Report - stpmvt.com/3EkF3Lc

Report Overview

Submitted URL
stpmvt.com/3EkF3Lc
IP
67.199.248.12
ASN
#396982 GOOGLE-CLOUD-PLATFORM
Submitted
2022-10-05 23:47:00
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
b.6sc.co	6187	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.1 kB	4.6 kB	23.14.5.116
js.hs-banner.com	2426	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	4.3 kB	104.18.33.171
cms.recordedfuture.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	869 kB	151.101.194.216
js.hsleadflows.net	4609	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	1.1 kB	104.17.230.204
cdn.matomo.cloud	26908	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	766 B	60 kB	54.230.111.115
go.recordedfuture.com	287894	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	197 kB	199.60.103.254
stpmvt.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	772 B	1.0 kB	67.199.248.13
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.160.51.228
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	453 B	4.5 kB	104.17.25.14
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	43 kB	142.250.74.168
c.6sc.co	12150	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	321 B	23.14.5.116
js.hs-scripts.com	2571	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	633 B	104.17.212.204
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.8 kB	142.250.74.3
j.6sc.co	8237	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	342 B	10 kB	23.14.5.116
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	944 B	54.230.245.39
js.hs-analytics.net	2411	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	21 kB	104.17.67.176
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.7
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	427 B	3.9 kB	151.101.85.229
secure.adnxs.com	396	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	697 B	37.252.172.250
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.77.32
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	55 kB	34.120.237.76
recordedfuture.matomo.cloud	854077	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	638 B	18.195.235.189
secure.gravatar.com	1671	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	417 B	16 kB	192.0.73.2
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
therecord.media	268707	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	290 kB	104.18.7.33
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	1.9 kB	104.18.21.226
forms.hubspot.com	3593	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	690 B	1.4 kB	104.19.155.83

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	stpmvt.com/3EkF3Lc	Phishing
2022-10-05	medium	stpmvt.com/3EkF3Lc	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (38)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 04:19:37 Times Seen36952252 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	therecord.media/wp-content/themes/therecordmedia/assets/js/main.js?ver=2022-01-20_3	24 kB	2023-03-08	2023-03-08
Pretty URL therecord.media/wp-content/themes/therecordmedia/assets/js/main.js?ver=2022-01-20_3 IP 104.18.7.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:12 Last Seen2023-03-08 14:27:27 Times Seen1 Hash 903f1bbff6e328e740ced259fda6bb37 bfa127339076f0b2a7067cf157d0d1d322ef2c09 13a5d6deee5c86d1c86f8ab010b3dfcab1b0b500590024d8c7a44c279c96d443 Loading...

	therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/complianz.min.js?ver=5.2.5.1	40 kB	2023-03-08	2023-03-08
Pretty URL therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/complianz.min.js?ver=5.2.5.1 IP 104.18.7.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:12 Last Seen2023-03-08 14:27:27 Times Seen1 Hash 9bc07873779bb53df2dea33e01b6f8a2 a6298db761be6f12b57dd7c9527e22b4b9adec1a 326d6c39524da9a4b3d35286c798b93738a4665b29ce498d5b5df959a3a19012 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js	2.8 kB	2023-03-07	2024-04-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:38 Last Seen2024-04-18 10:42:03 Times Seen3371 Hash d5843dbdc71ff8014a5eafd346a262da 127e1d971efab9341db8079f10663dc28e8e0a2f 8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5 Loading...

	www.youtube.com/s/player/55fdc514/www-widgetapi.vflset/www-widgetapi.js	162 kB	2023-03-08	2023-03-08
Pretty URL www.youtube.com/s/player/55fdc514/www-widgetapi.vflset/www-widgetapi.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:41:42 Last Seen2023-03-08 12:35:24 Times Seen1 Hash 35430cfc9fb8f5ff3640ac3130b8f932 275337c9cadcbaf6e3a4b16f6f44ec4b72bf3008 b3c6274fe89262c873db64636d4606793d94d6cba08645e8d9a78377d9f10cf6 Loading...

	therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/	765 B	2023-03-08	2023-03-08
Pretty URL therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/ IP 104.18.7.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:12 Last Seen2023-03-08 14:27:27 Times Seen1 Hash ccf74749a679f1711afcad2427ab1855 9373ce76e3c7b135ae88af0a3f4ee5f24c49d2c5 24576e9d39f7a37528984bb1cf93e5f1eea87f094633d8ffc40ab1a1c48cc796 Loading...

	therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/	381 B	2023-03-08	2023-03-08
Pretty URL therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/ IP 104.18.7.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:12 Last Seen2023-03-08 14:27:27 Times Seen1 Hash bd844d93517d63ead247ce3adf5efe0d bde68328a206555cea9a7b79ee358279687227e6 1a9db9d99ea1992206014de1baff28871486d9e8208a13cc0149ae6e6520151c Loading...

	therecord.media/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=14.0.1.4	3.1 kB	2023-03-07	2024-04-02
Pretty URL therecord.media/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=14.0.1.4 IP 104.18.7.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:05 Last Seen2024-04-02 13:57:14 Times Seen1354 Hash eb4b89beeb46187d0fe50838c2cfdc4d 784d1bf5af84c22ef434ce64ed4c20a9ad19929b d8be3a402a3b2ad808402cea111ba3d286239d88e06c8e2969c84f46050dc88a Loading...

	www.googletagmanager.com/gtag/js?id=UA-9153858-16	109 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-9153858-16 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:12 Last Seen2023-03-08 06:43:12 Times Seen1 Hash 84b475d2dd9ee53f1854c0545c9df4da 86c643fb3c0fffe06cc1dedaed1300d685cba784 f95543937d70f3e5ebf9236c7c8f7a5778dd61c65626d642abfa903f3d1a2db7 Loading...

	cdn.matomo.cloud/recordedfuture.matomo.cloud/container_41sBJe2I.js	26 kB	2023-03-08	2023-03-08
Pretty URL cdn.matomo.cloud/recordedfuture.matomo.cloud/container_41sBJe2I.js IP 54.230.111.115 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:12 Last Seen2023-03-08 06:43:12 Times Seen1 Hash 9b1a4110a486775edfe6380976be97a1 1a5d8c89db7a9567653d3c2e7d9ae3072fbe3c65 368b1c951cdaeec5da3bcbb94ba7e9857eab072c81170c1f40b21e21e2e84f4e Loading...

	therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/	385 B	2023-03-08	2023-03-08
Pretty URL therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/ IP 104.18.7.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:12 Last Seen2023-03-08 14:27:27 Times Seen1 Hash 48e420998e261c2e94f272cb2a7bcb59 4e33856657d62e0e04ae24aa2ebd66f0791dd82f 97823c64417390b489b27a711a5059c2e528f98c11193b37e4d77c0430845e86 Loading...

	js.hs-banner.com/252628.js	62 kB	2023-03-08	2023-03-08
Pretty URL js.hs-banner.com/252628.js IP 104.18.33.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:12 Last Seen2023-03-08 06:43:12 Times Seen1 Hash 7a8725a1da272a5462950cc65b512743 c9ca3f868170025cb66f8ec5ecbc90bd357907b5 c73ec18c3d884ed73a9b2367299858c51eca926963d15796d93139e6b7ac8e5b Loading...

	therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-04-19
Pretty URL therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.18.7.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-19 01:39:50 Times Seen42895 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/	389 B	2023-03-08	2023-03-08
Pretty URL therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/ IP 104.18.7.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:12 Last Seen2023-03-08 14:27:27 Times Seen1 Hash 9caa422f6fca207649419ceb724722e3 be67198f28efd50696f266282a95fe82c581a2c9 82e61f78960442dffcca093e2680b70fd3e4e8f4a296be6b92a4e2d8e2af9931 Loading...

	therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/	622 B	2023-03-08	2023-03-08
Pretty URL therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/ IP 104.18.7.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:12 Last Seen2023-03-08 14:27:27 Times Seen1 Hash 95bed4c22ebda2f7f15ecba86828515b ae903cbfecb3efc9431fbf42c7fb1d87587c8f37 46b7747e60518f4cdd9a16ed59aa496cb8ed6cc0d6007827b5267fdf3c3b9231 Loading...

	therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/postscribe.min.js?ver=5.2.5.1	18 kB	2023-03-07	2024-04-19
Pretty URL therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/postscribe.min.js?ver=5.2.5.1 IP 104.18.7.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-19 01:42:13 Times Seen2754 Hash 12dd498bf90c536803c2aad708b66c2b 5f9363d39a405d1c94328cf2303ff4a05c0ad163 c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a Loading...

	therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/	9 B	2023-03-07	2024-04-19
Pretty URL therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/ IP 104.18.7.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-19 00:06:39 Times Seen16028 Hash 5e543256c480ac577d30f76f9120eb74 d5d4cd07616a542891b7ec2d0257b3a24b69856e eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-18
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-18 21:02:43 Times Seen1513 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	js.hs-scripts.com/252628.js	1.5 kB	2023-03-08	2023-03-08
Pretty URL js.hs-scripts.com/252628.js IP 104.17.212.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:12 Last Seen2023-03-08 06:43:12 Times Seen1 Hash 712d41669250866f7961ca092fef49fd 84503dfb9c0077072a47997337b1a622a5821413 361c2cbc9cb769c162ec878b2676efdcf4834c9b68cb3dfade1fd5d1093a0dd2 Loading...

	cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js	202 kB	2023-03-08	2023-03-08
Pretty URL cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js IP 54.230.111.115 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:12 Last Seen2023-03-08 06:43:12 Times Seen1 Hash eff8d41f927f73f17342e2287b0f57d4 83e20dd939fae1cdffe32135c6e026fe47747269 875ae97ce6038b59676099edd8556ee2d7252e4460afe94b882fb3b0c55a9a01 Loading...

	js.hs-analytics.net/analytics/1665013500000/252628.js	66 kB	2023-03-08	2023-03-08
Pretty URL js.hs-analytics.net/analytics/1665013500000/252628.js IP 104.17.67.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:12 Last Seen2023-03-08 06:43:12 Times Seen1 Hash 312751fa9daef88ee03355b3fce62d85 d3a13374d335296d45825382e32daa3e106852a2 a681180a0cebc31342af21dcf88617de91dae5b9105fce89b4f07dc34f4a058d Loading...

	therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/	181 B	2023-03-08	2023-03-08
Pretty URL therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/ IP 104.18.7.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:12 Last Seen2023-03-08 06:43:12 Times Seen1 Hash be72b4dad56bb618aec09da2f34b9473 680f7352e9ecddabdce7e2e8e0ba5112d764114c caca781d3e7ce10df7e0b91ad3476d09dc4d0bb7dd7bfeb913ce544b747aba33 Loading...

	cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/jquery.mCustomScrollbar.min.js?ver=2022-01-20_3	40 kB	2023-03-08	2024-02-14
Pretty URL cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/jquery.mCustomScrollbar.min.js?ver=2022-01-20_3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:12 Last Seen2024-02-14 22:51:47 Times Seen77 Hash e3c66e39b9dc1c0d391d05a3e6dc53cf d85b574966d709ad59a8b65a0e02e8e8c920e47a 00a1230e22b6af3f9df1348f2cd54dc9dbe026f3a41b9bde3009dcefd1648ae1 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86	106 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:12 Last Seen2023-03-08 06:43:12 Times Seen1 Hash d629255d5689d48c8214af53aa2eb59c a979a891479b450d6fbee5ee1a2943aed4b2b07f 5ecafb220f82a3fc3f2907188600f88854298c1206126401b161544389e34977 Loading...

	j.6sc.co/6si.min.js	32 kB	2023-03-07	2023-11-14
Pretty URL j.6sc.co/6si.min.js IP 23.14.5.116 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:53 Last Seen2023-11-14 18:10:59 Times Seen64 Hash f86d13bc1925b27ab2e56874aca7dd2d cb5b8482fd774c59c7cfd7affef77a8aa3ab5f45 eba72b1c1e3e44d5dabff914f59eb15876ae97cef296ddee4afe4821a54f2633 Loading...

	therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/	141 B	2023-03-08	2023-03-08
Pretty URL therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/ IP 104.18.7.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:12 Last Seen2023-03-08 14:27:27 Times Seen1 Hash 50cc9b1b480ef64fda852d3a11967182 ab1990799177173cf9c97f896a0ba115855d1693 45688122ae84ba618092cc42178e4b6a8d943d3d465629a80f394d2d1556fc35 Loading...

	therecord.media/wp-content/themes/therecordmedia/assets/js/bundle.js?ver=2022-01-20_3	283 kB	2023-03-08	2023-03-08
Pretty URL therecord.media/wp-content/themes/therecordmedia/assets/js/bundle.js?ver=2022-01-20_3 IP 104.18.7.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:13 Last Seen2023-03-08 14:27:27 Times Seen1 Hash edfbbbbd3e48f893261dfd2de3e7e2c3 35333f1f15a4e4bc68241845c23ff71436912c41 8df981a2e0d74a44530cfe140f2ce72ad4cb7be724706b7a3cfcb160bd06590f Loading...

	therecord.media/wp-content/themes/therecordmedia/assets/js/custom-v5.js?ver=2022-01-20_3	2.8 kB	2023-03-08	2023-03-08
Pretty URL therecord.media/wp-content/themes/therecordmedia/assets/js/custom-v5.js?ver=2022-01-20_3 IP 104.18.7.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:13 Last Seen2023-03-08 14:27:27 Times Seen1 Hash 47766768f5f5d1d4f3bc6e8f0580e2ee aefa59984238bdc7d8267256ffaf02fcca68d71a 66ddc36b286dc2588bac8e45fdbfa6134f21938d71ade0497276c263fee05372 Loading...

	www.youtube.com/iframe_api	992 B	2023-03-08	2023-03-08
Pretty URL www.youtube.com/iframe_api IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:41:42 Last Seen2023-03-08 07:54:20 Times Seen1 Hash f5e933f63b468743c38b5342a1d8d80a da4c4e9a573d00e353f77bf70e0d2712e81e023f 30f9f4e300b9d4035f06a39f498e6331d077b476e20ba22a57be18a358f6b6e1 Loading...

	js.hsleadflows.net/leadflows.js	561 kB	2023-03-07	2023-03-17
Pretty URL js.hsleadflows.net/leadflows.js IP 104.17.230.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:40 Last Seen2023-03-17 12:46:18 Times Seen1 Hash 6ec4f161716a8da5c8c95cda1e89dc05 f5fd4a55185729ee5007942d0c53aef636955d83 bf3a88c35bdc16d97403947a9f9188faf13af9a6776529a422286716605d5fee Loading...

	therecord.media/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-19
Pretty URL therecord.media/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 01:16:23 Times Seen68487 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	therecord.media/wp-content/themes/therecordmedia/assets/js/modernizr_2.8.3.js?ver=2022-01-20_3	15 kB	2023-03-08	2023-10-16
Pretty URL therecord.media/wp-content/themes/therecordmedia/assets/js/modernizr_2.8.3.js?ver=2022-01-20_3 IP 104.18.7.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:13 Last Seen2023-10-16 02:17:17 Times Seen20 Hash 39cac92328454584243b99c4c484722e 67c7634a2ab4fb8296975f8120c2f605c107b181 82bfc506040c981ec142b63ec85a43e603310d9b5fac6598c5664a144f3c4e3e Loading...

	therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/	675 B	2023-03-08	2023-03-08
Pretty URL therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/ IP 104.18.7.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:13 Last Seen2023-03-08 06:43:13 Times Seen1 Hash d7916ad4c20699020b4f03e5a0f33e7a c2299327891919f100d3f8e75e5e04a1cdc0578a 1e5fb5451a627650217eceb75474502a3ef5c01ada776961b04ab7a9c8a258b1 Loading...

	cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js?ver=2022-01-20_3	68 kB	2023-03-07	2024-04-18
Pretty URL cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js?ver=2022-01-20_3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-18 16:44:53 Times Seen7092 Hash 49a6b4d019a934bcf83f0c397eba82d8 6181412e73966696d08e1e5b1243a572d0f22ba6 cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf Loading...

	therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/cookieconsent.min.js?ver=5.2.5.1	26 kB	2023-03-08	2024-04-10
Pretty URL therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/cookieconsent.min.js?ver=5.2.5.1 IP 104.18.7.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:13 Last Seen2024-04-10 10:23:03 Times Seen5 Hash ee6ba89a1ae91c2e6cf34ff898e5c9f8 0e3bbf65b396efcf663f3880a24e97791800e606 81dbdd695385ce9e3065e0cf1d8f058169de79244b1d1be4059b527e31d23c77 Loading...

	therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/	4.9 kB	2023-03-08	2023-03-08
Pretty URL therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/ IP 104.18.7.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:13 Last Seen2023-03-08 06:43:13 Times Seen1 Hash 6f7544b591a95bc15616e91bc510abb5 6f51a73c4cfd8f20f08f8edf0f7ef5fa84058dfe 8a8b6187c10f4061191f44dc8987c739aba0304422d2e6510f47fb16034454b2 Loading...

	therecord.media/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=14.0.1.4	12 kB	2023-03-07	2024-03-13
Pretty URL therecord.media/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=14.0.1.4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:34 Last Seen2024-03-13 18:35:43 Times Seen54 Hash f192678db02477326544aecc8554e1d6 6b7d7a2a73c54912bacec429b92c0038b7a7cfb8 eeed30be41165ff65cb948a306a545dfafc224b8ae24558cc4d145c8bd5ce65b Loading...

	recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=vSkiVp&url=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F	116 B	2023-03-08	2023-03-08
Pretty URL recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=vSkiVp&url=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F IP 18.195.235.189 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:13 Last Seen2023-03-08 06:43:13 Times Seen1 Hash 0ff90830a8f4022d08edbee6b29d065f 12a5efab0ece16eee90e8f026358bac62656fe46 784bcaf603478fbfc5ddca4ab2623606f219ec4de9e5e6f54a76a7d2054a39da Loading...

HTTP Transactions (78)

URL IP Response Size

stpmvt.com/3EkF3Lc

67.199.248.13

302 Found

113 B

URL HTTP/1.1
stpmvt.com/3EkF3Lc
IP
67.199.248.13:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
113 B (113 bytes)
Hash
ab946f0fcbba59ab8773c00ba7f0d508
c4694b7b23d56a784820fbeaa1a421306e574b8d
ee6b97f7a9b3f5d40543e90f3b6b738bf9a4ea9bfc5002810697336d1ea0446d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /3EkF3Lc HTTP/1.1
Host: stpmvt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 05 Oct 2022 23:46:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 113
Location: https://stpmvt.com/3EkF3Lc
Strict-Transport-Security: max-age=1209600
Via: 1.1 google

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8918
Expires: Thu, 06 Oct 2022 02:15:27 GMT
Date: Wed, 05 Oct 2022 23:46:49 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

54.230.111.7

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FfFwB7EldWbS9BZ1nzuBEq49lDJi6E2NuQfQnmddojH-c_meBBiAfw==
Age: 28771

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a1073a68ed38c8e3575e889224db944c
ee2a7a3e2da77a8540131f9ffaa0a20d4dd486bd
a9fb1f7ade7c8a79d2ee83e9b7215e66dc89ac733b11079297a8f4b9aceae1f5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9FB1F7ADE7C8A79D2EE83E9B7215E66DC89AC733B11079297A8F4B9ACEAE1F5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9756
Expires: Thu, 06 Oct 2022 02:29:25 GMT
Date: Wed, 05 Oct 2022 23:46:49 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: x3PB1XTkEepIcaLjoyuYU7Y/h6SJ50ADT5kyleKK+Xljt+SDDJur4f5XmHCJIYtD+McAODadFic=
x-amz-request-id: J3TQYZCF6Y27ZHYH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 05 Oct 2022 22:58:29 GMT
age: 2900
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 23:46:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1adf4b0e0f576e60f8160849be7eec72
c17438ba653b0fc793e353121880230772c8949d
e03a279138c6e472a29cfbd428b53606154012059f003920b6914f3edb02518c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E03A279138C6E472A29CFBD428B53606154012059F003920B6914F3EDB02518C"
Last-Modified: Mon, 03 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11114
Expires: Thu, 06 Oct 2022 02:52:04 GMT
Date: Wed, 05 Oct 2022 23:46:50 GMT
Connection: keep-alive

stpmvt.com/3EkF3Lc

67.199.248.13

301 Moved Permanently

173 B

URL HTTP/2
stpmvt.com/3EkF3Lc
IP
67.199.248.13:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
173 B (173 bytes)
Hash
4d8720aade5de2f623bfc57ec947535e
8cadcc1d486ce379b6abf7206cec8c8a7e0ae397
a49e92c846dbba592d6f24f7e468292049949d1040bc9fc897f11698277fe72b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /3EkF3Lc HTTP/1.1
Host: stpmvt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
cache-control: private, max-age=90
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Wed, 05 Oct 2022 23:46:50 GMT
location: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
referrer-policy: unsafe-url
server: nginx
set-cookie: _bit=m95nKO-921a37d8faf13daf49-00y; Domain=stpmvt.com; Expires=Mon, 03 Apr 2023 23:46:50 GMT
strict-transport-security: max-age=1209600
content-length: 173
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.7

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 05 Oct 2022 23:29:33 GMT
Expires: Wed, 05 Oct 2022 23:55:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZqJrkzH-GlveFdcZNnGYRCQ6JG3MY-QJSXRlead49668ClExxjQJdw==
Age: 1037

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5660
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 23:46:50 GMT
Last-Modified: Wed, 05 Oct 2022 22:12:33 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.160.51.228

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.160.51.228:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: icL2AgEdEVP1/CeP5qrsvg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tQ8SqG2Vdnfz+QlIaAyBOBRnebo=

therecord.media/wp-content/uploads/2022/10/darin-la-hood-1-1.jpg

104.18.7.33

200 OK

120 kB

URL HTTP/2
therecord.media/wp-content/uploads/2022/10/darin-la-hood-1-1.jpg
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 1085x600, components 3\012- data
Size
120 kB (119875 bytes)
Hash
6ef46c1e9a0e672ad4c0372c3ca03a5c
2013bc24a67287b24220cfa893d82731c24e120e
14c58fc58234c73d5c1a49c3ea0f8e616773bce0ce7b792aa1c3fba72e02f963

HTTP Headers

GET /wp-content/uploads/2022/10/darin-la-hood-1-1.jpg HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:50 GMT
content-type: image/jpeg
content-length: 119875
cf-bgj: imgq:100,h2pri
cf-polished: origSize=128553, status=webp_bigger
cache-control: public, max-age=31622400
etag: "633da528-1f629"
expires: Fri, 06 Oct 2023 23:46:50 GMT
last-modified: Wed, 05 Oct 2022 15:39:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-pantheon-styx-hostname: styx-fe2-b-5977b7d6dc-chl6r
x-served-by: cache-chi-klot8100104-CHI, cache-iad-kiad7000027-IAD
x-styx-req-id: 01924e00-44c6-11ed-a562-5667580f8559
x-timer: S1664985455.317276,VS0,VE1
cf-cache-status: HIT
age: 28155
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 755a09fbff081c12-OSL
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/jquery.mCustomScrollbar.min.css?ver=2022-01-20_3

104.17.25.14

200 OK

3.4 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/jquery.mCustomScrollbar.min.css?ver=2022-01-20_3
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (42839), with no line terminators
Size
3.4 kB (3359 bytes)
Hash
9ec6e2f20a1df8bdbf265043fbe7ae21
088c7badef2a7317f9ef15e6d62fe8276fb9a2ca
8acc355b50b3e6981fad24841e79fc3a26cc242a8115f679e957aa542b4f8f3c

HTTP Headers

GET /ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/jquery.mCustomScrollbar.min.css?ver=2022-01-20_3 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:50 GMT
content-type: text/css; charset=utf-8
content-length: 3359
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed4-a757"
last-modified: Mon, 04 May 2020 16:12:04 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15125230
expires: Mon, 25 Sep 2023 23:46:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60l%2FA42nbvkfNMVs%2BBDh%2F%2FUD9b%2F%2F5RkCiR3a9CBCOJoZT9EfwA%2FuESaYSyd4JUdb234fB7zJcC%2BbYbVHYJavE22P2Btfm%2BwGTUqaQgOHzrCSRZFFdHtHwgPlv7WVF4FhC8XDAc6P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 755a09fbf9c1b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css?ver=2022-01-20_3

151.101.85.229

200 OK

3.1 kB

URL HTTP/2
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css?ver=2022-01-20_3
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (12795), with no line terminators
Size
3.1 kB (3096 bytes)
Hash
18b46dae08e98971b16123ea48913d23
e0a1aa82445a38538413b488924613c44861c59d
62c06f2ea24cfdf0003164fca05560cc8b5333f6ef312016458e05ecbb7c8f62

HTTP Headers

GET /gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css?ver=2022-01-20_3 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 3.5.7
x-jsd-version-type: version
etag: W/"31fb-G+m3m+AqHPxdlsSl4P649HK6vZU"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 05 Oct 2022 23:46:50 GMT
age: 13999117
x-served-by: cache-fra19160-FRA, cache-bma1651-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3096
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
8957edfadb97a55751d0a2fd8316e3bf
9f5ad12553f9144860cfb66d44819cd018c6efbf
31398f5073fa048c65a3393d8da9ee8008feef7fba5cd119f3df199c109ad460

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 23:46:50 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "0B064902F072FE164090A4951ACECC0B9ABAAB9A"
Expires: Thu, 06 Oct 2022 10:00:00 GMT
Last-Modified: Wed, 05 Oct 2022 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2827
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755a09fc8ad9b4ff-OSL

therecord.media/wp-content/themes/therecordmedia/assets/fonts/oswald/oswald-400-latin.woff2

104.18.7.33

200 OK

24 kB

URL HTTP/2
therecord.media/wp-content/themes/therecordmedia/assets/fonts/oswald/oswald-400-latin.woff2
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 24064, version 1.0\012- data
Size
24 kB (24064 bytes)
Hash
2c511567c7f7d594b5990ccb8c1336e6
c8099423e244cfade196c255b5579e3e279c6370
f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14

HTTP Headers

GET /wp-content/themes/therecordmedia/assets/fonts/oswald/oswald-400-latin.woff2 HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v5.css?ver=2022-01-20_3
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:51 GMT
content-type: font/woff2
content-length: 24064
access-control-allow-origin: *
cache-control: public, max-age=31622400
etag: "628bc67b-5e00"
expires: Fri, 06 Oct 2023 23:46:51 GMT
last-modified: Mon, 23 May 2022 17:38:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-997ab1929ad74b408ec6d2bb41db26f8-9ab4cdbe593b0a30-00
x-cloud-trace-context: 997ab1929ad74b408ec6d2bb41db26f8/11147761195073342000;o=0
x-pantheon-styx-hostname: styx-fe2-b-d84bbb664-c5vvj
x-styx-req-id: a7ddecda-db4f-11ec-b11c-126e0dd15a40
x-served-by: cache-mdw17336-MDW, cache-iad-kcgs7200113-IAD
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1653894840.243736,VS0,VE2
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 10667238
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 755a09fcdf7c1c12-OSL
X-Firefox-Spdy: h2

therecord.media/wp-content/themes/therecordmedia/assets/js/main.js?ver=2022-01-20_3

104.18.7.33

200 OK

15 kB

URL HTTP/2
therecord.media/wp-content/themes/therecordmedia/assets/js/main.js?ver=2022-01-20_3
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (5613)
Size
15 kB (14951 bytes)
Hash
b85bda9e867a93fe6a3906ccf207140f
e3099ba387bc81687d2fcf18833b4ab4dd2aa997
ee7e31b5ba68982fa870233234636e26aea4c7ce4fc92c1dbaa126836520a5e4

HTTP Headers

GET /wp-content/themes/therecordmedia/assets/js/main.js?ver=2022-01-20_3 HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:51 GMT
content-type: application/x-javascript
cf-bgj: minify
cf-polished: origSize=45161
cache-control: public, max-age=31622400
etag: W/"620526db-b069"
expires: Fri, 06 Oct 2023 23:46:51 GMT
last-modified: Thu, 10 Feb 2022 14:53:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-733addae334d4afabec08a3a74d60d2d-688cdcf387a2e88f-00
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-cloud-trace-context: 733addae334d4afabec08a3a74d60d2d/7533639215194761359;o=0
x-pantheon-styx-hostname: styx-fe2-b-d8dd6bb59-mdcdv
x-served-by: cache-mdw17344-MDW, cache-iad-kcgs7200033-IAD
x-styx-req-id: 9acd1c5f-8ab3-11ec-88f4-3e635db8b1af
x-timer: S1644550844.438400,VS0,VE1
cf-cache-status: HIT
age: 8099920
server: cloudflare
cf-ray: 755a09fcaf5f1c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

therecord.media/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=14.0.1.4

104.18.7.33

200 OK

25 kB

URL HTTP/2
therecord.media/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=14.0.1.4
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (3102)
Size
25 kB (25047 bytes)
Hash
575895292418591bc7f44c914057e726
6a88c1b694c97cb2e69632de1c327dd326958506
26b49770f7636df04de8d05d3e4998a49c89949cfcd2ec273def184bb3d3fca9

HTTP Headers

GET /wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=14.0.1.4 HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:50 GMT
content-type: application/x-javascript
cache-control: public, max-age=31622400
etag: W/"627079a5-c1f"
expires: Fri, 06 Oct 2023 23:46:50 GMT
last-modified: Tue, 03 May 2022 00:39:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-127ab74ace624e9bbf0fe10680296586-c34a59812e18e0d6-00
x-cloud-trace-context: 127ab74ace624e9bbf0fe10680296586/14072158397031571670;o=0
x-pantheon-styx-hostname: styx-fe2-b-8f57d8f9b-jjd4r
x-styx-req-id: 5c4dd69f-cb83-11ec-92c7-cab78af247e0
x-served-by: cache-mdw17372-MDW, cache-iad-kiad7000092-IAD
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1653890893.617868,VS0,VE2
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 6649143
server: cloudflare
cf-ray: 755a09fcaf5d1c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/cookieconsent.min.js?ver=5.2.5.1

104.18.7.33

200 OK

16 kB

URL HTTP/2
therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/cookieconsent.min.js?ver=5.2.5.1
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (25665), with no line terminators
Size
16 kB (15860 bytes)
Hash
a6385de07c185fdae8547ed9b2178a9d
a2fc9fc49f13a3dd8e14f0fe3fb397786a6e4918
81794560792d1a423b1a4836343f9e1649c60a1ff6e980a0498c910a319f5e04

HTTP Headers

GET /wp-content/plugins/complianz-gdpr-premium/assets/js/cookieconsent.min.js?ver=5.2.5.1 HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:50 GMT
content-type: application/x-javascript
cache-control: public, max-age=31622400
etag: W/"629489b0-6441"
expires: Fri, 06 Oct 2023 23:46:50 GMT
last-modified: Mon, 30 May 2022 09:09:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-f1e48beb19b04cb4b25bb68d8bde3546-09a0d23d06f7dc26-00
x-cloud-trace-context: f1e48beb19b04cb4b25bb68d8bde3546/693785502166801446;o=0
x-pantheon-styx-hostname: styx-fe2-a-69877596b-qnq9f
x-styx-req-id: 19385dbf-e177-11ec-b200-8a4955314b05
x-served-by: cache-mdw17368-MDW, cache-iad-kjyo7100142-IAD
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1655442339.453768,VS0,VE2
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 8083597
server: cloudflare
cf-ray: 755a09fcaf5c1c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 23:46:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

therecord.media/wp-content/uploads/2021/12/2021_1209-Victim-Data-Released-on-Ransomware-Extortion-Sites-1-1024x607.jpg

104.18.7.33

200 OK

46 kB

URL HTTP/2
therecord.media/wp-content/uploads/2021/12/2021_1209-Victim-Data-Released-on-Ransomware-Extortion-Sites-1-1024x607.jpg
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x607, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
46 kB (45912 bytes)
Hash
62a9a1836d5b7cacbdab221ebc5ad8ab
cfb368d0a21277828306a84ecd81984b2bfa7575
d9697e2769a5484e3d9086c6f3c97746dff2d88d5c0bd7c5367a020dd5d097ce

HTTP Headers

GET /wp-content/uploads/2021/12/2021_1209-Victim-Data-Released-on-Ransomware-Extortion-Sites-1-1024x607.jpg HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:51 GMT
content-type: image/webp
content-length: 45912
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=56591
content-disposition: inline; filename="2021_1209-Victim-Data-Released-on-Ransomware-Extortion-Sites-1-1024x607.webp"
vary: Accept
cache-control: public, max-age=31622400
etag: "61b3d37d-dd0f"
expires: Fri, 06 Oct 2023 23:46:51 GMT
last-modified: Fri, 10 Dec 2021 22:23:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-2ca6591e66cc4589b8a4aee17da553a1-9cf284d18078e742-00
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-cloud-trace-context: 2ca6591e66cc4589b8a4aee17da553a1/11309247649619175234;o=0
x-pantheon-styx-hostname: styx-fe2-b-5cd77cc4d9-zd2xb
x-served-by: cache-chi-kigq8000035-CHI, cache-iad-kiad7000113-IAD
x-styx-req-id: 5b25b912-32c8-11ed-bdbf-5a83f4138f0e
x-timer: S1663615062.833125,VS0,VE2
cf-cache-status: HIT
age: 630821
accept-ranges: bytes
server: cloudflare
cf-ray: 755a09fd3fa11c12-OSL
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-9153858-16

142.250.74.168

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-9153858-16
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2039)
Size
42 kB (42393 bytes)
Hash
faf77c83a263b4b5cb0bdf02c30ea554
35a479ab3dfa9519a9e416f6fab4eaa4314f1027
5abcd52a12b4ca99fca60863cec683398b4e55f61087b2652134bbc9747b8591

HTTP Headers

GET /gtag/js?id=UA-9153858-16 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 05 Oct 2022 23:46:51 GMT
expires: Wed, 05 Oct 2022 23:46:51 GMT
cache-control: private, max-age=900
last-modified: Wed, 05 Oct 2022 22:35:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42393
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 23:46:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cms.recordedfuture.com/uploads/business_fraud_bank_fraud_d279ba323f.jpg

151.101.194.216

200 OK

109 kB

URL HTTP/2
cms.recordedfuture.com/uploads/business_fraud_bank_fraud_d279ba323f.jpg
IP
151.101.194.216:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 1920x440, components 3\012- data
Size
109 kB (109327 bytes)
Hash
49624d0d1ab9e1932a5ebda258a555bd
22b9afc4f89b13d0a28f1fd1c451b3974245f168
44a9331e991ab7a492e95f1d5f8295a63676a35ce1bf998400a3042e2a75c521

HTTP Headers

GET /uploads/business_fraud_bank_fraud_d279ba323f.jpg HTTP/1.1
Host: cms.recordedfuture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=300
content-type: image/jpeg
etag: "LqcWVpdexlWQ8n8AF2H8rr3qItp5kiUjqwv4hZHzcog"
expires: Tue, 04 Oct 2022 13:45:45 GMT
fastly-io-info: ifsz=109327 idim=1920x440 ifmt=jpeg ofsz=109327 odim=1920x440 ofmt=jpeg
fastly-io-warning: Failed to shrink image
fastly-stats: io=1
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-server: i-bac7380798664d7697b0cf11d33520e7, i-bac7380798664d7697b0cf11d33520e7
x-request-id: 00-171ae16723b8afd03160b5e4ca31e14b-d21a545272b31d75-00
accept-ranges: bytes
date: Wed, 05 Oct 2022 23:46:51 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1649-BMA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 109327
X-Firefox-Spdy: h2

cms.recordedfuture.com/uploads/Russian_Information_Operations_Main_Feature_1_87464aebaa.jpg?w=3840

151.101.194.216

200 OK

160 kB

URL HTTP/2
cms.recordedfuture.com/uploads/Russian_Information_Operations_Main_Feature_1_87464aebaa.jpg?w=3840
IP
151.101.194.216:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 1600x600, components 3\012- data
Size
160 kB (160245 bytes)
Hash
de40cc1ee4cc0f53411dc8f3262c2fba
0e5cc84fb0071302b8898a6dbea150a94f5b3214
cfc407576d3767758d2c8766e4ad6a45c8406f5e78dfd0935b82cdea4b5a7191

HTTP Headers

GET /uploads/Russian_Information_Operations_Main_Feature_1_87464aebaa.jpg?w=3840 HTTP/1.1
Host: cms.recordedfuture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=300
content-type: image/jpeg
etag: "m3OTvQhZ4/xIrAyfBMaTD6IlJpU+PKeFzH3nbw0cU5s"
expires: Wed, 05 Oct 2022 17:39:54 GMT
fastly-io-info: ifsz=160245 idim=1600x600 ifmt=jpeg ofsz=160245 odim=1600x600 ofmt=jpeg
fastly-io-warning: Failed to shrink image
fastly-stats: io=1
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
x-request-id: 00-171b3cc2aa80e795664c19957a481254-50a0384c83983012-00
accept-ranges: bytes
date: Wed, 05 Oct 2022 23:46:51 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1649-BMA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 160245
X-Firefox-Spdy: h2

cms.recordedfuture.com/uploads/vulnerability_spotlight_dirty_pipe_86e5122687.jpg

151.101.194.216

200 OK

107 kB

URL HTTP/2
cms.recordedfuture.com/uploads/vulnerability_spotlight_dirty_pipe_86e5122687.jpg
IP
151.101.194.216:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 1920x440, components 3\012- data
Size
107 kB (107095 bytes)
Hash
8cd0e47fc7f33306c1f38f9969a90c72
72bde5361d4cb526b9e4f0e64549056f31a704f5
bec29820bbf127195176a43bcc12f19d5b9f2707a4b65c15799debcf5606858a

HTTP Headers

GET /uploads/vulnerability_spotlight_dirty_pipe_86e5122687.jpg HTTP/1.1
Host: cms.recordedfuture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=300
content-type: image/jpeg
etag: "/MEWANzqNi5Tww2svNVeCvhXbMplo0veLvB5IoOGCi4"
expires: Wed, 05 Oct 2022 01:21:16 GMT
fastly-io-info: ifsz=107095 idim=1920x440 ifmt=jpeg ofsz=107095 odim=1920x440 ofmt=jpeg
fastly-io-warning: Failed to shrink image
fastly-stats: io=1
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-server: i-bac7380798664d7697b0cf11d33520e7, i-bac7380798664d7697b0cf11d33520e7
x-request-id: 00-171b075b5e520a99106e4dd5cbc62f3a-c70e0bca3f9c285d-00
accept-ranges: bytes
date: Wed, 05 Oct 2022 23:46:51 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1649-BMA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 107095
X-Firefox-Spdy: h2

cms.recordedfuture.com/uploads/h1_2022_malware_vulnerability_trends_963d831bc6.jpg?w=3840

151.101.194.216

200 OK

143 kB

URL HTTP/2
cms.recordedfuture.com/uploads/h1_2022_malware_vulnerability_trends_963d831bc6.jpg?w=3840
IP
151.101.194.216:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 1600x600, components 3\012- data
Size
143 kB (143166 bytes)
Hash
70bddea7dc6089e3d3e4df374c81432f
d559406820ce3af0048f7115c6f4f5717d8dac02
44092be9f7702397a98527746b1a421416024bf7ff1492e65a34b778813ddd35

HTTP Headers

GET /uploads/h1_2022_malware_vulnerability_trends_963d831bc6.jpg?w=3840 HTTP/1.1
Host: cms.recordedfuture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=300
content-type: image/jpeg
etag: "KQDsGtcG3waAo84UaCEa5GOiNkBKCpxat+JIVA0MHr8"
expires: Wed, 05 Oct 2022 23:51:51 GMT
fastly-io-info: ifsz=143166 idim=1600x600 ifmt=jpeg ofsz=143166 odim=1600x600 ofmt=jpeg
fastly-io-warning: Failed to shrink image
fastly-stats: io=1
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-server: i-be21b5795622437d8136c8a0cedbd8d0, i-be21b5795622437d8136c8a0cedbd8d0
x-request-id: 00-171b510ed2924765222601703815ecad-3180fd37fb20525a-00
accept-ranges: bytes
date: Wed, 05 Oct 2022 23:46:51 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1649-BMA
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 143166
X-Firefox-Spdy: h2

cms.recordedfuture.com/uploads/webinar_header_analysis_mitigations_wiper_malware_variants_used_against_ukraine_c6144dd081.jpg

151.101.194.216

200 OK

345 kB

URL HTTP/2
cms.recordedfuture.com/uploads/webinar_header_analysis_mitigations_wiper_malware_variants_used_against_ukraine_c6144dd081.jpg
IP
151.101.194.216:0
ASN
#54113 FASTLY

File type
JPEG image data, baseline, precision 8, 2189x768, components 3\012- data
Size
345 kB (345132 bytes)
Hash
a9ac61aec02eec48bff12b79edc5f740
332ce1c9fa361ff1d372505d5881eba278686afa
aa131d8e527f225fd8fb8e4d1844562d128263f09c0e649363987bba2857a7d5

HTTP Headers

GET /uploads/webinar_header_analysis_mitigations_wiper_malware_variants_used_against_ukraine_c6144dd081.jpg HTTP/1.1
Host: cms.recordedfuture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=300
content-type: image/jpeg
etag: "KsQxYOrTJMqmnAxSsc99ZZjEGFNS44Wj6lto0Cy61Ns"
expires: Wed, 05 Oct 2022 23:51:51 GMT
fastly-io-info: ifsz=345132 idim=2189x768 ifmt=jpeg ofsz=345132 odim=2189x768 ofmt=jpeg
fastly-io-warning: Failed to shrink image
fastly-stats: io=1
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-server: i-bac7380798664d7697b0cf11d33520e7, i-bac7380798664d7697b0cf11d33520e7
x-request-id: 00-171b510ed2b71e4927ba01d20d6dd018-a8a52477f3d44db5-00
accept-ranges: bytes
date: Wed, 05 Oct 2022 23:46:51 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1649-BMA
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 345132
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14849
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Wed, 05 Oct 2022 23:46:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14849
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Wed, 05 Oct 2022 23:46:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14849
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Wed, 05 Oct 2022 23:46:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14849
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Wed, 05 Oct 2022 23:46:51 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d3175ca-da8b-4a6f-a315-9f1d92299891.jpeg

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d3175ca-da8b-4a6f-a315-9f1d92299891.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6693 bytes)
Hash
57f90a95d91632baf3b89d7b3b46361f
0f37ee870c8855919900c99204ffffe736548a3f
a3449e46854b90fdcda4a0ba83b4b0892a7888b17211d814c0db930116bb9a32

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d3175ca-da8b-4a6f-a315-9f1d92299891.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6693
x-amzn-requestid: 1531f482-cdf5-4506-ba1c-18a66173457b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQNxF45oAMFxJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa57-28e8e572281d5f110c26dcf1;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:42:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: RIa9NLHuV7fSlBeUyYv0LF3sapZQiWMRqKgY9Oa3cdLywQznXbTDOQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 a4479a6315f90864adc6175b280f8f44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:56:19 GMT
age: 3032
etag: "0f37ee870c8855919900c99204ffffe736548a3f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F585959dc-efc9-453b-bdef-59b834c43800.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6363 bytes)
Hash
fa6c2f48dc4f2d67c8918e35396e901f
4897d9af4414d827043507c90b992d5c8d8344f1
0b287a86cf539a00b0b0c839c07f0453796ed71b571664bb2ea64363198bd633

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F585959dc-efc9-453b-bdef-59b834c43800.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6363
x-amzn-requestid: d0de2bff-da5b-487b-9058-6f33b35b594d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO8FHWAIAMFbUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84d-736ce6cb2fc072a22e65a803;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Rlg9tzQaVbL_qon437VaTKEpDWQdmrMPkXXSUu8xZRMeRBmnmx9n6w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:47:36 GMT
etag: "4897d9af4414d827043507c90b992d5c8d8344f1"
content-type: image/jpeg
age: 7155
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10158 bytes)
Hash
4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: szhtD9f4RuQaDKXe7LElSR0yOKo9cYa1i2YMeG3eSpBXP8ePcdzQig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 07:29:32 GMT
age: 58639
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4aaf2d0a-832d-4fe3-85f6-f6f55993a48e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8192 bytes)
Hash
83c37f49b9fb5eeb70a244a759a4ce0d
f2f4664206335b080db6a5608b463945e89de346
cbb8e24144c2118f3e2f2f9db09f2b4d582bca01da68fc2fb29b4d8a6df4dab5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4aaf2d0a-832d-4fe3-85f6-f6f55993a48e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8192
x-amzn-requestid: b61498b4-22cd-4860-98e0-c7aad18a4d96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6sGTXoAMFZpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-23d0f24731d3bfab253f2677;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: dQIy6UCVx9quf2joR_GopPrlSMyy0s8TN-xQqmY38u7ho2jIvTV7gw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 7811
etag: "f2f4664206335b080db6a5608b463945e89de346"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6646df0-31a7-4c5a-8148-5fe9e20f3baf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9338 bytes)
Hash
b5958f828ccc16a41b22d9ae812bccfc
f350f295dd70152712162d4be5b3b5f0d12cde57
230d7d8e570e433d18ec53b6ca114e2a206e8c265c0c66d73388c49db5c91c64

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6646df0-31a7-4c5a-8148-5fe9e20f3baf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9338
x-amzn-requestid: 4ca2eb3c-eba4-43a4-b79a-89546da3d660
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQBfG7soAMF9cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa09-1b5bd53052718f620b920a00;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:41:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 6pHftE0vUMqrH2NR_7DzrWlnD0yal7BkAfee7UeVG7DKZNEAYRa9HQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:45:26 GMT
age: 7286
etag: "f350f295dd70152712162d4be5b3b5f0d12cde57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7919 bytes)
Hash
72ad6f9b79e7a3d11e3ace6b0e969614
a9cd62230d4aabfcc2e8b2494e687d854254113e
1d59cd22b3316da6f1d44076089ba983faed5327d174ddb3cb3d58f487ccae51

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7919
x-amzn-requestid: 01497827-07e5-4129-abf2-120b00eed8c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPs5F1LoAMF8Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df985-4b0c175142a6ace915d5e5d2;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: QElSCxuAj2dM9Psp2_fPTSi1goaNKkylf7D9ITOplorOFLIGIV332g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:52:46 GMT
age: 6846
etag: "a9cd62230d4aabfcc2e8b2494e687d854254113e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js

54.230.111.115

200 OK

59 kB

URL HTTP/2
cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
IP
54.230.111.115:0
ASN
#16509 AMAZON-02

File type
data
Size
59 kB (59212 bytes)
Hash
8fc09d06a92a8fcedd364142bda05a8f
26f582f8954602a48c53d20d3832146b5487cfa0
402741305096e9b3b9c4ff8d06bc6f4326c1fa1ec091cbfbc091399792b8ec13

HTTP Headers

GET /recordedfuture.matomo.cloud/matomo.js HTTP/1.1
Host: cdn.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 05 Oct 2022 18:10:40 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 26 Sep 2022 23:43:34 GMT
etag: W/"eff8d41f927f73f17342e2287b0f57d4"
x-amz-server-side-encryption: AES256
cache-control: max-age=691200
x-amz-version-id: 6de2Yw5gVRBpgAChiNxegRBmKkGhOTvA
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gxe9QO_IbVCP8Ax-qmpaKeorMx_Lj4YP3WTSED2L5vg0zCNiq8cMNA==
age: 20173
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 23:46:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 23:46:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

j.6sc.co/6si.min.js

23.14.5.116

200 OK

9.9 kB

URL HTTP/2
j.6sc.co/6si.min.js
IP
23.14.5.116:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (31553), with no line terminators
Size
9.9 kB (9853 bytes)
Hash
cf96abf5444fef6fe908006a0549e46a
b9b8d45bafcf87cc4d31a3752bbd596e9fff1c13
235a86248a30ae4b29d17b195a613cc6892d781dc3c0ba57655c73db62b89be5

HTTP Headers

GET /6si.min.js HTTP/1.1
Host: j.6sc.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/javascript
etag: "623bb4eb-7b41"
last-modified: Thu, 24 Mar 2022 00:01:47 GMT
pragma: no-cache
server: nginx/1.14.0 (Ubuntu)
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cache-control: private, no-cache, proxy-revalidate
expires: Wed, 05 Oct 2022 23:46:52 GMT
date: Wed, 05 Oct 2022 23:46:52 GMT
content-length: 9853
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
490b5fe6e3721161099b59fbf9e79ac1
d38e0d0883f0519560edd04b5445943dbb74a1e7
864c7fe43859946d02dbe6a980620ad4c82094e2f93f4bd55e2ec90025538783

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 23:46:52 GMT
Last-Modified: Wed, 05 Oct 2022 22:47:39 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HVKvpJ51TY3Au5b-ZUg8NTSFPs8P0xIqiVZVmn4Ei383AssniuW4mg==
Age: 3553

c.6sc.co/

23.14.5.116

200 OK

7 B

URL HTTP/2
c.6sc.co/
IP
23.14.5.116:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
d97623d172f087d9640da9acd38830ff
515bd358bb7d990930f0e2b3de399db1787a2567
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

HTTP Headers

GET / HTTP/1.1
Host: c.6sc.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://therecord.media
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 7
date: Wed, 05 Oct 2022 23:46:52 GMT
access-control-allow-origin: https://therecord.media
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,POST
X-Firefox-Spdy: h2

recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=vSkiVp&url=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F

18.195.235.189

200 OK

119 B

URL HTTP/2
recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=vSkiVp&url=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F
IP
18.195.235.189:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
119 B (119 bytes)
Hash
947355c6e7e11f99d39b5e6072078bb8
dbc35aae0b74a1e69a97a591a5859d06ee97c6e8
f61639666e0594e67cd300be881a84a644003c2c1753ad5793a580b51d594116

HTTP Headers

GET /plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=vSkiVp&url=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F HTTP/1.1
Host: recordedfuture.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:52 GMT
content-type: application/javascript
content-length: 119
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2

recordedfuture.matomo.cloud/matomo.php?action_name=therecord.media%2FHouse%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future&idsite=2&rec=1&r=524425&h=23&m=46&s=52&url=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&_id=219cc72ae7852338&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=FJ2Hb9&fa_pv=1&fa_fp[0][fa_vid]=GSMzcu&fa_fp[0][fa_fv]=1&fa_fp[2][fa_vid]=GUnc9Z&fa_fp[2][fa_fv]=1&fa_fp[3][fa_vid]=WGpcZE&fa_fp[3][fa_fv]=1&pf_net=20&pf_srv=538&pf_tfr=1&pf_dm1=34&pf_dm2=1177&pf_onl=2

18.195.235.189

204 No Content

0 B

URL HTTP/2
recordedfuture.matomo.cloud/matomo.php?action_name=therecord.media%2FHouse%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future&idsite=2&rec=1&r=524425&h=23&m=46&s=52&url=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&_id=219cc72ae7852338&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=FJ2Hb9&fa_pv=1&fa_fp[0][fa_vid]=GSMzcu&fa_fp[0][fa_fv]=1&fa_fp[2][fa_vid]=GUnc9Z&fa_fp[2][fa_fv]=1&fa_fp[3][fa_vid]=WGpcZE&fa_fp[3][fa_fv]=1&pf_net=20&pf_srv=538&pf_tfr=1&pf_dm1=34&pf_dm2=1177&pf_onl=2
IP
18.195.235.189:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /matomo.php?action_name=therecord.media%2FHouse%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future&idsite=2&rec=1&r=524425&h=23&m=46&s=52&url=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&_id=219cc72ae7852338&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=FJ2Hb9&fa_pv=1&fa_fp[0][fa_vid]=GSMzcu&fa_fp[0][fa_fv]=1&fa_fp[2][fa_vid]=GUnc9Z&fa_fp[2][fa_fv]=1&fa_fp[3][fa_vid]=WGpcZE&fa_fp[3][fa_fv]=1&pf_net=20&pf_srv=538&pf_tfr=1&pf_dm1=34&pf_dm2=1177&pf_onl=2 HTTP/1.1
Host: recordedfuture.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://therecord.media
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Wed, 05 Oct 2022 23:46:52 GMT
server: Apache
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
X-Firefox-Spdy: h2

secure.adnxs.com/getuidj

37.252.172.250

200 OK

11 B

URL HTTP/1.1
secure.adnxs.com/getuidj
IP
37.252.172.250:0
ASN
#29990 ASN-APPNEX

File type
JSON data\012- , ASCII text, with no line terminators
Size
11 B (11 bytes)
Hash
096dc398f48c9a61584478fea3ee50a1
7d0a5f87833db711b2eb52c73638c5e14538a969
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

HTTP Headers

GET /getuidj HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://therecord.media
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 05 Oct 2022 23:46:52 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 11
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://therecord.media
AN-X-Request-Uuid: 613a8483-ee3e-44a6-af77-5720a03d05a5
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=263d1be3-6354-46e5-8c11-b297fadc086d&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A52%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22House%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&pageViewId=72e3dda1-650f-4e29-8346-4b0270f203e6&an_uid=0

23.14.5.116

200 OK

43 B

URL HTTP/2
b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=263d1be3-6354-46e5-8c11-b297fadc086d&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A52%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22House%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&pageViewId=72e3dda1-650f-4e29-8346-4b0270f203e6&an_uid=0
IP
23.14.5.116:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=263d1be3-6354-46e5-8c11-b297fadc086d&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A52%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22House%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&pageViewId=72e3dda1-650f-4e29-8346-4b0270f203e6&an_uid=0 HTTP/1.1
Host: b.6sc.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
etag: "615ccf10-2b"
expires: Wed, 19 Apr 2000 11:43:00 GMT
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
pragma: no-cache
server: nginx/1.14.0 (Ubuntu)
x-content-type-options: nosniff
content-length: 43
date: Wed, 05 Oct 2022 23:46:52 GMT
set-cookie: 6suuid=1c985468933000006c173e635c03000070700600; expires=Fri, 04-Oct-2024 23:46:52 GMT; path=/; domain=.6sc.co; SameSite=None; secure
access-control-allow-origin: 
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,POST
X-Firefox-Spdy: h2

js.hs-banner.com/cookie-banner-public/v1/domain-collection

104.18.33.171

200 OK

0 B

URL HTTP/2
js.hs-banner.com/cookie-banner-public/v1/domain-collection
IP
104.18.33.171:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /cookie-banner-public/v1/domain-collection HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://therecord.media/
Origin: https://therecord.media
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:52 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://therecord.media
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 755a0a07ecdcb506-OSL
X-Firefox-Spdy: h2

therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/postscribe.min.js?ver=5.2.5.1

104.18.7.33

200 OK

26 kB

URL HTTP/2
therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/postscribe.min.js?ver=5.2.5.1
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (17660)
Size
26 kB (25905 bytes)
Hash
7833accbbda35f0cce2dd4c0c29abe2a
1f03916a76fbb8495ccfa407a537d3091e5dea29
bd97c7adf1c0adb48d4da36f3c7ffd208370781815a81ca4074bf1c7a6950e96

HTTP Headers

GET /wp-content/plugins/complianz-gdpr-premium/assets/js/postscribe.min.js?ver=5.2.5.1 HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:50 GMT
content-type: application/x-javascript
cache-control: public, max-age=31622400
etag: W/"628cf5a6-45f4"
expires: Fri, 06 Oct 2023 23:46:50 GMT
last-modified: Tue, 24 May 2022 15:11:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-791061d277ba47fba0595e61cf7eba8a-b969b22dbbdeaa27-00
x-cloud-trace-context: 791061d277ba47fba0595e61cf7eba8a/13360405679066491431;o=0
x-pantheon-styx-hostname: styx-fe2-b-d84bbb664-9r5dn
x-styx-req-id: a38ff467-dc02-11ec-9a5d-5ad473118d89
x-served-by: cache-mdw17365-MDW, cache-iad-kiad7000052-IAD
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1653890893.608597,VS0,VE1
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 10461844
server: cloudflare
cf-ray: 755a09fcaf581c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

secure.gravatar.com/avatar/5431967bacb4b01dc46d35e439deff6b?s=96&d=mm&r=g

192.0.73.2

200 OK

16 kB

URL HTTP/2
secure.gravatar.com/avatar/5431967bacb4b01dc46d35e439deff6b?s=96&d=mm&r=g
IP
192.0.73.2:0
ASN
#2635 AUTOMATTIC

File type
PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (15653 bytes)
Hash
efc99a1bbad8a90f3db761e2f24b2745
cce530ced84e8e2bef6f2571bd4c874ce6806614
f06dee7debd31441afc355692cbb7e02f0452f04e0670670182574a2f5d5a326

HTTP Headers

GET /avatar/5431967bacb4b01dc46d35e439deff6b?s=96&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 23:46:53 GMT
content-type: image/png
content-length: 15653
last-modified: Wed, 25 Aug 2021 14:37:11 GMT
link: <https://www.gravatar.com/avatar/5431967bacb4b01dc46d35e439deff6b?s=96&d=mm&r=g>; rel="canonical"
content-disposition: inline; filename="5431967bacb4b01dc46d35e439deff6b.png"
access-control-allow-origin: *
expires: Wed, 05 Oct 2022 23:51:53 GMT
cache-control: max-age=300
x-nc: HIT arn 1
accept-ranges: bytes
X-Firefox-Spdy: h2

js.hs-banner.com/cookie-banner-public/v1/domain-collection

104.18.33.171

204 No Content

0 B

URL HTTP/2
js.hs-banner.com/cookie-banner-public/v1/domain-collection
IP
104.18.33.171:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cookie-banner-public/v1/domain-collection HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 160
Origin: https://therecord.media
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Wed, 05 Oct 2022 23:46:53 GMT
x-trace: 2BF4A2BE6068C93B36B7C70A2154D11CE3C13ECAE4000000000000000000
x-hubspot-correlation-id: 8a2fc180-7147-43c8-b11b-0951a9cc0504
access-control-allow-origin: https://therecord.media
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 755a0a08ad2db506-OSL
X-Firefox-Spdy: h2

js.hs-analytics.net/analytics/1665013500000/252628.js

104.17.67.176

200 OK

20 kB

URL HTTP/2
js.hs-analytics.net/analytics/1665013500000/252628.js
IP
104.17.67.176:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (63804)
Size
20 kB (20426 bytes)
Hash
ec7d292f4b8bf437fff234eaae92e04b
f85eeb9d27317704f54c951cfa71d90ae6fa3d83
a39b6941be0269dd6c0fdcfc01f9681c5911af72d2b6ad6dcfa48cdff766e10b

HTTP Headers

GET /analytics/1665013500000/252628.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:53 GMT
content-type: text/javascript
x-amz-id-2: 8k0CwLFpnSGRqyz7kHUvbTIrt7mDvwJ1oRnpKhCB5b4fLbHSmQXqjiJikFkGBRF5Tz2+bomRcpM=
x-amz-request-id: FRGXD7322488BY20
last-modified: Wed, 31 Aug 2022 11:41:42 GMT
etag: W/"312751fa9daef88ee03355b3fce62d85"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Wed, 05 Oct 2022 23:51:53 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 755a0a093c59b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2

b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=263d1be3-6354-46e5-8c11-b297fadc086d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A53%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A52%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%221001%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22House%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&pageViewId=72e3dda1-650f-4e29-8346-4b0270f203e6&an_uid=0

23.14.5.116

200 OK

43 B

URL HTTP/2
b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=263d1be3-6354-46e5-8c11-b297fadc086d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A53%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A52%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%221001%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22House%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&pageViewId=72e3dda1-650f-4e29-8346-4b0270f203e6&an_uid=0
IP
23.14.5.116:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=263d1be3-6354-46e5-8c11-b297fadc086d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A53%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A52%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%221001%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22House%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&pageViewId=72e3dda1-650f-4e29-8346-4b0270f203e6&an_uid=0 HTTP/1.1
Host: b.6sc.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Cookie: 6suuid=1c985468933000006c173e635c03000070700600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
etag: "5e502810-2b"
expires: Wed, 19 Apr 2000 11:43:00 GMT
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
pragma: no-cache
server: nginx/1.14.0 (Ubuntu)
x-content-type-options: nosniff
content-length: 43
date: Wed, 05 Oct 2022 23:46:53 GMT
set-cookie: 6suuid=1c985468933000006c173e635c03000070700600; expires=Fri, 04-Oct-2024 23:46:53 GMT; path=/; domain=.6sc.co; SameSite=None; secure
access-control-allow-origin: 
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,POST
X-Firefox-Spdy: h2

go.recordedfuture.com/hubfs/iphonex_mockup.png

199.60.103.254

200 OK

195 kB

URL HTTP/2
go.recordedfuture.com/hubfs/iphonex_mockup.png
IP
199.60.103.254:0
ASN
#209242 Cloudflare London, LLC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
195 kB (194832 bytes)
Hash
4af9bc282b8e69b624f7ee5b474a6767
2751c60243777bfd870dedc722b090e6f7860e60
9f5a9ec8652b839da4c94dadcf813b464f836d80d6083989853f1033957acc60

HTTP Headers

GET /hubfs/iphonex_mockup.png HTTP/1.1
Host: go.recordedfuture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:54 GMT
content-type: image/webp
content-length: 194832
cf-ray: 755a0a12183cb500-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 28255
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
content-disposition: inline; filename="iphonex_mockup.webp"
etag: "8e4a9a910444dc630d9dde1cc3bd77f7"
last-modified: Thu, 09 Dec 2021 17:00:15 GMT
strict-transport-security: max-age=31536000
vary: Accept, Accept-Encoding
via: 1.1 85a9508ec4957ee0bf43a046eef1dce2.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-methods: GET
cache-tag: F-38679274737,P-252628,FLS-ALL
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=331559
edge-cache-tag: F-38679274737,P-252628,FLS-ALL
x-amz-cf-id: j0DNcnQQyVPO7LLGU-oOlXC8aO4a7xGOqhvSuYowdnf8oL_SLDqVGA==
x-amz-cf-pop: LAX3-C3
x-amz-id-2: LxHOfigEA9iVG0mFVfUeCClP+1xQFNnhSrR54xUQDDqc2HmpTjjHw63mXesRHw+PJTf8nVjgB7XO9JtrKhpe0Q==
x-amz-meta-cache-tag: F-38679274737,P-252628,FLS-ALL
x-amz-meta-created-unix-time-millis: 1607733110293
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
x-amz-request-id: QVNWRKXVWDH4MX13
x-amz-server-side-encryption: AES256
x-amz-version-id: r9ZOT95rdFsvuhynefdRWZgkO0lzhV1L
x-cache: RefreshHit from cloudfront
x-hs-alternate-content-type: text/plain
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-hs-https-only: worker
x-robots-tag: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNZfWmEbIB0dUiNQ0IsfQNGLtjCsEk%2B4TR%2FWJXE9T98EMX9llAj5Cjt3EoxhLxkg9Ht8vfx0%2BwnQQypsa5XZN34HDwQnOKjtw1M972TiA9R%2FdoUE0xE%2FMNzvu9h8zMOTVXDKy8bQhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=20WQJNP.ACwkC0BPDFdBmOmn3GvMesGz5Uw9OlXYgCU-1665013614-0-AdQnAKgkOn5gNYWjzQbwNxz/qVgKrf5F6qho7g/JRF+zgdo//foZW8+exN68u5JDwz0npdS0iidQkWRmaFvaTxA=; path=/; expires=Thu, 06-Oct-22 00:16:54 GMT; domain=.go.recordedfuture.com; HttpOnly; Secure; SameSite=None
__cfruid=146479d0604fda4d28e330933a8cfc136f4dd454-1665013614; path=/; domain=.go.recordedfuture.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=263d1be3-6354-46e5-8c11-b297fadc086d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A54%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A53%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22House%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&pageViewId=72e3dda1-650f-4e29-8346-4b0270f203e6&an_uid=0

23.14.5.116

200 OK

43 B

URL HTTP/2
b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=263d1be3-6354-46e5-8c11-b297fadc086d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A54%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A53%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22House%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&pageViewId=72e3dda1-650f-4e29-8346-4b0270f203e6&an_uid=0
IP
23.14.5.116:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=263d1be3-6354-46e5-8c11-b297fadc086d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A54%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A53%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22House%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&pageViewId=72e3dda1-650f-4e29-8346-4b0270f203e6&an_uid=0 HTTP/1.1
Host: b.6sc.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Cookie: 6suuid=1c985468933000006c173e635c03000070700600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
etag: "615ccf10-2b"
expires: Wed, 19 Apr 2000 11:43:00 GMT
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
pragma: no-cache
server: nginx/1.14.0 (Ubuntu)
x-content-type-options: nosniff
content-length: 43
date: Wed, 05 Oct 2022 23:46:54 GMT
set-cookie: 6suuid=1c985468933000006c173e635c03000070700600; expires=Fri, 04-Oct-2024 23:46:54 GMT; path=/; domain=.6sc.co; SameSite=None; secure
access-control-allow-origin: 
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,POST
X-Firefox-Spdy: h2

b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=263d1be3-6354-46e5-8c11-b297fadc086d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A55%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A54%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223004%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22House%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&pageViewId=72e3dda1-650f-4e29-8346-4b0270f203e6&an_uid=0

23.14.5.116

200 OK

43 B

URL HTTP/2
b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=263d1be3-6354-46e5-8c11-b297fadc086d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A55%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A54%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223004%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22House%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&pageViewId=72e3dda1-650f-4e29-8346-4b0270f203e6&an_uid=0
IP
23.14.5.116:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=263d1be3-6354-46e5-8c11-b297fadc086d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A55%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A54%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223004%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22House%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&pageViewId=72e3dda1-650f-4e29-8346-4b0270f203e6&an_uid=0 HTTP/1.1
Host: b.6sc.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Cookie: 6suuid=1c985468933000006c173e635c03000070700600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
etag: "615ccf10-2b"
expires: Wed, 19 Apr 2000 11:43:00 GMT
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
pragma: no-cache
server: nginx/1.14.0 (Ubuntu)
x-content-type-options: nosniff
content-length: 43
date: Wed, 05 Oct 2022 23:46:55 GMT
set-cookie: 6suuid=1c985468933000006c173e635c03000070700600; expires=Fri, 04-Oct-2024 23:46:55 GMT; path=/; domain=.6sc.co; SameSite=None; secure
access-control-allow-origin: 
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,POST
X-Firefox-Spdy: h2

b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=263d1be3-6354-46e5-8c11-b297fadc086d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A56%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A55%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%224007%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22House%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&pageViewId=72e3dda1-650f-4e29-8346-4b0270f203e6&an_uid=0

23.14.5.116

200 OK

43 B

URL HTTP/2
b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=263d1be3-6354-46e5-8c11-b297fadc086d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A56%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A55%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%224007%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22House%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&pageViewId=72e3dda1-650f-4e29-8346-4b0270f203e6&an_uid=0
IP
23.14.5.116:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=263d1be3-6354-46e5-8c11-b297fadc086d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A56%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A55%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%224007%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22House%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&pageViewId=72e3dda1-650f-4e29-8346-4b0270f203e6&an_uid=0 HTTP/1.1
Host: b.6sc.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Cookie: 6suuid=1c985468933000006c173e635c03000070700600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
etag: "5e502810-2b"
expires: Wed, 19 Apr 2000 11:43:00 GMT
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
pragma: no-cache
server: nginx/1.14.0 (Ubuntu)
x-content-type-options: nosniff
content-length: 43
date: Wed, 05 Oct 2022 23:46:56 GMT
set-cookie: 6suuid=1c985468933000006c173e635c03000070700600; expires=Fri, 04-Oct-2024 23:46:56 GMT; path=/; domain=.6sc.co; SameSite=None; secure
access-control-allow-origin: 
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,POST
X-Firefox-Spdy: h2

b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=263d1be3-6354-46e5-8c11-b297fadc086d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A57%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A56%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225008%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22House%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&pageViewId=72e3dda1-650f-4e29-8346-4b0270f203e6&an_uid=0

23.14.5.116

200 OK

43 B

URL HTTP/2
b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=263d1be3-6354-46e5-8c11-b297fadc086d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A57%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A56%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225008%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22House%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&pageViewId=72e3dda1-650f-4e29-8346-4b0270f203e6&an_uid=0
IP
23.14.5.116:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=263d1be3-6354-46e5-8c11-b297fadc086d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A57%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2005%20Oct%202022%2023%3A46%3A56%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225008%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22House%20GOP%20group%20prepping%20for%20surveillance%20renewal%20fight%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F&pageViewId=72e3dda1-650f-4e29-8346-4b0270f203e6&an_uid=0 HTTP/1.1
Host: b.6sc.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Cookie: 6suuid=1c985468933000006c173e635c03000070700600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
etag: "615ccf10-2b"
expires: Wed, 19 Apr 2000 11:43:00 GMT
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
pragma: no-cache
server: nginx/1.14.0 (Ubuntu)
x-content-type-options: nosniff
content-length: 43
date: Wed, 05 Oct 2022 23:46:57 GMT
set-cookie: 6suuid=1c985468933000006c173e635c03000070700600; expires=Fri, 04-Oct-2024 23:46:57 GMT; path=/; domain=.6sc.co; SameSite=None; secure
access-control-allow-origin: 
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,POST
X-Firefox-Spdy: h2

therecord.media/wp-content/uploads/2020/08/TheRecord-Favicon.ico

104.18.7.33

200 OK

0 B

URL HTTP/2
therecord.media/wp-content/uploads/2020/08/TheRecord-Favicon.ico
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2020/08/TheRecord-Favicon.ico HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:51 GMT
content-type: image/x-icon
cache-control: public, max-age=31622400
etag: W/"6176da46-47e"
expires: Fri, 06 Oct 2023 23:46:51 GMT
last-modified: Mon, 25 Oct 2021 16:24:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-pantheon-styx-hostname: styx-fe2-a-5bffbbcccc-fbjph
x-styx-req-id: 0bf515ba-3db8-11ec-a770-9af5deefdbaa
x-served-by: cache-mdw17359-MDW, cache-bwi5031-BWI
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1636649532.691926,VS0,VE1
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 28361497
server: cloudflare
cf-ray: 755a0a00d93c1c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

js.hsleadflows.net/leadflows.js

104.17.230.204

200 OK

0 B

URL HTTP/2
js.hsleadflows.net/leadflows.js
IP
104.17.230.204:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /leadflows.js HTTP/1.1
Host: js.hsleadflows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://therecord.media
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:52 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Tue, 06 Sep 2022 03:53:55 UTC
etag: W/"6ec4f161716a8da5c8c95cda1e89dc05"
x-amz-server-side-encryption: AES256
x-amz-version-id: Ur8e8LShl3Q9Sr_qgQx0CQrFz7yEnpM5
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 65cdd88e2e6e21b095c2caf59292000c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amz-cf-id: vOeOCfAY_bECadikJPDVTrzpQdsi1MHgLnCgdh3Ix1K2v3MVTkHF4Q==
cache-control: s-maxage=86400, max-age=0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js&cfRay=74686876a97b98f1-IAD
x-hs-target-asset: lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 53608
server: cloudflare
cf-ray: 755a0a049e3bb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2

js.hs-banner.com/252628.js

104.18.33.171

200 OK

0 B

URL HTTP/2
js.hs-banner.com/252628.js
IP
104.18.33.171:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /252628.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:52 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: WxoG6DTtDJpRJqPwN52TRDboiZwWFS6Af3F5e1hbuglOJjFqnKe8oNWEjHGEWtrH++NQcYxq1JA=
x-amz-request-id: VPFEPW977BKYNFMS
last-modified: Tue, 30 Aug 2022 20:26:59 GMT
etag: W/"7a8725a1da272a5462950cc65b512743"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: Wss30lER4pJjquUEL_UQv7kKbk3x466P
access-control-allow-origin: https://therecord.media
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
expires: Wed, 05 Oct 2022 23:51:52 GMT
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 755a0a0498dfb521-OSL
content-encoding: br
X-Firefox-Spdy: h2

therecord.media/wp-content/plugins/rf-rss-feed/public/css/rf-rss-widget.css?ver=5.9

104.18.7.33

200 OK

0 B

URL HTTP/2
therecord.media/wp-content/plugins/rf-rss-feed/public/css/rf-rss-widget.css?ver=5.9
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/rf-rss-feed/public/css/rf-rss-widget.css?ver=5.9 HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:50 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=944
cache-control: public, max-age=31622400
etag: W/"62a7c6e9-3b0"
expires: Fri, 06 Oct 2023 23:46:50 GMT
last-modified: Mon, 13 Jun 2022 23:23:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-b8b0ec718b92420f929e3d43222c1080-cb42a8f8634e9d14-00
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-cloud-trace-context: b8b0ec718b92420f929e3d43222c1080/14646454722933726484;o=0
x-pantheon-styx-hostname: styx-fe2-a-55bc5f95bf-ctgww
x-served-by: cache-mdw17374-MDW, cache-iad-kcgs7200076-IAD
x-styx-req-id: b5b314a6-ecac-11ec-a59d-86a3cab65434
x-timer: S1655442334.403647,VS0,VE12
cf-cache-status: HIT
age: 8054261
server: cloudflare
cf-ray: 755a09fbeefd1c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

therecord.media/wp-includes/css/dist/block-library/style.min.css?ver=5.9

104.18.7.33

200 OK

0 B

URL HTTP/2
therecord.media/wp-includes/css/dist/block-library/style.min.css?ver=5.9
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9 HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:50 GMT
content-type: text/css
cache-control: public, max-age=31622400
etag: W/"62171956-1357b"
expires: Fri, 06 Oct 2023 23:46:50 GMT
last-modified: Thu, 24 Feb 2022 05:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-c48a57e3fa85462c871cab88f7d4d0c5-311f59738ee0469f-00
x-cloud-trace-context: c48a57e3fa85462c871cab88f7d4d0c5/3539646184989673119;o=0
x-pantheon-styx-hostname: styx-fe2-b-f66bf767-blkw5
x-styx-req-id: 50bfd919-960e-11ec-9e53-4e05055188a5
x-served-by: cache-mdw17382-MDW, cache-iad-kcgs7200026-IAD
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1645777591.280536,VS0,VE2
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 630820
server: cloudflare
cf-ray: 755a09fbeefc1c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

therecord.media/wp-content/uploads/2021/06/PrimaryLogo-RGB-Carrot.svg

104.18.7.33

200 OK

0 B

URL HTTP/2
therecord.media/wp-content/uploads/2021/06/PrimaryLogo-RGB-Carrot.svg
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2021/06/PrimaryLogo-RGB-Carrot.svg HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:50 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31622400
etag: W/"6176ddc9-1421"
expires: Fri, 06 Oct 2023 23:46:50 GMT
last-modified: Mon, 25 Oct 2021 16:39:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-7b7c3704ba1e48eabc8022e6defdaa0a-98daaa0ce29d48c9-00
x-cloud-trace-context: 7b7c3704ba1e48eabc8022e6defdaa0a/11014302811006257353;o=0
x-pantheon-styx-hostname: styx-fe2-b-f66bf767-m2n7r
x-styx-req-id: 008b1664-aaa3-11ec-9ccb-320480f57ac6
x-served-by: cache-mdw17372-MDW, cache-iad-kcgs7200043-IAD
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1649304099.066385,VS0,VE1
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 10451746
server: cloudflare
cf-ray: 755a09fbff071c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

therecord.media/wp-content/themes/therecordmedia/assets/css/custom-v8.css?ver=2022-01-20_3

104.18.7.33

200 OK

0 B

URL HTTP/2
therecord.media/wp-content/themes/therecordmedia/assets/css/custom-v8.css?ver=2022-01-20_3
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/therecordmedia/assets/css/custom-v8.css?ver=2022-01-20_3 HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:50 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7291
cache-control: public, max-age=31622400
etag: W/"62835b45-1c7b"
expires: Fri, 06 Oct 2023 23:46:50 GMT
last-modified: Tue, 17 May 2022 08:22:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-aa3f4fafc610470c98d532a4cfe39f86-b0012068e4446890-00
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-cloud-trace-context: aa3f4fafc610470c98d532a4cfe39f86/12682453660530403472;o=0
x-pantheon-styx-hostname: styx-fe2-b-5b85c46fc7-cjkxj
x-served-by: cache-mdw17348-MDW, cache-iad-kiad7000111-IAD
x-styx-req-id: f9c46596-d5d0-11ec-a3f4-b23862e2270a
x-timer: S1653890893.500856,VS0,VE2
cf-cache-status: HIT
age: 10459357
server: cloudflare
cf-ray: 755a09fbff031c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

forms.hubspot.com/lead-flows-config/v1/config/json?portalId=252628&utk=a5eb32a5487941c9812774088f8682ff&__hstc=156209188.a5eb32a5487941c9812774088f8682ff.1665013613177.1665013613177.1665013613177.1&__hssc=156209188.1.1665013613177&currentUrl=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F

104.19.155.83

200 OK

0 B

URL HTTP/2
forms.hubspot.com/lead-flows-config/v1/config/json?portalId=252628&utk=a5eb32a5487941c9812774088f8682ff&__hstc=156209188.a5eb32a5487941c9812774088f8682ff.1665013613177.1665013613177.1665013613177.1&__hssc=156209188.1.1665013613177&currentUrl=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F
IP
104.19.155.83:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lead-flows-config/v1/config/json?portalId=252628&utk=a5eb32a5487941c9812774088f8682ff&__hstc=156209188.a5eb32a5487941c9812774088f8682ff.1665013613177.1665013613177.1665013613177.1&__hssc=156209188.1.1665013613177&currentUrl=https%3A%2F%2Ftherecord.media%2Fhouse-gop-intel-group-prepping-for-surveillance-renewal-fight%2F HTTP/1.1
Host: forms.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://therecord.media
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:53 GMT
content-type: application/json;charset=utf-8
vary: origin
x-hubspot-correlation-id: a2a33740-03aa-46e7-b782-1954329776a4
access-control-allow-credentials: false
access-control-allow-origin: https://therecord.media
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
access-control-max-age: 180
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=o6auk_gI0oygfOyMq1B1EreoZG7_O7BYK75NvrcSfKQ-1665013613-0-AWmTTlXeGJtBa2+NPBQ4JAGytrm9kRpmUFLFBRa3UyZNOAZX5Sphv7BwPWdEgdT1ig7l+Hnk39c7iE9uXv55cKo=; path=/; expires=Thu, 06-Oct-22 00:16:53 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deObIxjiY5yFPJ7zhEtJiYmpMkqJyWDvUqnnhldViERQNPeR6YCm6%2FYzi6N4NLCtlOQaTiD7GkenWxdWMPt1q7lfYhVkG46Cf6YuKhCTanNz16Hd%2Bk6cganURt9RFXc9AGsc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 755a0a0acc7bb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.matomo.cloud/recordedfuture.matomo.cloud/container_41sBJe2I.js

54.230.111.115

200 OK

0 B

URL HTTP/2
cdn.matomo.cloud/recordedfuture.matomo.cloud/container_41sBJe2I.js
IP
54.230.111.115:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /recordedfuture.matomo.cloud/container_41sBJe2I.js HTTP/1.1
Host: cdn.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 05 Oct 2022 19:00:45 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Mar 2022 00:05:14 GMT
etag: W/"9b1a4110a486775edfe6380976be97a1"
x-amz-server-side-encryption: AES256
cache-control: max-age=691200
x-amz-version-id: BSLfAVnr_0vNH1otSRL6_DRX_fyF9RuU
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RRTXd_rUdm4hANHlK42CLSGFsdlfi1n6njsCntBM-Fk1RFepB_IdKQ==
age: 17168
X-Firefox-Spdy: h2

therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/

104.18.7.33

200 OK

0 B

URL HTTP/2
therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /house-gop-intel-group-prepping-for-surveillance-renewal-fight/ HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:50 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=600
link: <https://therecord.media/?p=17744>; rel=shortlink
set-cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826; path=/; secure; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains
x-pantheon-styx-hostname: styx-fe2-a-7d98b4cfd9-289r8
x-pingback: https://therecord.media/xmlrpc.php
x-styx-req-id: fb615f7c-4507-11ed-a357-16feb0cd7ecd
x-served-by: cache-chi-klot8100086-CHI, cache-iad-kcgs7200097-IAD
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1665013610.270372,VS0,VE401
vary: Accept-Encoding, Cookie, Cookie
age: 0
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 755a09f7bd231c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/css/cookieconsent.min.css?ver=5.2.5.1

104.18.7.33

200 OK

0 B

URL HTTP/2
therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/css/cookieconsent.min.css?ver=5.2.5.1
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/complianz-gdpr-premium/assets/css/cookieconsent.min.css?ver=5.2.5.1 HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:50 GMT
content-type: text/css
cache-control: public, max-age=31622400
etag: W/"61908f3c-519d"
expires: Fri, 06 Oct 2023 23:46:50 GMT
last-modified: Sun, 14 Nov 2021 04:23:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-pantheon-styx-hostname: styx-fe2-a-5bffbbcccc-8zzpg
x-styx-req-id: 8effd658-4625-11ec-952d-b6cb26c9e387
x-served-by: cache-mdw17383-MDW, cache-wdc5581-WDC
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1636988967.198122,VS0,VE1
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 28023199
server: cloudflare
cf-ray: 755a09fbff061c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

js.hs-scripts.com/252628.js

104.17.212.204

200 OK

0 B

URL HTTP/2
js.hs-scripts.com/252628.js
IP
104.17.212.204:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /252628.js HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:51 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2BC81DAF830C2ABA854BE0B96F5463CB94470E9369000000000000000000
cache-control: public, max-age=60
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 55f20f19-b046-4b9b-8778-040773c5cb63
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://therecord.media
last-modified: Wed, 05 Oct 2022 22:27:00 GMT
cf-cache-status: EXPIRED
expires: Wed, 05 Oct 2022 23:47:51 GMT
server: cloudflare
cf-ray: 755a09fd0a7cb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2

therecord.media/wp-content/themes/therecordmedia/assets/js/custom-v5.js?ver=2022-01-20_3

104.18.7.33

200 OK

0 B

URL HTTP/2
therecord.media/wp-content/themes/therecordmedia/assets/js/custom-v5.js?ver=2022-01-20_3
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/therecordmedia/assets/js/custom-v5.js?ver=2022-01-20_3 HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:51 GMT
content-type: application/x-javascript
cf-bgj: minify
cf-polished: origSize=5580
cache-control: public, max-age=31622400
etag: W/"6279751f-15cc"
expires: Fri, 06 Oct 2023 23:46:51 GMT
last-modified: Mon, 09 May 2022 20:10:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-cc54e20098f248888e73d0c38b600430-b86fb7d4309a80a8-00
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-cloud-trace-context: cc54e20098f248888e73d0c38b600430/13290043147370004648;o=0
x-pantheon-styx-hostname: styx-fe2-b-858b886844-57l9d
x-served-by: cache-mdw17363-MDW, cache-iad-kcgs7200103-IAD
x-styx-req-id: ee6a790d-d058-11ec-a377-264566700925
x-timer: S1653526511.128856,VS0,VE4
cf-cache-status: HIT
age: 10461844
server: cloudflare
cf-ray: 755a09fcbf601c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

therecord.media/wp-content/themes/therecordmedia/assets/js/modernizr_2.8.3.js?ver=2022-01-20_3

104.18.7.33

200 OK

0 B

URL HTTP/2
therecord.media/wp-content/themes/therecordmedia/assets/js/modernizr_2.8.3.js?ver=2022-01-20_3
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/therecordmedia/assets/js/modernizr_2.8.3.js?ver=2022-01-20_3 HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:51 GMT
content-type: application/x-javascript
cf-bgj: minify
cf-polished: origSize=15506
cache-control: public, max-age=31622400
etag: W/"628b1a13-3c92"
expires: Fri, 06 Oct 2023 23:46:51 GMT
last-modified: Mon, 23 May 2022 05:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-06604edfc94a4501ad28d8f63f9c5f67-7d9c9eff6dac6beb-00
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-cloud-trace-context: 06604edfc94a4501ad28d8f63f9c5f67/9051284171001719787;o=0
x-pantheon-styx-hostname: styx-fe2-b-d84bbb664-8l85v
x-served-by: cache-mdw17362-MDW, cache-iad-kiad7000050-IAD
x-styx-req-id: 3e44f9df-db4c-11ec-a254-7a420a75f39a
x-timer: S1653890893.700052,VS0,VE2
cf-cache-status: HIT
age: 578107
server: cloudflare
cf-ray: 755a09fccf6d1c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

therecord.media/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=14.0.1.4

104.18.7.33

200 OK

0 B

URL HTTP/2
therecord.media/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=14.0.1.4
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=14.0.1.4 HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:50 GMT
content-type: text/css
cache-control: public, max-age=31622400
etag: W/"629de6f3-2046"
expires: Fri, 06 Oct 2023 23:46:50 GMT
last-modified: Mon, 06 Jun 2022 11:37:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-09abf1cbaf1343639abe7ff96e4e795e-d94b362e51697cb3-00
x-cloud-trace-context: 09abf1cbaf1343639abe7ff96e4e795e/15657668102045924531;o=0
x-pantheon-styx-hostname: styx-fe2-b-5d8c4d9d59-lh42g
x-styx-req-id: 3b205ed4-e5b3-11ec-aa4c-123f3b800958
x-served-by: cache-mdw17371-MDW, cache-iad-kiad7000116-IAD
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1655442335.803913,VS0,VE2
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 8099920
server: cloudflare
cf-ray: 755a09fbff041c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

therecord.media/wp-content/themes/therecordmedia/assets/css/style-v5.css?ver=2022-01-20_3

104.18.7.33

200 OK

0 B

URL HTTP/2
therecord.media/wp-content/themes/therecordmedia/assets/css/style-v5.css?ver=2022-01-20_3
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/therecordmedia/assets/css/style-v5.css?ver=2022-01-20_3 HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:50 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=460519
cache-control: public, max-age=31622400
etag: W/"62811405-706e7"
expires: Fri, 06 Oct 2023 23:46:50 GMT
last-modified: Sun, 15 May 2022 14:53:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-14ae0d09ec154b1b94c0719b2e27bad6-6c219a7fb48ce2e8-00
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-cloud-trace-context: 14ae0d09ec154b1b94c0719b2e27bad6/7791678703608324840;o=0
x-pantheon-styx-hostname: styx-fe2-a-8dffc8694-cgfdq
x-served-by: cache-mdw17365-MDW, cache-iad-kjyo7100094-IAD
x-styx-req-id: 08f16e14-d5de-11ec-8d78-62fd88d1513f
x-timer: S1654148627.743576,VS0,VE1
cf-cache-status: HIT
age: 10461847
server: cloudflare
cf-ray: 755a09fbef021c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.18.7.33

200 OK

0 B

URL HTTP/2
therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:50 GMT
content-type: application/javascript
last-modified: Tue, 04 Oct 2022 15:38:08 GMT
etag: W/"633c5360-302c"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
cf-ray: 755a09fbff141c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 07 Oct 2022 23:46:50 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/complianz.min.js?ver=5.2.5.1

104.18.7.33

200 OK

0 B

URL HTTP/2
therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/complianz.min.js?ver=5.2.5.1
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/complianz-gdpr-premium/assets/js/complianz.min.js?ver=5.2.5.1 HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:50 GMT
content-type: application/x-javascript
cache-control: public, max-age=31622400
etag: W/"629977c3-9e2d"
expires: Fri, 06 Oct 2023 23:46:50 GMT
last-modified: Fri, 03 Jun 2022 02:53:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-44a5591d24a74046a921d8446fdaaebf-0265578cd65dab0e-00
x-cloud-trace-context: 44a5591d24a74046a921d8446fdaaebf/172640423127132942;o=0
x-pantheon-styx-hostname: styx-fe2-a-56b8cbf9b6-6x77j
x-styx-req-id: a33a4d36-e34c-11ec-8dd2-ca991121316e
x-served-by: cache-mdw17376-MDW, cache-iad-kjyo7100160-IAD
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1654453090.511102,VS0,VE2
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 8099919
server: cloudflare
cf-ray: 755a09fcaf561c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

therecord.media/wp-content/themes/therecordmedia/assets/js/bundle.js?ver=2022-01-20_3

104.18.7.33

200 OK

0 B

URL HTTP/2
therecord.media/wp-content/themes/therecordmedia/assets/js/bundle.js?ver=2022-01-20_3
IP
104.18.7.33:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/therecordmedia/assets/js/bundle.js?ver=2022-01-20_3 HTTP/1.1
Host: therecord.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://therecord.media/house-gop-intel-group-prepping-for-surveillance-renewal-fight/
Cookie: wordpress_google_apps_login=ef4e3d4a306d3eade354a4a10e966826
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 23:46:51 GMT
content-type: application/x-javascript
cf-bgj: minify
cf-polished: origSize=525445
cache-control: public, max-age=31622400
etag: W/"627a67ad-80485"
expires: Fri, 06 Oct 2023 23:46:51 GMT
last-modified: Tue, 10 May 2022 13:25:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
traceparent: 00-aafffe33f3a94e30934d3fc889f346c7-68a7eaa1825a78a5-00
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-cloud-trace-context: aafffe33f3a94e30934d3fc889f346c7/7541254080452786341;o=0
x-pantheon-styx-hostname: styx-fe2-a-5659d4cf87-7xm8h
x-served-by: cache-mdw17351-MDW, cache-iad-kjyo7100150-IAD
x-styx-req-id: 9b71127e-d06e-11ec-9491-962e6f6f2faa
x-timer: S1654762000.581559,VS0,VE2
cf-cache-status: HIT
age: 633894
server: cloudflare
cf-ray: 755a09fcbf611c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (38)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP