therecord.media Open in urlscan Pro
2606:4700::6812:721  Public Scan

17 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/	61 KB 13 KB	770ms 744ms	Document text/html	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4d147b1ce2a2f363ba2bbbdbf23bed6cc8a833ba25c14e6a01ac9f6947c7d0d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Sun, 07 Nov 2021 01:49:42 GMT content-type text/html; charset=UTF-8 cache-control public, max-age=600 link <https://therecord.media/?p=8763>; rel=shortlink strict-transport-security max-age=31536000; includeSubDomains x-pantheon-styx-hostname styx-fe2-a-5bffbbcccc-jl55h x-pingback https://therecord.media/xmlrpc.php x-styx-req-id f9d74519-3f6c-11ec-8e4f-72b5c3456d69 x-served-by cache-mdw17324-MDW, cache-wdc5525-WDC x-cache MISS, MISS x-cache-hits 0, 0 x-timer S1636249782.209620,VS0,VE242 vary Accept-Encoding, Cookie, Cookie age 0 via 1.1 varnish, 1.1 varnish cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6aa2e810aeb34e50-FRA content-encoding br
GET H2	200	style.min.css therecord.media/wp-includes/css/dist/block-library/	57 KB 9 KB	16ms 15ms	Stylesheet text/css	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-includes/css/dist/block-library/style.min.css Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding cf-cache-status HIT age 12206668 x-pantheon-styx-hostname styx-fe2-a-58bcd5f458-np279 x-cache HIT, HIT content-encoding br x-served-by cache-mdw17350-MDW, cache-bwi5083-BWI last-modified Fri, 18 Jun 2021 14:42:50 GMT server cloudflare x-timer S1624043115.854483,VS0,VE1 etag W/"60ccb0ea-e33b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type text/css x-styx-req-id 573360ec-d067-11eb-b79d-3aa163f41238 expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 cf-ray 6aa2e8157ae54e50-FRA x-cache-hits 1, 1
GET H2	200	rf-rss-widget.css therecord.media/wp-content/plugins/rf-rss-feed/public/css/	473 B 517 B	15ms 14ms	Stylesheet text/css	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-content/plugins/rf-rss-feed/public/css/rf-rss-widget.css Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77e8232dee29ca904e5726f29b02f784c6155de5e388e61570a74aedf61b69de Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding cf-cache-status HIT age 1333502 cf-polished origSize=944 x-pantheon-styx-hostname styx-fe2-a-5f44469ddc-644w6 x-cache HIT, HIT cf-bgj minify content-encoding br x-served-by cache-mdw17347-MDW, cache-bwi5020-BWI last-modified Fri, 22 Oct 2021 15:23:12 GMT server cloudflare x-timer S1634916281.927384,VS0,VE1 etag W/"6172d760-3b0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type text/css x-styx-req-id 21850fdb-334c-11ec-8013-ce1f3dd47c6f expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 cf-ray 6aa2e8157ae64e50-FRA x-cache-hits 1, 1
GET H2	200	jquery.mCustomScrollbar.min.css cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/	42 KB 4 KB	32ms 14ms	Stylesheet text/css	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/jquery.mCustomScrollbar.min.css Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 5218470 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 3359 timing-allow-origin * last-modified Mon, 04 May 2020 16:12:04 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ed4-a757" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xva%2FBIVd6eksvIai2nRN5Q7nEdJQTN8UK%2B%2FPK5DRAgLh0jEcg%2FZOgUtiSrrkgE5eqPsVZ4xQ3o%2BcXnsXKWfy6LyFa8Qc2H663OWeCGsaUwW%2BWgzJea%2FUJQPJ%2Fv3fvHYjHMHU%2BQV9dh3eI%2BFX1qPtaZgT"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6aa2e8159a5c698b-FRA expires Fri, 28 Oct 2022 01:49:42 GMT
GET H2	200	jquery.fancybox.min.css cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/	12 KB 4 KB	37ms 19ms	Stylesheet text/css	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1054969 x-jsd-version 3.5.7 x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-served-by cache-fra19144-FRA timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"31fb-G+m3m+AqHPxdlsSl4P649HK6vZU" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 6aa2e8159dcf5c20-FRA
GET H2	200	style-v4.css therecord.media/wp-content/themes/therecordmedia/assets/css/	345 KB 48 KB	27ms 26ms	Stylesheet text/css	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b31a805b14cdf1311a94debe97e7d5695f38eca4dddc65d98cb58e9c281cf36d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding cf-cache-status HIT age 151958 cf-polished origSize=459099 x-pantheon-styx-hostname styx-fe2-a-5f44469ddc-mzv6h x-cache MISS, HIT cf-bgj minify content-encoding br x-served-by cache-mdw17369-MDW, cache-bwi5063-BWI last-modified Thu, 28 Oct 2021 15:47:43 GMT server cloudflare x-timer S1636097825.682192,VS0,VE148 etag W/"617ac61f-7015b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type text/css x-styx-req-id 0235c6d1-3816-11ec-8a90-9e98479f2435 expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 cf-ray 6aa2e8157ae74e50-FRA x-cache-hits 0, 1
GET H2	200	custom-v8.css therecord.media/wp-content/themes/therecordmedia/assets/css/	6 KB 2 KB	17ms 16ms	Stylesheet text/css	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-content/themes/therecordmedia/assets/css/custom-v8.css Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a01127152b090004aa159e0d56664e2268a1de5334ba6d9d6515388a0f53a3b9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding cf-cache-status HIT age 11264682 cf-polished origSize=7291 x-pantheon-styx-hostname styx-fe2-b-64744c95b6-59x78 x-cache MISS, HIT cf-bgj minify content-encoding br x-served-by cache-mdw17351-MDW, cache-bwi5032-BWI last-modified Tue, 29 Jun 2021 16:31:39 GMT server cloudflare x-timer S1624985100.589549,VS0,VE0 etag W/"60db4aeb-1c7b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type text/css x-styx-req-id b97de432-d8f7-11eb-9f9d-26b2e6fca046 expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 pantheon-trace-id e31e4012037149c18539f2eb32ebdebd cf-ray 6aa2e8157ae84e50-FRA x-cache-hits 0, 2
GET H2	200	ytprefs.min.css therecord.media/wp-content/plugins/youtube-embed-plus/styles/	6 KB 1 KB	33ms 33ms	Stylesheet text/css	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54b16a534f27d39f8edb7dd908ecf182b4be466f86f28ac0f01f415f2ba9d1cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding cf-cache-status HIT age 6478280 x-pantheon-styx-hostname styx-fe2-b-9c6567bff-dpnrq x-cache HIT, HIT content-encoding br x-served-by cache-mdw17355-MDW, cache-bwi5029-BWI last-modified Thu, 19 Aug 2021 07:48:05 GMT server cloudflare x-timer S1629771503.943666,VS0,VE1 etag W/"611e0cb5-178c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type text/css x-styx-req-id cb393b38-0105-11ec-a177-82c72c65dce1 expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 pantheon-trace-id e2c120c892b64b5dbcc2d82e5a2a0ba7 cf-ray 6aa2e8157aea4e50-FRA x-cache-hits 1, 1
GET H2	200	cookieconsent.min.css therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/css/	20 KB 4 KB	33ms 33ms	Stylesheet text/css	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/css/cookieconsent.min.css Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c21f3f80c9adfdf9070c994d881f2069818a2d409b62834c805a7f17f08c91ef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding cf-cache-status HIT age 3240003 x-pantheon-styx-hostname styx-fe2-b-56496ffc66-bczg7 x-cache MISS, HIT content-encoding br x-served-by cache-mdw17369-MDW, cache-bwi5025-BWI last-modified Wed, 22 Sep 2021 16:58:27 GMT server cloudflare x-timer S1633009779.001439,VS0,VE1 etag W/"614b60b3-519d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type text/css x-styx-req-id 3d36d8a9-1cba-11ec-9a30-9625054942ed expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 cf-ray 6aa2e8157aeb4e50-FRA x-cache-hits 0, 1
GET H2	200	PrimaryLogo-RGB-Carrot.svg therecord.media/wp-content/uploads/2021/06/	5 KB 2 KB	30ms 29ms	Image image/svg+xml	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://therecord.media/wp-content/uploads/2021/06/PrimaryLogo-RGB-Carrot.svg Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6429c09d26d4abed1c51691f17eb89c9c1fedf440964890e2a0fe9801e93e653 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding cf-cache-status HIT age 12222319 x-pantheon-styx-hostname styx-fe2-a-58bcd5f458-jjb4g x-cache MISS, HIT content-encoding br x-served-by cache-mdw17377-MDW, cache-wdc5533-WDC last-modified Fri, 18 Jun 2021 14:43:58 GMT server cloudflare x-timer S1624027463.123564,VS0,VE1 etag W/"60ccb12e-1421" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type image/svg+xml access-control-allow-origin * expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 cf-ray 6aa2e8157aee4e50-FRA x-styx-req-id 9f508062-d043-11eb-9cf1-ee94bcaaf0ad x-cache-hits 0, 1
GET H2	200	hacker-keyboard-computer-cybercrime.jpg therecord.media/wp-content/uploads/2021/11/	121 KB 121 KB	16ms 16ms	Image image/webp	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://therecord.media/wp-content/uploads/2021/11/hacker-keyboard-computer-cybercrime.jpg Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bfe407d86cce265cd69801e09bf714acb62db1cdd49e397b782df8ab9f29572f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish cf-cache-status HIT age 1390 cf-polished origFmt=jpeg, origSize=142812 x-cache HIT, HIT x-cache-hits 1, 1 content-disposition inline; filename="hacker-keyboard-computer-cybercrime.webp" cf-bgj imgq:100,h2pri content-length 123784 x-served-by cache-mdw17383-MDW, cache-bwi5066-BWI last-modified Wed, 03 Nov 2021 16:48:06 GMT server cloudflare x-timer S1636248393.735327,VS0,VE2 etag "6182bd46-22ddc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept strict-transport-security max-age=31536000; includeSubDomains content-type image/webp x-styx-req-id 563948bf-3cc6-11ec-a09e-227203492b43 expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 accept-ranges bytes cf-ray 6aa2e8157aef4e50-FRA x-pantheon-styx-hostname styx-fe2-a-5f44469ddc-2wb7t
GET H2	200	rocket-loader.min.js Show response therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	11ms 10ms	Script application/javascript	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 05 Nov 2021 13:28:28 GMT server cloudflare x-frame-options DENY etag W/"6185317c-302c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control max-age=172800, public strict-transport-security max-age=31536000; includeSubDomains cf-ray 6aa2e8157af04e50-FRA expires Tue, 09 Nov 2021 01:49:42 GMT
GET H2	200	complianz.min.js Show response therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/	40 KB 9 KB	16ms 14ms	Script application/x-javascript	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/complianz.min.js Requested by Host: therecord.media URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 326d6c39524da9a4b3d35286c798b93738a4665b29ce498d5b5df959a3a19012 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding cf-cache-status HIT age 3240003 x-pantheon-styx-hostname styx-fe2-a-6b6d6f77d6-2h8pw x-cache MISS, HIT content-encoding br x-served-by cache-mdw17344-MDW, cache-wdc5581-WDC last-modified Fri, 24 Sep 2021 02:54:39 GMT server cloudflare x-timer S1633009780.604201,VS0,VE1 etag W/"614d3def-9e2d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type application/x-javascript x-styx-req-id d3d16fdf-1d22-11ec-b5ec-8e8cf3dee576 expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 cf-ray 6aa2e8159b134e50-FRA x-cache-hits 0, 1
GET H2	200	postscribe.min.js Show response therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/	17 KB 6 KB	21ms 18ms	Script application/x-javascript	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/postscribe.min.js Requested by Host: therecord.media URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding cf-cache-status HIT age 2329671 x-pantheon-styx-hostname styx-fe2-b-56496ffc66-8s28k x-cache MISS, HIT content-encoding br x-served-by cache-mdw17344-MDW, cache-wdc5553-WDC last-modified Sun, 26 Sep 2021 06:54:48 GMT server cloudflare x-timer S1633920111.464426,VS0,VE1 etag W/"61501938-45f4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type application/x-javascript x-styx-req-id f070e800-1f28-11ec-85ab-0e5e40533d09 expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 cf-ray 6aa2e8159b164e50-FRA x-cache-hits 0, 1
GET H2	200	cookieconsent.min.js Show response therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/	25 KB 8 KB	20ms 18ms	Script application/x-javascript	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/cookieconsent.min.js Requested by Host: therecord.media URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81dbdd695385ce9e3065e0cf1d8f058169de79244b1d1be4059b527e31d23c77 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding cf-cache-status HIT age 779361 x-pantheon-styx-hostname styx-fe2-a-5f44469ddc-p85k9 x-cache MISS, HIT content-encoding br x-served-by cache-mdw17356-MDW, cache-wdc5559-WDC last-modified Thu, 28 Oct 2021 15:47:42 GMT server cloudflare x-timer S1635470421.994134,VS0,VE1 etag W/"617ac61e-6441" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type application/x-javascript x-styx-req-id 37dcbcf5-3813-11ec-8d6c-a6abd588099d expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 cf-ray 6aa2e8159b184e50-FRA x-cache-hits 0, 1
GET H2	200	fitvids.min.js Show response therecord.media/wp-content/plugins/youtube-embed-plus/scripts/	3 KB 1 KB	24ms 21ms	Script application/x-javascript	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js Requested by Host: therecord.media URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding cf-cache-status HIT age 9228166 x-pantheon-styx-hostname styx-fe2-b-64744c95b6-qzl9f x-cache MISS, HIT content-encoding br x-served-by cache-mdw17352-MDW, cache-bwi5072-BWI last-modified Wed, 07 Jul 2021 15:27:39 GMT server cloudflare x-timer S1627021616.295313,VS0,VE1 etag W/"60e5c7eb-aaf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type application/x-javascript x-styx-req-id 2b878fd4-dfd6-11eb-ab67-3a80d45744de expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 pantheon-trace-id 928014bde77a4d1f82f5596e8b906c10 cf-ray 6aa2e8159b194e50-FRA x-cache-hits 0, 1
GET H2	200	main.js Show response therecord.media/wp-content/themes/therecordmedia/assets/js/	24 KB 7 KB	23ms 20ms	Script application/x-javascript	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-content/themes/therecordmedia/assets/js/main.js Requested by Host: therecord.media URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13a5d6deee5c86d1c86f8ab010b3dfcab1b0b500590024d8c7a44c279c96d443 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding cf-cache-status HIT age 12206320 cf-polished origSize=45161 x-pantheon-styx-hostname styx-fe2-a-58bcd5f458-np279 x-cache MISS, HIT cf-bgj minify content-encoding br x-served-by cache-mdw17374-MDW, cache-bwi5067-BWI last-modified Fri, 18 Jun 2021 18:56:23 GMT server cloudflare x-timer S1624043463.515417,VS0,VE1 etag W/"60ccec57-b069" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type application/x-javascript x-styx-req-id 570fb616-d067-11eb-b79d-3aa163f41238 expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 cf-ray 6aa2e8159b1a4e50-FRA x-cache-hits 0, 1
GET H2	200	jquery.fancybox.min.js Show response cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/	67 KB 22 KB	42ms 39ms	Script application/javascript	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js Requested by Host: therecord.media URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1054969 x-jsd-version 3.5.7 x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-served-by cache-fra19164-FRA timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"10a9d-YYFBLnOWZpbQjh5bEkOlctDyK6Y" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 6aa2e8159dd95c20-FRA
GET H2	200	jquery.mCustomScrollbar.min.js Show response cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/	39 KB 11 KB	14ms 11ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/jquery.mCustomScrollbar.min.js Requested by Host: therecord.media URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 00a1230e22b6af3f9df1348f2cd54dc9dbe026f3a41b9bde3009dcefd1648ae1 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 4748472 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 10595 timing-allow-origin * last-modified Mon, 04 May 2020 16:12:04 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ed4-9cd4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cCXulegbvJYBBVYUekZgX6luJrnZf6r0vQzR6ktST43RoI42ActPk07ApcgOaBtxQqdWENlb%2BgN%2BwAtlrwRGkoatFNggVCE8WVi5P6DGHM1YHwY9oZGjmFsKh4dvvbCQnc%2FvY7Bq4Mdayljvk3EobMSn"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6aa2e8159a64698b-FRA expires Fri, 28 Oct 2022 01:49:42 GMT
GET H2	200	custom-v2.js Show response therecord.media/wp-content/themes/therecordmedia/assets/js/	828 B 728 B	18ms 16ms	Script application/x-javascript	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-content/themes/therecordmedia/assets/js/custom-v2.js Requested by Host: therecord.media URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f7b3c1c9a817380967e2d68f41c86b4649b68dba06b37a49dab55bb5c5a6eab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding cf-cache-status HIT age 12042846 cf-polished origSize=1551 x-pantheon-styx-hostname styx-fe2-a-58bcd5f458-k527r x-cache MISS, HIT cf-bgj minify content-encoding br x-served-by cache-mdw17335-MDW, cache-bwi5070-BWI last-modified Sun, 20 Jun 2021 16:33:59 GMT server cloudflare x-timer S1624206936.187959,VS0,VE1 etag W/"60cf6df7-60f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type application/x-javascript x-styx-req-id 5b211bab-d1e5-11eb-ae7b-5e65bf8051b7 expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 cf-ray 6aa2e8159b1b4e50-FRA x-cache-hits 0, 1
GET H2	200	bundle.js Show response therecord.media/wp-content/themes/therecordmedia/assets/js/	276 KB 72 KB	25ms 23ms	Script application/x-javascript	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-content/themes/therecordmedia/assets/js/bundle.js Requested by Host: therecord.media URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8df981a2e0d74a44530cfe140f2ce72ad4cb7be724706b7a3cfcb160bd06590f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding cf-cache-status HIT age 4748802 cf-polished origSize=525445 x-pantheon-styx-hostname styx-fe2-b-9c6567bff-5qtlq x-cache MISS, HIT cf-bgj minify content-encoding br x-served-by cache-mdw17322-MDW, cache-bwi5075-BWI last-modified Sat, 21 Aug 2021 20:07:26 GMT server cloudflare x-timer S1631500980.357841,VS0,VE2 etag W/"61215cfe-80485" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type application/x-javascript x-styx-req-id be4db0e1-0318-11ec-8d11-0a99b6d1f344 expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 pantheon-trace-id 362234123dd944ff9642193a1cc6cdb5 cf-ray 6aa2e8159b1e4e50-FRA x-cache-hits 0, 1
GET H2	200	js Show response www.googletagmanager.com/gtag/	90 KB 36 KB	42ms 15ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-9153858-16 Requested by Host: therecord.media URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ef0af8374f5f461615841a0310b1519bded90707a4702a79660de4280e28b9d4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36452 x-xss-protection 0 last-modified Sun, 07 Nov 2021 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 07 Nov 2021 01:49:42 GMT
GET		252628.js js.hs-scripts.com/	0 0
GET H2	200	ytprefs.min.js Show response therecord.media/wp-content/plugins/youtube-embed-plus/scripts/	10 KB 3 KB	19ms 18ms	Script application/x-javascript	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js Requested by Host: therecord.media URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f617a099ba9e73c30624d09ec9c8cb90ae3e784e8f89d94be4574dfe1496266 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding cf-cache-status HIT age 11708488 x-pantheon-styx-hostname styx-fe2-b-64744c95b6-59x78 x-cache MISS, HIT content-encoding br x-served-by cache-mdw17357-MDW, cache-bwi5042-BWI last-modified Thu, 24 Jun 2021 13:21:22 GMT server cloudflare x-timer S1624541294.072034,VS0,VE1 etag W/"60d486d2-26a1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type application/x-javascript x-styx-req-id e77377f0-d4ef-11eb-9f9d-26b2e6fca046 expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 cf-ray 6aa2e8159b1f4e50-FRA x-cache-hits 0, 1
GET H2	200	modernizr_2.8.3.js Show response therecord.media/wp-content/themes/therecordmedia/assets/js/	15 KB 6 KB	23ms 21ms	Script application/x-javascript	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-content/themes/therecordmedia/assets/js/modernizr_2.8.3.js Requested by Host: therecord.media URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82bfc506040c981ec142b63ec85a43e603310d9b5fac6598c5664a144f3c4e3e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding cf-cache-status HIT age 12206320 cf-polished origSize=15506 x-pantheon-styx-hostname styx-fe2-a-58bcd5f458-k527r x-cache HIT, HIT cf-bgj minify content-encoding br x-served-by cache-mdw17369-MDW, cache-wdc5539-WDC last-modified Fri, 18 Jun 2021 18:56:24 GMT server cloudflare x-timer S1624043463.559652,VS0,VE1 etag W/"60ccec58-3c92" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type application/x-javascript x-styx-req-id 570e3de9-d067-11eb-ae7b-5e65bf8051b7 expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 cf-ray 6aa2e8159b214e50-FRA x-cache-hits 1, 1
GET H2	200	jquery-migrate.min.js Show response therecord.media/wp-includes/js/jquery/	11 KB 4 KB	22ms 21ms	Script application/x-javascript	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-includes/js/jquery/jquery-migrate.min.js Requested by Host: therecord.media URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding cf-cache-status HIT age 12206320 x-pantheon-styx-hostname styx-fe2-b-64744c95b6-5mc9d x-cache MISS, HIT content-encoding br x-served-by cache-mdw17367-MDW, cache-bwi5046-BWI last-modified Fri, 18 Jun 2021 18:56:29 GMT server cloudflare x-timer S1624043462.471725,VS0,VE1 etag W/"60ccec5d-2bd8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type application/x-javascript x-styx-req-id 570ce0e8-d067-11eb-878c-ae0a4d7663b5 expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 cf-ray 6aa2e8159b234e50-FRA x-cache-hits 0, 1
GET H2	200	jquery.min.js Show response therecord.media/wp-includes/js/jquery/	87 KB 31 KB	28ms 28ms	Script application/x-javascript	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-includes/js/jquery/jquery.min.js Requested by Host: therecord.media URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding cf-cache-status HIT age 779361 x-pantheon-styx-hostname styx-fe2-b-6cf4595974-8pr5t x-cache MISS, HIT content-encoding br x-served-by cache-mdw17320-MDW, cache-bwi5068-BWI last-modified Thu, 28 Oct 2021 15:47:40 GMT server cloudflare x-timer S1635470421.934517,VS0,VE1 etag W/"617ac61c-15d98" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type application/x-javascript x-styx-req-id 2ddeffd5-3814-11ec-b1cd-36fd5dbf0b73 expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 cf-ray 6aa2e8159b244e50-FRA x-cache-hits 0, 1
GET H2	200	icomoon.ttf therecord.media/wp-content/themes/therecordmedia/assets/fonts/custom/	4 KB 4 KB	22ms 21ms	Font application/x-font-ttf	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-content/themes/therecordmedia/assets/fonts/custom/icomoon.ttf?fiuh6y Requested by Host: therecord.media URL: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a6db13132ef5e4dc98723529dedf677f84b4993b7db70339cb1de93a910ffce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css Origin https://therecord.media Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding cf-cache-status HIT age 12222319 x-pantheon-styx-hostname styx-fe2-a-58bcd5f458-jjb4g x-cache HIT, MISS x-served-by cache-mdw17349-MDW, cache-wdc5541-WDC last-modified Fri, 18 Jun 2021 14:42:44 GMT server cloudflare x-timer S1624027463.309480,VS0,VE20 etag W/"60ccb0e4-107c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type application/x-font-ttf access-control-allow-origin * expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 cf-ray 6aa2e815db624e50-FRA x-styx-req-id a74dac77-d043-11eb-9cf1-ee94bcaaf0ad x-cache-hits 1, 0
GET H2	200	gudea-400-latin.woff2 therecord.media/wp-content/themes/therecordmedia/assets/fonts/gudea/	8 KB 8 KB	17ms 16ms	Font font/woff2	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-content/themes/therecordmedia/assets/fonts/gudea/gudea-400-latin.woff2 Requested by Host: therecord.media URL: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f23ec5c633f64e45cdb8119ea2bd55f81bd2bf4a46131cc6e7aa415024db18f1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css Origin https://therecord.media Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish cf-cache-status HIT age 9227653 x-pantheon-styx-hostname styx-fe2-b-64744c95b6-59x78 x-cache HIT, HIT strict-transport-security max-age=31536000; includeSubDomains content-length 7856 x-served-by cache-mdw17328-MDW, cache-bwi5061-BWI last-modified Wed, 30 Jun 2021 12:38:26 GMT server cloudflare x-timer S1627022129.495128,VS0,VE1 etag "60dc65c2-1eb0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 pantheon-trace-id 0d16f0b8d33b417ea8e1885ae1232aad accept-ranges bytes cf-ray 6aa2e815db634e50-FRA x-styx-req-id 1947e86c-da48-11eb-9f9d-26b2e6fca046 x-cache-hits 1, 1
GET H2	200	oswald-400-latin.woff2 therecord.media/wp-content/themes/therecordmedia/assets/fonts/oswald/	24 KB 24 KB	19ms 18ms	Font font/woff2	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-content/themes/therecordmedia/assets/fonts/oswald/oswald-400-latin.woff2 Requested by Host: therecord.media URL: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css Origin https://therecord.media Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish cf-cache-status HIT age 936246 x-pantheon-styx-hostname styx-fe2-b-6cf4595974-6m9mg x-cache MISS, HIT strict-transport-security max-age=31536000; includeSubDomains content-length 24064 x-served-by cache-mdw17352-MDW, cache-wdc5522-WDC last-modified Tue, 12 Oct 2021 07:54:51 GMT server cloudflare x-timer S1635313536.940167,VS0,VE80 etag "61653f4b-5e00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 accept-ranges bytes cf-ray 6aa2e815db644e50-FRA x-styx-req-id 8fa416a2-2cf3-11ec-a383-3277ea497536 x-cache-hits 0, 1
GET H2	200	oswald-700-latin.woff2 therecord.media/wp-content/themes/therecordmedia/assets/fonts/oswald/	24 KB 24 KB	18ms 17ms	Font font/woff2	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-content/themes/therecordmedia/assets/fonts/oswald/oswald-700-latin.woff2 Requested by Host: therecord.media URL: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css Origin https://therecord.media Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish cf-cache-status HIT age 11264681 x-pantheon-styx-hostname styx-fe2-b-64744c95b6-5mc9d x-cache MISS, HIT strict-transport-security max-age=31536000; includeSubDomains content-length 24064 x-served-by cache-mdw17368-MDW, cache-bwi5021-BWI last-modified Tue, 29 Jun 2021 16:31:39 GMT server cloudflare x-timer S1624985102.703693,VS0,VE0 etag "60db4aeb-5e00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 pantheon-trace-id 424c6024d42a462786d6cf82ebe6d1dd accept-ranges bytes cf-ray 6aa2e815db664e50-FRA x-styx-req-id b9b2e2f0-d8f7-11eb-878c-ae0a4d7663b5 x-cache-hits 0, 3
GET H2	200	gudea-700-latin.woff2 therecord.media/wp-content/themes/therecordmedia/assets/fonts/gudea/	8 KB 8 KB	21ms 20ms	Font font/woff2	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-content/themes/therecordmedia/assets/fonts/gudea/gudea-700-latin.woff2 Requested by Host: therecord.media URL: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3d3367b895674ec706b02be65ae0ee7416f158836f88ddc1d3e469e3bdd6cd4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css Origin https://therecord.media Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish cf-cache-status HIT age 924014 x-pantheon-styx-hostname styx-fe2-a-6b6d6f77d6-hws4p x-cache MISS, HIT strict-transport-security max-age=31536000; includeSubDomains content-length 7932 x-served-by cache-mdw17349-MDW, cache-wdc5563-WDC last-modified Wed, 29 Sep 2021 19:54:57 GMT server cloudflare x-timer S1635325768.238649,VS0,VE1 etag "6154c491-1efc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 accept-ranges bytes cf-ray 6aa2e815db674e50-FRA x-styx-req-id b4bdd35b-21c8-11ec-987a-76bbec8dee9e x-cache-hits 0, 1
GET H2	200	Lockean-chain.png therecord.media/wp-content/uploads/2021/11/	30 KB 31 KB	21ms 20ms	Image image/webp	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://therecord.media/wp-content/uploads/2021/11/Lockean-chain.png Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7d22f4b0b9d866b7fa2c2919f1661ddeb93bd81541f2d2c1ebec6c5d209171fa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish cf-cache-status HIT age 1390 cf-polished origFmt=png, origSize=36708 x-cache HIT, HIT x-cache-hits 1, 1 content-disposition inline; filename="Lockean-chain.webp" cf-bgj imgq:100,h2pri content-length 31142 x-served-by cache-mdw17365-MDW, cache-bwi5047-BWI last-modified Wed, 03 Nov 2021 16:48:14 GMT server cloudflare x-timer S1636248393.830886,VS0,VE2 etag "6182bd4e-8f64" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept strict-transport-security max-age=31536000; includeSubDomains content-type image/webp x-styx-req-id 7a2b52bd-3cc6-11ec-92da-66ca9ee36be7 expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 accept-ranges bytes cf-ray 6aa2e8162b994e50-FRA x-pantheon-styx-hostname styx-fe2-a-5f44469ddc-9l82c
GET H2	200	Lockean-post-exploitation.png therecord.media/wp-content/uploads/2021/11/	5 KB 6 KB	20ms 19ms	Image image/webp	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://therecord.media/wp-content/uploads/2021/11/Lockean-post-exploitation.png Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3541fdf9d8da029f9c6f4e0a34940395e46f95a112b830d7f9f7acc9e5b8a392 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish cf-cache-status HIT age 7702 cf-polished origFmt=png, origSize=7612 x-cache HIT, HIT x-cache-hits 1, 1 content-disposition inline; filename="Lockean-post-exploitation.webp" cf-bgj imgq:100,h2pri content-length 5440 x-served-by cache-mdw17341-MDW, cache-wdc5576-WDC last-modified Wed, 03 Nov 2021 16:48:26 GMT server cloudflare x-timer S1636242081.872691,VS0,VE1 etag "6182bd5a-1dbc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept strict-transport-security max-age=31536000; includeSubDomains content-type image/webp x-styx-req-id 7a2d6925-3cc6-11ec-a383-3277ea497536 expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 accept-ranges bytes cf-ray 6aa2e8162b9b4e50-FRA x-pantheon-styx-hostname styx-fe2-b-6cf4595974-6m9mg
GET H2	200	Lockean-RaaS.png therecord.media/wp-content/uploads/2021/11/	24 KB 24 KB	21ms 20ms	Image image/webp	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://therecord.media/wp-content/uploads/2021/11/Lockean-RaaS.png Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d56c47b16f28b437878a4da97d3d57b03fe7fae1ef27087b709f3d9f40882ebf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish cf-cache-status HIT age 10570 cf-polished origFmt=png, origSize=29761 x-cache MISS, HIT x-cache-hits 0, 1 content-disposition inline; filename="Lockean-RaaS.webp" cf-bgj imgq:100,h2pri content-length 24200 x-served-by cache-mdw17352-MDW, cache-wdc5564-WDC last-modified Wed, 03 Nov 2021 16:48:31 GMT server cloudflare x-timer S1636239212.313482,VS0,VE1 etag "6182bd5f-7441" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept strict-transport-security max-age=31536000; includeSubDomains content-type image/webp x-styx-req-id 7a2cd8b5-3cc6-11ec-8335-16a4686d8166 expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 accept-ranges bytes cf-ray 6aa2e8162b9c4e50-FRA x-pantheon-styx-hostname styx-fe2-b-6cf4595974-b4lkc
GET H2	200	Lockean-victims.png therecord.media/wp-content/uploads/2021/11/	52 KB 52 KB	21ms 21ms	Image image/webp	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://therecord.media/wp-content/uploads/2021/11/Lockean-victims.png Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77d1c3c8ec1a286ae4eecc079f48f5c91a6d6a1ad8145ca29abec55904934168 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish cf-cache-status HIT age 10570 cf-polished origFmt=png, origSize=65091 x-cache MISS, HIT x-cache-hits 0, 1 content-disposition inline; filename="Lockean-victims.webp" cf-bgj imgq:100,h2pri content-length 53008 x-served-by cache-mdw17352-MDW, cache-bwi5062-BWI last-modified Wed, 03 Nov 2021 16:48:41 GMT server cloudflare x-timer S1636239212.356801,VS0,VE2 etag "6182bd69-fe43" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept strict-transport-security max-age=31536000; includeSubDomains content-type image/webp x-styx-req-id 7a2e5f8c-3cc6-11ec-949c-2a1d1f5da7d2 expires Tue, 08 Nov 2022 01:49:42 GMT cache-control public, max-age=31622400 accept-ranges bytes cf-ray 6aa2e8162b9d4e50-FRA x-pantheon-styx-hostname styx-fe2-b-6cf4595974-gsvkz
GET H2	200	malware-vulnerability-trends-report-1024x235.jpg www.recordedfuture.com/wp-content/uploads/	49 KB 50 KB	56ms 20ms	Image image/jpeg	104.18.12.124 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.recordedfuture.com/wp-content/uploads/malware-vulnerability-trends-report-1024x235.jpg Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.124 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea4a235e83977d477d1f72e32749358b1594a3e7122cd0b5496038d5ccd791cc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff cf-cache-status HIT age 118014 x-pantheon-styx-hostname styx-fe2-b-6cf4595974-gsvkz x-cache MISS, HIT cf-bgj h2pri content-length 50439 x-served-by cache-mdw17355-MDW, cache-bwi5035-BWI last-modified Tue, 31 Aug 2021 14:06:26 GMT server cloudflare x-timer S1636131769.587528,VS0,VE2 etag "612e3762-c507" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains content-type image/jpeg x-styx-req-id 39fa69c9-3d37-11ec-949c-2a1d1f5da7d2 expires Sat, 05 Nov 2022 06:19:54 GMT cache-control max-age=31622400 accept-ranges bytes cf-ray 6aa2e8165bbc433f-FRA x-cache-hits 0, 1
GET H2	200	blackmatter-ransomware-protection-1024x235.jpg www.recordedfuture.com/wp-content/uploads/	44 KB 44 KB	65ms 30ms	Image image/jpeg	104.18.12.124 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.recordedfuture.com/wp-content/uploads/blackmatter-ransomware-protection-1024x235.jpg Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.124 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e21533f30d64e48b8fdfc843f81198621a6c43d23dd66704c18abeb1d888aa5d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff cf-cache-status HIT age 118014 x-pantheon-styx-hostname styx-fe2-a-5f44469ddc-9l82c x-cache MISS, HIT cf-bgj h2pri content-length 45221 x-served-by cache-mdw17368-MDW, cache-wdc5571-WDC last-modified Wed, 04 Aug 2021 14:20:02 GMT server cloudflare x-timer S1636131769.532378,VS0,VE0 etag "610aa212-b0a5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains content-type image/jpeg x-styx-req-id bb059e28-3d45-11ec-92da-66ca9ee36be7 expires Sat, 05 Nov 2022 08:03:44 GMT cache-control max-age=31622400 accept-ranges bytes cf-ray 6aa2e8165bbe433f-FRA x-cache-hits 0, 2
GET H2	200	gtm.js Show response www.googletagmanager.com/	87 KB 33 KB	19ms 19ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86 Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e676d6d44d41a04e7d96f7062c2a6832f667fcd68c081ff3834c8bc98cb32555 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34071 x-xss-protection 0 last-modified Sun, 07 Nov 2021 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 07 Nov 2021 01:49:42 GMT
GET H2	200	matomo.js Show response cdn.matomo.cloud/recordedfuture.matomo.cloud/	191 KB 56 KB	36ms 8ms	Script application/javascript	2600:9000:2156:4800:c:7d55:b3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:4800:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c1519dacf01319cb5e0caa709cf1cb40794474a6ca4eb2de3d6fcb86c6157bf5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sat, 30 Oct 2021 18:57:31 GMT content-encoding gzip age 629532 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Sun, 17 Oct 2021 20:19:00 GMT server AmazonS3 etag W/"7cb87695146dc95cd8d88df28207416b" vary Accept-Encoding x-amz-version-id 6OU.jcK726xIXqmaHxPRdLJ.sc4VC7b9 via 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) cache-control max-age=691200 x-amz-cf-pop FRA50-C1 content-type application/javascript; charset=utf-8 x-amz-cf-id qJDIkuUqLC938igT02PCR73Mxkqt0ykDyXS_8MaGplt9ezz-8IJRgQ==
GET H2	200	container_41sBJe2I.js Show response cdn.matomo.cloud/recordedfuture.matomo.cloud/	25 KB 8 KB	35ms 8ms	Script application/javascript	2600:9000:2156:4800:c:7d55:b3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.matomo.cloud/recordedfuture.matomo.cloud/container_41sBJe2I.js Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:4800:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 65c8182d14dac6f60e0865e949489e903cd1cd54689f04c08db049ba60ac644a Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 31 Oct 2021 00:20:02 GMT content-encoding gzip age 610181 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Sun, 17 Oct 2021 20:19:00 GMT server AmazonS3 etag W/"6304dc15c11b8319dc9271b9f22417f3" vary Accept-Encoding x-amz-version-id DDB5xJvn165OAGokQb24SOTwfRkbjyjT via 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) cache-control max-age=691200 x-amz-cf-pop FRA50-C1 content-type application/javascript; charset=utf-8 x-amz-cf-id RLGcowD1qOr-E4O3tj-XkTP33c2JhTRv4w40AXbIvQ-B3Xpa9U55gw==
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 20 KB	28ms 6ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-9153858-16 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 26 Oct 2021 23:24:02 GMT server Golfe2 age 6516 date Sun, 07 Nov 2021 00:01:06 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19747 expires Sun, 07 Nov 2021 02:01:06 GMT
GET H2	200	jquery.mousewheel.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/	3 KB 1 KB	15ms 15ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js Requested by Host: therecord.media URL: https://therecord.media/wp-content/themes/therecordmedia/assets/js/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 806622 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1046 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:46 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec2-ad3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAKIB8HVxX9cy9Xu6pQ4S1MD59J5AKc9fehSrl9ycAepEJVmO3EU%2BcW1ySE29hRh8KQUx7gbHgcRC9T5mz3Pkzu%2BwyHEUEQfwUcpcJ%2BLJNyN7v%2BN09VZa8dUm9ocs5Dn9i2KlWy7vWVCAX5G%2FlHsV3%2Fr"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6aa2e816dbc0698b-FRA expires Fri, 28 Oct 2022 01:49:42 GMT
GET H2	200	iframe_api Show response www.youtube.com/	980 B 1 KB	47ms 24ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: therecord.media URL: https://therecord.media/wp-content/themes/therecordmedia/assets/js/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2aee396045e8313003eda4d9b0acc42c7a9cbd7c29b4a32480ba2489baacbecc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT content-encoding br x-content-type-options nosniff p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 server ESF x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 report-to {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=0 permissions-policy ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=* cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA" expires Sun, 07 Nov 2021 01:49:42 GMT
GET H/1.1	200 OK	6si.min.js Show response j.6sc.co/	27 KB 9 KB	57ms 7ms	Script application/javascript	104.92.74.202 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/6si.min.js Requested by Host: therecord.media URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-92-74-202.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 2707e48726a3f7ec48a1d1aec9738f20b36bac1535cfa9de2e4d92310c4e7e7a Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Sun, 07 Nov 2021 01:49:42 GMT Content-Encoding gzip X-Content-Type-Options nosniff Connection keep-alive Vary Accept-Encoding Content-Length 8575 Pragma no-cache Last-Modified Thu, 07 Oct 2021 17:17:43 GMT Server nginx/1.14.0 (Ubuntu) ETag "615f2bb7-6a5f" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST Content-Type application/javascript Access-Control-Allow-Origin Cache-Control private, no-cache, proxy-revalidate Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers * Expires Sun, 07 Nov 2021 01:49:42 GMT
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/	13 KB 5 KB	52ms 37ms	Script text/javascript	2606:4700::6810:5f41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT content-encoding gzip last-modified Fri, 22 Oct 2021 22:23:12 GMT server cloudflare etag W/2021.9.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 6aa2e8171ea94e08-FRA
POST H2	204	matomo.php recordedfuture.matomo.cloud/	0 167 B	64ms 38ms	Ping text/plain	52.223.61.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://recordedfuture.matomo.cloud/matomo.php?action_name=therecord.media%2FCERT-France%3A%20Lockean%20ransomware%20group%20behind%20attacks%20on%20French%20companies%20-%20The%20Record%20by%20Recorded%20Future&idsite=2&rec=1&r=485061&h=1&m=49&s=42&url=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&_id=6ec717dc437d522d&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=plzBHr&fa_pv=1&fa_fp[0][fa_vid]=atmjFe&fa_fp[0][fa_fv]=1&fa_fp[2][fa_vid]=c1SbTH&fa_fp[2][fa_fv]=1&fa_fp[3][fa_vid]=qCy2W0&fa_fp[3][fa_fv]=1&pf_net=26&pf_srv=744&pf_tfr=2&pf_dm1=29&pf_dm2=126&pf_onl=1 Requested by Host: cdn.matomo.cloud URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.61.136 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a8b6f710f441cdbc2.awsglobalaccelerator.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://therecord.media/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers access-control-allow-origin https://therecord.media date Sun, 07 Nov 2021 01:49:42 GMT access-control-allow-credentials true server Apache vary X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 205 B	14ms 13ms	XHR text/plain	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j93&a=521777686&t=pageview&_s=1&dl=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&ul=en-us&de=UTF-8&dt=CERT-France%3A%20Lockean%20ransomware%20group%20behind%20attacks%20on%20French%20companies%20-%20The%20Record%20by%20Recorded%20Future&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1393691491&gjid=2049737579&cid=1631380929.1636249783&tid=UA-9153858-16&_gid=1959279463.1636249783&_r=1&gtm=2oub31&z=1977701677 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://therecord.media/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 07 Nov 2021 01:49:42 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://therecord.media cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	configs.php Show response recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/	116 B 291 B	22ms 19ms	Script application/javascript	52.223.61.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=qA7skp&url=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F Requested by Host: cdn.matomo.cloud URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.61.136 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a8b6f710f441cdbc2.awsglobalaccelerator.com Software Apache / Resource Hash c7b225b475b0e935a03c2033ea905c1afc5e5f821833af5e0e07c45897f64d5f Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT content-encoding gzip server Apache content-length 119 vary X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent content-type application/javascript
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/8eb5bf0c/www-widgetapi.vflset/	143 KB 47 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/8eb5bf0c/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b64f85d8068989c158ba9a881e4b5f4971eb769a6ec9ae697f5a0728ba294fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sat, 06 Nov 2021 20:15:54 GMT content-encoding br x-content-type-options nosniff age 20028 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47334 x-xss-protection 0 last-modified Wed, 03 Nov 2021 00:18:20 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sun, 06 Nov 2022 20:15:54 GMT
GET H2	200	252628.js Show response js.hs-scripts.com/	877 B 866 B	18ms 16ms	Script application/javascript	2606:4700::6811:d3cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/252628.js Requested by Host: therecord.media URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10cb15d2de1dbcea993d05695012119b6b62f3920b23942907738a1c8e5980f6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:42 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 0 cf-polished origSize=984 x-hubspot-correlation-id 8d5833d9-f6d3-48cd-a1d7-53e04400f9b0 last-modified Sun, 07 Nov 2021 01:49:42 GMT server cloudflare x-trace 2B5B6F57C842792856C15D2532D977A44D3E1EC4AA000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://therecord.media expires Sun, 07 Nov 2021 01:50:42 GMT cache-control public, max-age=60 access-control-allow-credentials true cf-ray 6aa2e81759801f35-FRA cf-bgj minify
GET H2	200	/ Show response therecord.media/wp-json/complianz/v1/banner/	130 B 599 B	242ms 242ms	XHR application/json	2606:4700::6812:721 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://therecord.media/wp-json/complianz/v1/banner/?lang=en&locale=en_US&token=gvkxo Requested by Host: therecord.media URL: https://therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/complianz.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:721 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3026cea7eff6a33625644f88eef3c6418831341116ff8f04054da6c7abc138f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-type application/json Response headers date Sun, 07 Nov 2021 01:49:43 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff cf-cache-status DYNAMIC age 0 x-cache MISS, MISS x-cache-hits 0, 0 content-encoding br vary Accept-Encoding x-served-by cache-mdw17320-MDW, cache-wdc5577-WDC access-control-allow-headers Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type server cloudflare x-timer S1636249783.016294,VS0,VE112 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type application/json x-styx-req-id fa51e831-3f6c-11ec-8e4f-72b5c3456d69 access-control-expose-headers X-WP-Total, X-WP-TotalPages, Link x-robots-tag noindex cf-ray 6aa2e8176cee4e50-FRA link <https://therecord.media/wp-json/>; rel="https://api.w.org/" x-pantheon-styx-hostname styx-fe2-a-5bffbbcccc-jl55h
GET H2	200	5fcff613fdfb0dbe15ddb3c49d4f54cd secure.gravatar.com/avatar/	3 KB 3 KB	30ms 6ms	Image image/jpeg	2a04:fa87:fffe::c000:4902 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://secure.gravatar.com/avatar/5fcff613fdfb0dbe15ddb3c49d4f54cd?s=96&d=mm&r=g Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f9dbfba2249f983c34ca80b4b4bbae5e4a0931683fdce8b2d5da86d90839960c Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-nc HIT hhn 2 date Sun, 07 Nov 2021 01:49:42 GMT last-modified Fri, 05 Mar 2021 15:49:20 GMT server nginx content-type image/jpeg access-control-allow-origin * cache-control max-age=300 content-disposition inline; filename="5fcff613fdfb0dbe15ddb3c49d4f54cd.jpeg" accept-ranges bytes link <https://www.gravatar.com/avatar/5fcff613fdfb0dbe15ddb3c49d4f54cd?s=96&d=mm&r=g>; rel="canonical" content-length 3268 expires Sun, 07 Nov 2021 01:54:42 GMT
GET H/1.1	200 OK	getuidj Show response secure.adnxs.com/	11 B 689 B	22ms 6ms	XHR application/json	37.252.172.36 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/getuidj Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Sun, 07 Nov 2021 01:49:42 GMT X-Proxy-Origin 91.199.118.78; 91.199.118.78; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 154847c6-cbc6-4d76-8e39-5af399701d6c Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://therecord.media Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 11 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	/ Show response c.6sc.co/	47 B 371 B	29ms 6ms	XHR text/plain	104.92.74.202 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://c.6sc.co/ Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-92-74-202.deploy.static.akamaitechnologies.com Software / Resource Hash f8108fb8b25877a956e09b0aab61106d2a8ca5fed90e7dec2b630f2481c2d89c Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Sun, 07 Nov 2021 01:49:42 GMT Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST Content-Type text/plain Access-Control-Allow-Origin https://therecord.media Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers * Content-Length 47
GET H/1.1	200 OK	img.gif b.6sc.co/v1/beacon/	43 B 774 B	221ms 199ms	Image image/gif	104.92.74.202 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=d157ea65-b80d-47ff-8b03-bd1eee30e537&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A49%3A42%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CERT-France%3A%20Lockean%20ransomware%20group%20behind%20attacks%20on%20French%20companies%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&pageViewId=b90bd80d-e432-4857-81a0-4e7fee6492a4&an_uid=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-92-74-202.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Sun, 07 Nov 2021 01:49:43 GMT X-Content-Type-Options nosniff Connection keep-alive Content-Length 43 Pragma no-cache Last-Modified Tue, 05 Oct 2021 22:17:52 GMT Server nginx/1.14.0 (Ubuntu) ETag "615ccf10-2b" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST Content-Type image/gif Access-Control-Allow-Origin Cache-Control private, no-cache, no-cache=Set-Cookie, proxy-revalidate Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers * Expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	252628.js Show response js.hs-analytics.net/analytics/1636249500000/	63 KB 20 KB	35ms 18ms	Script text/javascript	2606:4700::6811:44b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1636249500000/252628.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/252628.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f958b4527bcb3c4da9d038386657b0a8e498e40bb6d5eede4f0a42d4b1503221 Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:43 GMT content-encoding br cf-cache-status HIT age 210 x-amz-server-side-encryption AES256 x-amz-request-id SHVZ0BM8H32K835N x-amz-id-2 D+s0pXqNS/OUEF5Ih5REaMaRDnh5gsKXGts8BCkyb0Wil573OzO9jC1dBePKfk/g1+ZtYaL4hBE= last-modified Mon, 19 Jul 2021 13:55:02 GMT server cloudflare etag W/"eb683456778d317c80ce91826fab13f7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control max-age=300, public access-control-allow-credentials false x-amz-version-id null cf-ray 6aa2e817ec2d694b-FRA expires Sun, 07 Nov 2021 01:51:13 GMT
GET H2	200	252628.js Show response js.hs-banner.com/	61 KB 16 KB	33ms 17ms	Script text/javascript	2606:4700::6812:14bf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/252628.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/252628.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e90135befb1cde3a65a625bd4b1947fe8241484d5248194fbb3ab8b3b9912706 Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:43 GMT content-encoding br cf-cache-status HIT age 271 x-amz-server-side-encryption AES256 content-type text/javascript; charset=UTF-8 access-control-max-age 604800 x-amz-request-id 88VQ1FRW34XET6YJ x-amz-id-2 eQDvpASNzdjQ2ujs1S93oZz3hk/8CQDjUBedRL648GXuW0th1NH7kR9paOCLA99Cw6STATB/nOM= timing-allow-origin * last-modified Fri, 03 Sep 2021 19:24:49 GMT server cloudflare etag W/"e0c913f4a0cc31dc55b4467584a6d8e8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD x-amz-version-id lq2tXQvbi9wr797yewJV6QQGCJrrtX2q access-control-allow-origin https://www.recordedfuture.com access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300, public access-control-allow-credentials true cf-ray 6aa2e817ef50698f-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id expires Sun, 07 Nov 2021 01:50:12 GMT
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1005 B	50ms 33ms	Image image/gif	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2427650321&v=1.1&a=252628&rcu=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&pu=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&t=CERT-France%3A+Lockean+ransomware+group+behind+attacks+on+French+companies+-+The+Record+by+Recorded+Future&cts=1636249782705&vi=655b0ab605e6bbb3368df678368935b7&nc=true&u=156209188.655b0ab605e6bbb3368df678368935b7.1636249782701.1636249782701.1636249782701.1&b=156209188.1.1636249782701&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 07 Nov 2021 01:49:43 GMT vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id 9c46c3e7-0954-466a-9b35-cdc4739e23f4 cf-ray 6aa2e8184afb5be1-FRA p3p CP="NOI CUR ADM OUR NOR STA NID" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 45 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMK%2FUtFsYdOaaVKiqDimohVb0eqz%2BUQ9CuL%2FSpulrhts6cpcZggrGnH%2FkYGpaxIYk3gqbD5O77%2Fk%2F2jKgrBFjTCk9pyI6A2K9lLOgLR4qJO6DnKgNtMfdb%2BiOrxSpvW%2FDMulHBC5U5qniFvN7AF6"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control no-cache, no-store, no-transform access-control-allow-credentials false x-robots-tag none
GET H/1.1	200 OK	img.gif b.6sc.co/v1/beacon/	43 B 774 B	199ms 199ms	Image image/gif	104.92.74.202 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=2d58655f450c0000b6308761a10300008a000100&session=d157ea65-b80d-47ff-8b03-bd1eee30e537&event=active_time_track&q=%7B%22currentTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A49%3A43%20GMT%22%2C%22lastTrackTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A49%3A42%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CERT-France%3A%20Lockean%20ransomware%20group%20behind%20attacks%20on%20French%20companies%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&pageViewId=b90bd80d-e432-4857-81a0-4e7fee6492a4&an_uid=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-92-74-202.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Sun, 07 Nov 2021 01:49:44 GMT X-Content-Type-Options nosniff Connection keep-alive Content-Length 43 Pragma no-cache Last-Modified Fri, 21 Feb 2020 18:57:20 GMT Server nginx/1.14.0 (Ubuntu) ETag "5e502810-2b" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST Content-Type image/gif Access-Control-Allow-Origin Cache-Control private, no-cache, no-cache=Set-Cookie, proxy-revalidate Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers * Expires Wed, 19 Apr 2000 11:43:00 GMT
GET H/1.1	200 OK	img.gif b.6sc.co/v1/beacon/	43 B 774 B	200ms 199ms	Image image/gif	104.92.74.202 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=2d58655f450c0000b6308761a10300008a000100&session=d157ea65-b80d-47ff-8b03-bd1eee30e537&event=active_time_track&q=%7B%22currentTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A49%3A44%20GMT%22%2C%22lastTrackTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A49%3A43%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%222006%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CERT-France%3A%20Lockean%20ransomware%20group%20behind%20attacks%20on%20French%20companies%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&pageViewId=b90bd80d-e432-4857-81a0-4e7fee6492a4&an_uid=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-92-74-202.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Sun, 07 Nov 2021 01:49:45 GMT X-Content-Type-Options nosniff Connection keep-alive Content-Length 43 Pragma no-cache Last-Modified Fri, 21 Feb 2020 18:57:20 GMT Server nginx/1.14.0 (Ubuntu) ETag "5e502810-2b" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST Content-Type image/gif Access-Control-Allow-Origin Cache-Control private, no-cache, no-cache=Set-Cookie, proxy-revalidate Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers * Expires Wed, 19 Apr 2000 11:43:00 GMT
GET H/1.1	200 OK	img.gif b.6sc.co/v1/beacon/	43 B 774 B	199ms 199ms	Image image/gif	104.92.74.202 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=2d58655f450c0000b6308761a10300008a000100&session=d157ea65-b80d-47ff-8b03-bd1eee30e537&event=active_time_track&q=%7B%22currentTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A49%3A45%20GMT%22%2C%22lastTrackTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A49%3A44%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%223008%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CERT-France%3A%20Lockean%20ransomware%20group%20behind%20attacks%20on%20French%20companies%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&pageViewId=b90bd80d-e432-4857-81a0-4e7fee6492a4&an_uid=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-92-74-202.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Sun, 07 Nov 2021 01:49:46 GMT X-Content-Type-Options nosniff Connection keep-alive Content-Length 43 Pragma no-cache Last-Modified Tue, 05 Oct 2021 22:17:52 GMT Server nginx/1.14.0 (Ubuntu) ETag "615ccf10-2b" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST Content-Type image/gif Access-Control-Allow-Origin Cache-Control private, no-cache, no-cache=Set-Cookie, proxy-revalidate Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers * Expires Wed, 19 Apr 2000 11:43:00 GMT
GET H/1.1	200 OK	img.gif b.6sc.co/v1/beacon/	43 B 774 B	199ms 199ms	Image image/gif	104.92.74.202 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=2d58655f450c0000b6308761a10300008a000100&session=d157ea65-b80d-47ff-8b03-bd1eee30e537&event=active_time_track&q=%7B%22currentTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A49%3A46%20GMT%22%2C%22lastTrackTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A49%3A45%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224009%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CERT-France%3A%20Lockean%20ransomware%20group%20behind%20attacks%20on%20French%20companies%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&pageViewId=b90bd80d-e432-4857-81a0-4e7fee6492a4&an_uid=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.92.74.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-92-74-202.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Sun, 07 Nov 2021 01:49:47 GMT X-Content-Type-Options nosniff Connection keep-alive Content-Length 43 Pragma no-cache Last-Modified Sat, 05 Jun 2021 07:56:05 GMT Server nginx/1.14.0 (Ubuntu) ETag "60bb2e15-2b" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST Content-Type image/gif Access-Control-Allow-Origin Cache-Control private, no-cache, no-cache=Set-Cookie, proxy-revalidate Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers * Expires Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

js.hs-scripts.com

URL

https://js.hs-scripts.com/252628.js