-4472-8913-bcd4bb0de69f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:31 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 352ms
351ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=c181d0f8-4fdf-4ec0-8ac6-378cded794d8&session=4a488fd8-4cec-4458-8469-084c2b72a393&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%2264dc3ec5-330c-4652-88d3-147ee65e90ba%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2001%20Jun%202023%2002%3A13%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%22398%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20hospital%20serving%20a%20large%20community%20in%20Idaho%20is%20diverting%20ambulances%20to%20other%20clinics%20after%20a%20cyberattack%20damaged%20its%20computer%20systems.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&pageViewId=27571c84-1035-4472-8913-bcd4bb0de69f&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:31 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 354ms
353ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=c181d0f8-4fdf-4ec0-8ac6-378cded794d8&session=4a488fd8-4cec-4458-8469-084c2b72a393&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2001%20Jun%202023%2002%3A13%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%22398%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20hospital%20serving%20a%20large%20community%20in%20Idaho%20is%20diverting%20ambulances%20to%20other%20clinics%20after%20a%20cyberattack%20damaged%20its%20computer%20systems.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&pageViewId=27571c84-1035-4472-8913-bcd4bb0de69f&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:31 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 351ms
351ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=c181d0f8-4fdf-4ec0-8ac6-378cded794d8&session=4a488fd8-4cec-4458-8469-084c2b72a393&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2001%20Jun%202023%2002%3A13%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%22400%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20hospital%20serving%20a%20large%20community%20in%20Idaho%20is%20diverting%20ambulances%20to%20other%20clinics%20after%20a%20cyberattack%20damaged%20its%20computer%20systems.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&pageViewId=27571c84-1035-4472-8913-bcd4bb0de69f&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:31 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 252628.js Show response
js.hs-banner.com/ 60 KB
16 KB 47ms
18ms Script
text/javascript 2606:4700::6812:19c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9239f316beef45cfc6ba7c2b31298e0da40af5924c7c20894960238ede334d68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:31 GMT
x-amz-version-id: 1DTjZqz8w6c0vLd7dsrtWpmr4CMJx9XZ
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YF1FRMJKKD41XXRY
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
age: 47
x-envoy-upstream-service-time: 43
x-amz-id-2: ZaRpAGwSS00pY/LzuvuLFmnt6EWZFLHI2m6EZKtUR7G/WzJYTc45CxwZ+2Hr9gb0ZICOkHZ3AP8=
x-evy-trace-listener: listener_https
x-request-id: c330222a-534e-45ed-bdc0-0f0c28bb3aaa
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 17 Apr 2023 14:55:34 GMT
server: cloudflare
etag: W/"07022bb1d6cfa926ffae0fefc0ebffb7"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://go.recordedfuture.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6b7cfc8cf5-rc2n7
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7d03f015e9b71911-FRA
expires: Thu, 01 Jun 2023 02:17:44 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 545 KB
88 KB 43ms
21ms Script
application/javascript 2606:4700::6811:806e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:806e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 344cd43902a0ac8a2a12b112a9a9904fb7b26ebd33ead31a492aed6ef4e89b82

Request headers

Referer: https://therecord.media/
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-encoding: br
age: 67231
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1202/bundle/main/lead-flows-release.js&cfRay=7cfd86b36f7e18d2-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"b2585633e816f12e4b5de8663cf46c30"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1202/bundle/main/lead-flows-release.js
date: Thu, 01 Jun 2023 02:13:31 GMT
x-amz-version-id: gY.ddbQs4Pt.3p8HNDwQjbxkSRA75npf
via: 1.1 9d2dee9b44718f249b789987d2cbe62c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-request-id: 0b0e10b0-5dcc-4f8b-865a-c0472805a752
last-modified: Mon, 08 May 2023 08:57:34 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-ksc82
cf-ray: 7d03f015dbfe371a-FRA
x-amz-cf-id: -6P9ZElOOWoaTKoCQLPuKG0Y6KyjWJOCy6ulh7nuwkfefDl9GMor0w==

GET
H2 200 252628.js Show response
js.hs-analytics.net/analytics/1685585400000/ 67 KB
21 KB 46ms
19ms Script
text/javascript 2606:4700::6810:88ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1685585400000/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:88ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfc8bfeba49e01ed30a39823950918cc90cc59bff15b09416b7ffceaeb9e16e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:31 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: RMFCKDN9B2BRXPK6
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
age: 128
x-envoy-upstream-service-time: 19
x-amz-id-2: zo82e6gsDHsoH4CkWltA1dXE8Zqm1TlpGn0pIg8V1q3uFGI+K9nMrizQXIywueQ+/Dz1Udyu1xk=
x-evy-trace-listener: listener_https
x-request-id: e3cb1b95-af64-4830-b4e1-9c2ef66a6c12
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 31 May 2023 18:47:32 GMT
server: cloudflare
etag: W/"8bd9438dc2223162ae6d3e4054b0a3ec"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-f4w7q
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7d03f015e839196a-FRA
expires: Thu, 01 Jun 2023 02:16:23 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 161ms
127ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1987118913&v=1.1&a=252628&pu=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&t=Idaho+hospital+diverting+ambulances+after+cyberattack&cts=1685585611270&vi=e70ece6c737f4bc045aef30daec43925&nc=true&u=156209188.e70ece6c737f4bc045aef30daec43925.1685585611266.1685585611266.1685585611266.1&b=156209188.1.1685585611266&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d285704a-5341-4cf9-b909-0d28fd7c27d6
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0b355161-169e-4bf6-929b-d7ac10c5d373
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FT6eZQRLm8ygQ1CMYssbUJMrCdsANLGfaBzHckAtu8lMVsKc87tvuN21jeVYKzMRFFuY5v5zV%2F3tftekOZrkUxncIZaL29IpoJRqrKNoMQ%2FK7SGeOUH1FWyXTgRoDIEeV03z%2Fsivh%2ByYHVXTSwcP"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-xtt4j
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7d03f016bb47372f-FRA
x-robots-tag: none

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 726 B
570 B 13ms
13ms XHR
application/json 3.121.177.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.177.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-177-147.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d0e326b8bbdcf364239129f7bc44f81948edaf9395f1d03ba50414298fc52a6f

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
Authorization: Token 47c555096cc32557d3e6e7a333d7cb3ea692cee1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
EpsilonCookie: b8d01702b6200b00cbfe77648c0000001fe80b00

Response headers

date: Thu, 01 Jun 2023 02:13:31 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
content-length: 387

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ 0
0 14ms
14ms Preflight 3.121.177.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.177.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-177-147.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,epsiloncookie
Access-Control-Request-Method: GET
Origin: https://therecord.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,epsiloncookie
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://therecord.media
access-control-max-age: 1800
date: Thu, 01 Jun 2023 02:13:31 GMT
server: nginx

GET
H2 200 / Show response
ipv6.6sc.co/ 36 B
327 B 8ms
7ms XHR
text/html 2a02:26f0:480:23::1726:629c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:23::1726:629c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4a387f22d24171757e70738cc0751155bc4f81cbec0e85d03a290651e9ed5c02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 02:13:31 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://therecord.media
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:ac8:20:3a00:1012:4616:caba:1ba6
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468218_388391900_173253253_13_715_5_0";dur=1
content-length: 36
expires: Thu, 01 Jun 2023 02:13:31 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 17:42:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 30689
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 2 KB
2 KB 617ms
444ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=252628&utk=e70ece6c737f4bc045aef30daec43925&__hstc=156209188.e70ece6c737f4bc045aef30daec43925.1685585611266.1685585611266.1685585611266.1&__hssc=156209188.1.1685585611266&currentUrl=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06f8538bd07e2d6fdcb116970a7f77c3501e179de0c82665e9fe692fc23ce262

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ee4141fc-568c-41f7-ae41-b2504d365379
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 60
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 189527d8-2b20-457c-acc6-dc13868f2069
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://therecord.media
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCc4HjoNFx9qrBsXvkrthKC50EVn2ETd2%2ByJyguFD8CpTr19VNo2kSKKNMd%2FTF9yALe6rSLuu%2FsnepYqCG8MP%2FTRdTvfuLRPWjeg1N6noQL481ffpkCQz1N4Gq27dO%2B2uHoGvy8yZzb8Yf5ZDHls"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7d03f0184eb69b25-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-dfxrz

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 351ms
351ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=b8d01702b6200b00cbfe77648c0000001fe80b00&visitor=c181d0f8-4fdf-4ec0-8ac6-378cded794d8&session=4a488fd8-4cec-4458-8469-084c2b72a393&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2001%20Jun%202023%2002%3A13%3A31%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2001%20Jun%202023%2002%3A13%3A30%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20hospital%20serving%20a%20large%20community%20in%20Idaho%20is%20diverting%20ambulances%20to%20other%20clinics%20after%20a%20cyberattack%20damaged%20its%20computer%20systems.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&pageViewId=27571c84-1035-4472-8913-bcd4bb0de69f&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:32 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
461 B 120ms
118ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=1b047a85-2db0-47ce-a965-8fa2de5a991b&lfi=2694169&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1987118913&v=1.1&a=252628&pu=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&t=Idaho+hospital+diverting+ambulances+after+cyberattack&cts=1685585612014&vi=e70ece6c737f4bc045aef30daec43925&nc=true&u=156209188.e70ece6c737f4bc045aef30daec43925.1685585611266.1685585611266.1685585611266.1&b=156209188.1.1685585611266&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0a73de97-89fe-435c-b462-58a7d2c7d8aa
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0c0af23a-f2bd-457b-b68b-7f2fc657e177
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97bYMQqQpnJmtRxke2AkcKBTFOFpADbBiUCyDUhneX4fRvKPXdvGoBI5DyY5LspsosLG%2BiS3Kgwv2f1Hz3SMOiwItZSUh9Q2lr5SCJ%2BygWtEJ3WedMxK8K6POuUaK%2F6R4di%2FF7MeVKUOAraCbZCe"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-pwxm2
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7d03f01b1dff372f-FRA
x-robots-tag: none

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 463ms
463ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=b8d01702b6200b00cbfe77648c0000001fe80b00&visitor=c181d0f8-4fdf-4ec0-8ac6-378cded794d8&session=4a488fd8-4cec-4458-8469-084c2b72a393&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2001%20Jun%202023%2002%3A13%3A32%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2001%20Jun%202023%2002%3A13%3A31%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20hospital%20serving%20a%20large%20community%20in%20Idaho%20is%20diverting%20ambulances%20to%20other%20clinics%20after%20a%20cyberattack%20damaged%20its%20computer%20systems.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&pageViewId=27571c84-1035-4472-8913-bcd4bb0de69f&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:33 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 iphone-cd1.jpg
go.recordedfuture.com/hubfs/ 83 KB
85 KB 95ms
32ms Image
image/webp 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.recordedfuture.com/hubfs/iphone-cd1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab221b9e81a8439634c9f73c15c96457f75d3632fea1f6256fa4833acc6a314a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-99167145604,P-252628,FLS-ALL
age: 1070897
x-amz-request-id: Y9QDJ5NEHQ2DE86X
x-amz-server-side-encryption: AES256
edge-cache-tag: F-99167145604,P-252628,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="iphone-cd1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "f5c3d1b581a50e5c3637310137a43f0e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1674144065940
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Thu, 01 Jun 2023 02:13:33 GMT
strict-transport-security: max-age=31536000
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CyJHfLHHqfqm77ShwrX4xZ78eMxn5Xvx
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=229013
x-cache: Miss from cloudfront
cache-tag: F-99167145604,P-252628,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 85082
x-amz-id-2: qfiV3T+iJDoD/x5Gu3L0CNdGXBtZuO7pizwi3791hXnvvkLxOW2tIMNhSpQJdGCH7p0Ue0mcNUU=
last-modified: Thu, 19 Jan 2023 16:01:07 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmSaoEUOBNFjuykFzmYpt0BEGbpm3kveqkk1iOCnqMNRxqIQIsUfANNQLnBR%2B2hc2fl5gPnuL3fEpRHm5ZxccchZvcn09WsjX68rIDlWsHy0MWX0lhiUxuhzD%2BfKNUZKe9xnPiZ6459MQbXZDM%2FkYsZRFA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7d03f021bb6d371a-FRA
x-amz-cf-id: H5AkZXm3WyST-NTEHu6MF1Bwc3oBLGxPusHrD47dYZ9Hor0wvJX2Eg==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 361ms
361ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=b8d01702b6200b00cbfe77648c0000001fe80b00&visitor=c181d0f8-4fdf-4ec0-8ac6-378cded794d8&session=4a488fd8-4cec-4458-8469-084c2b72a393&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2001%20Jun%202023%2002%3A13%3A33%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2001%20Jun%202023%2002%3A13%3A32%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223004%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20hospital%20serving%20a%20large%20community%20in%20Idaho%20is%20diverting%20ambulances%20to%20other%20clinics%20after%20a%20cyberattack%20damaged%20its%20computer%20systems.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&pageViewId=27571c84-1035-4472-8913-bcd4bb0de69f&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:34 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 353ms
353ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=b8d01702b6200b00cbfe77648c0000001fe80b00&visitor=c181d0f8-4fdf-4ec0-8ac6-378cded794d8&session=4a488fd8-4cec-4458-8469-084c2b72a393&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2001%20Jun%202023%2002%3A13%3A34%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2001%20Jun%202023%2002%3A13%3A33%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224005%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20hospital%20serving%20a%20large%20community%20in%20Idaho%20is%20diverting%20ambulances%20to%20other%20clinics%20after%20a%20cyberattack%20damaged%20its%20computer%20systems.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&pageViewId=27571c84-1035-4472-8913-bcd4bb0de69f&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:35 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 351ms
351ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=b8d01702b6200b00cbfe77648c0000001fe80b00&visitor=c181d0f8-4fdf-4ec0-8ac6-378cded794d8&session=4a488fd8-4cec-4458-8469-084c2b72a393&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2001%20Jun%202023%2002%3A13%3A35%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2001%20Jun%202023%2002%3A13%3A34%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225006%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20hospital%20serving%20a%20large%20community%20in%20Idaho%20is%20diverting%20ambulances%20to%20other%20clinics%20after%20a%20cyberattack%20damaged%20its%20computer%20systems.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&pageViewId=27571c84-1035-4472-8913-bcd4bb0de69f&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 02:13:36 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET img.gif
b.6sc.co/v1/beacon/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b.6sc.co
URL: https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=b8d01702b6200b00cbfe77648c0000001fe80b00&visitor=c181d0f8-4fdf-4ec0-8ac6-378cded794d8&session=4a488fd8-4cec-4458-8469-084c2b72a393&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2001%20Jun%202023%2002%3A13%3A36%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2001%20Jun%202023%2002%3A13%3A35%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226007%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20hospital%20serving%20a%20large%20community%20in%20Idaho%20is%20diverting%20ambulances%20to%20other%20clinics%20after%20a%20cyberattack%20damaged%20its%20computer%20systems.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Idaho%20hospital%20diverting%20ambulances%20after%20cyberattack%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fidaho-hospital-diverting-ambulances-after-cyberattack&pageViewId=27571c84-1035-4472-8913-bcd4bb0de69f&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.therecord.media/	1970-01-20 21:39:00	Name: _pk_id.2.de70 Value: 1a91c1e84c9ec163.1685585610.
.therecord.media/	1970-01-20 12:13:07	Name: _pk_ses.2.de70 Value: 1
.therecord.media/	1970-01-20 21:49:05	Name: _ga_EYNZBT8ZP2 Value: GS1.1.1685585610.1.0.1685585610.60.0.0
.therecord.media/	1970-01-20 21:49:05	Name: _ga Value: GA1.2.1313951068.1685585610
.therecord.media/	1970-01-20 12:14:32	Name: _gid Value: GA1.2.408399814.1685585610
.therecord.media/	1970-01-20 12:13:05	Name: _gat_UA-9153858-16 Value: 1
therecord.media/	1970-01-20 21:49:05	Name: _gd_visitor Value: c181d0f8-4fdf-4ec0-8ac6-378cded794d8
therecord.media/	1970-01-20 12:13:20	Name: _gd_session Value: 4a488fd8-4cec-4458-8469-084c2b72a393
.6sc.co/	1970-01-20 21:49:05	Name: 6suuid Value: b8d01702b6200b00cbfe77648c0000001fe80b00
therecord.media/	1970-01-20 12:23:10	Name: _an_uid Value: 0
.therecord.media/	1970-01-20 16:32:17	Name: __hstc Value: 156209188.e70ece6c737f4bc045aef30daec43925.1685585611266.1685585611266.1685585611266.1
.therecord.media/	1970-01-20 16:32:17	Name: hubspotutk Value: e70ece6c737f4bc045aef30daec43925
.therecord.media/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.therecord.media/	1970-01-20 12:13:07	Name: __hssc Value: 156209188.1.1685585611266
therecord.media/	1970-01-20 21:49:05	Name: _gd_svisitor Value: b8d01702b6200b00cbfe77648c0000001fe80b00
.hubspot.com/	1970-01-20 12:13:07	Name: __cf_bm Value: AJgTxz8fBRuOFikCZIoSRRID8CUs9CAAai8p7UkCiGc-1685585611-0-Aedse6S+p36uB5LSDhGlHTkbsEEUmOhqOUWSzpFm8pdIEoZhDQt3SiR/b6NMAoltPPr3BuCN1QLx2Nwhj/Y66z0=
.go.recordedfuture.com/	1970-01-20 12:13:07	Name: __cf_bm Value: Z7UkJLeHBffnACsKowLrjlvbWLlijOQsJxMD39vmSg4-1685585613-0-AZxpet56SbZTOlxPF3+CJQ5XdiotAXSJTIPZkFDNIWCh5Q+1F1/bZ5g9W6hVtyY18aagKqLlzaF2gHXnJxdQDCo=
.go.recordedfuture.com/	1969-12-31 23:59:59	Name: __cfruid Value: 3f2b5ce10008c865beaae85b70c440274be55809-1685585613

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.6sc.co
c.6sc.co
cdn.matomo.cloud
cms.therecord.media
epsilon.6sense.com
forms.hubspot.com
go.recordedfuture.com
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
recordedfuture.matomo.cloud
region1.analytics.google.com
secure.adnxs.com
stats.g.doubleclick.net
therecord.media
track.hubspot.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.recordedfuture.com
b.6sc.co
104.18.7.66
18.195.235.189
2001:4860:4802:32::36
2600:9000:223f:a00:c:7d55:b3c0:93a1
2606:2c40::c73c:67fe
2606:4700::6810:88ce
2606:4700::6811:806e
2606:4700::6812:19c4
2606:4700::6812:1c78
2606:4700::6812:853b
2606:4700::6813:9a53
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9d
2a02:26f0:480:23::1726:629c
3.121.177.147
37.252.171.22
95.101.111.184
004ad7ae328326c88e491f481311cba704a9b9fbf0df2a0ed802d1930cf5f81f
0126459d9043b28cbe745a157a1194b4abffe32ce0dd9e0afdbab6e1a3af2eef
04b586d07a484c8434549bce3719c6b222f543da3992280d7d0e5aba73e58cc7
0542d1f64615cdf1d0e76b28a3f39dccb487f3d4f382ab920536235c116ab42a
065d11c3edc7d6f3d7809c6df1c007b011810a7df894b0e0c1368997cf17f507
06ab3d562254b2f89a9fb09746c836f3d56e8e00bd06d76b775b15ff5823604e
06f8538bd07e2d6fdcb116970a7f77c3501e179de0c82665e9fe692fc23ce262
0785814c9f17a5fc55185f968de26cf6b19e8ff5007cf66fcec37e7b8a0dd1ec
0896412eb077b01ea4bf1579f105263d1a28373d9eeb6affb1800c9bc7c5a061
11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
26a2efe457f5f50a49594cea2ddddc306b802786b9e2c01ddd090236b9ea166d
2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470
315b695fcd50b58f25bcef0becc53aa578aac40b355a414bcbfebed92f14978c
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
342c8bd1bd1f5b7406f1bfad705ed27cd753b772e1391552a77909a1578559a5
344cd43902a0ac8a2a12b112a9a9904fb7b26ebd33ead31a492aed6ef4e89b82
3c4a733205c0b397c37de87301bbbf39491fd37c51d1b5694654942fec38a6df
457a3cd5890ef5f0c41b74038b0b0cd9386b1a52e8be6a118d1a94cce0e4c8fa
470dd11ae872e1455ea918fb6cb9476a129b731cf3e2185f8a3e152ed4bf8aab
494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a
4a387f22d24171757e70738cc0751155bc4f81cbec0e85d03a290651e9ed5c02
4aec96eddab69454e554bb60664da2e5043c363ebef6921644f619523e7274d7
54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7
54e6f24f5bf51402947931f3227cf889515c1e5d7e7bfe5f3f1417ecfedaa5ac
58b7835fb7b6028146a46edd3ef238b71759d0a5d597ce39f90b7de730899e92
5ee991a0c7b4e97c3f3bed105ec45c51539d713e24dda231aac9f42513b661af
6e2cca35da71cc90dd97a2099da49bce8052f3a04fe2856851150aad2ca9071f
6fb145f1185850a1f9937c5d5afb3260adbcef791d0a94e1c09b54aa00808982
6fb3140db2839cabd3662044ef7791206df377b2211046abc71dd039f05fe082
75ef329dcdc3a24cb69b9057b00d785e7ce58c751f55aed75205871c3c62809a
7b0b9f163454a2d476c3930174ed354b5d661060c2a2581e434f8b0b74392d76
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
855cb45a2acd289ec3a95989aecfc607f462dd901db826445842249de79ef9c5
863992fc545e342de7de4eae469939153b13fea3521535abd460dee5acc48aaf
8918e9265090b780339139838df284944fdd545be8a8b0e8bb2c20afe63f051e
8dd18c75482a45781775121cf8db14c760274d053f5fcc23d22862c2cc3abfe0
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
9239f316beef45cfc6ba7c2b31298e0da40af5924c7c20894960238ede334d68
9caa51975dc97351ceb4e544fab746be9aee637db3095652a84b8dc68241e6ec
9ee11adc1b8a07690a50fd39754716e40c4b4bea9b92d29814d40b684c39cd22
a0b1f949528f7a3a2d2ff3b6df67c6c1b5cb8f62a2eba6eb5e06adff2d5795f3
a8ba4b2611ad2d0d83b1eaad739555f188f7b552bb8fdc7dd446295386699394
aa0750969185b9aaa2428428bc464092c46f8455a9e882eeb417cb49b2b229d2
ab221b9e81a8439634c9f73c15c96457f75d3632fea1f6256fa4833acc6a314a
b5dc34a658afe8d1574fa290eb62dcc0732143107a72da190f04ef5ceea4e547
b7be024e3f21c8f68e4c0698b0c37f6133523673b78f9115aa2559392cca923c
bfc8bfeba49e01ed30a39823950918cc90cc59bff15b09416b7ffceaeb9e16e7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d0e326b8bbdcf364239129f7bc44f81948edaf9395f1d03ba50414298fc52a6f
d5b615b0ea3700aa39353e3efe4de55958456635c01391ad2f67dbed0b58c756
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de0b8e63c2af265233efeaf73a0e92df6d840705785f6381232e013fd550d5d6
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
dfa0c8eba7dda53830cf673d2704ff934d0e3160454003d4517860dfaea978ff
e1885518498078290fc8152f0618b843ebfa8df10726b4571b11ec0355be9ee3
e2ea411b32eb0f8f7ecee62a4a599e510c68d51c04b0246e436a50ea016b70e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e462bff299dcf3d0e319045b9b4d79cd70615adb8be2af3be5ba9f6c1700d7ab
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9ef58db6fdde274335fb270945ec10a93dce52344bfef544070bab8ec4d2ec7
ee9e9d7a8d5f2a8b5ecb6df3c8a57c53f0647a840eade6ec56c96c583caf0b2c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8
f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

therecord.media Open in urlscan Pro 2606:4700::6812:1c78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

89 Requests

99 %HTTPS

74 %IPv6

16 Domains

23 Subdomains

20 IPs

4 Countries

2366 kBTransfer

5809 kBSize

18 Cookies

22 Outgoing links

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

therecord.media Open in urlscan Pro
2606:4700::6812:1c78 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

99 %
HTTPS

74 %
IPv6

16
Domains

23
Subdomains

20
IPs

4
Countries

2366 kB
Transfer

5809 kB
Size

18
Cookies

89 HTTP transactions
1 data transactions