urlscan.io logo urlscan.io
SecurityTrails logo

www.wsj.com Open in urlscan Pro
2600:9000:21f3:ba00:3:4b0:de80:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://url9274.cyberheistnews.com/ls/click?upn=Uamt9mHsVnKn91os22RmxKhZ1Mj-2FHyLt46jPDKxRP3ZAtNYid89UVmVpXakoD9FJHLAuDDUsnbOs5RaGV...
Effective URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Submission: On June 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 44 IPs in 6 countries across 32 domains to perform 179 HTTP transactions. The main IP is 2600:9000:21f3:ba00:3:4b0:de80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.wsj.com. The Cisco Umbrella rank of the primary domain is 10554.
TLS certificate: Issued by Amazon on November 1st 2021. Valid for: a year.
This is the only time www.wsj.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.83 11377 (SENDGRID)
27 2600:9000:21f... 16509 (AMAZON-02)
1 108.129.42.99 16509 (AMAZON-02)
3 142.250.185.226 15169 (GOOGLE)
1 13.224.198.49 16509 (AMAZON-02)
1 23.35.237.151 16625 (AKAMAI-AS)
5 108.138.4.10 16509 (AMAZON-02)
22 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.225.77.105 16509 (AMAZON-02)
1 54.231.136.248 16509 (AMAZON-02)
28 2600:9000:20e... 16509 (AMAZON-02)
23 2600:9000:21f... 16509 (AMAZON-02)
2 18.169.253.44 16509 (AMAZON-02)
6 108.156.60.66 16509 (AMAZON-02)
6 96.16.146.246 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
1 18.64.103.62 16509 (AMAZON-02)
3 13.225.77.24 16509 (AMAZON-02)
1 50.17.69.144 14618 (AMAZON-AES)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 3.33.220.150 16509 (AMAZON-02)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 13.225.77.91 16509 (AMAZON-02)
2 84.17.46.53 60068 (CDN77 ^_^)
1 54.145.162.27 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
1 23.35.236.247 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
3 147.75.83.64 54825 (PACKET)
4 147.75.85.120 54825 (PACKET)
1 151.101.194.137 54113 (FASTLY)
2 3.129.100.179 16509 (AMAZON-02)
2 162.247.241.14 23467 (NEWRELIC-...)
2 2600:9000:224... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.204.205.169 14618 (AMAZON-AES)
1 5 34.252.147.157 16509 (AMAZON-02)
2 15.236.176.210 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.248.150.209 16509 (AMAZON-02)
2 2 54.154.144.208 16509 (AMAZON-02)
179 44
1    167.89.118.83 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x83.outbound-mail.sendgrid.net
url9274.cyberheistnews.com
27    2600:9000:21f3:ba00:3:4b0:de80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.wsj.com
1    108.129.42.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-42-99.eu-west-1.compute.amazonaws.com
segment-data.zqtk.net
3    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
1    13.224.198.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-49.fra2.r.cloudfront.net
us.tags.newscgp.com
1    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
5    108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net
c.amazon-adsystem.com
22    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
news.google.com
play.google.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    13.225.77.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-105.fra2.r.cloudfront.net
sts3.wsj.net
1    54.231.136.248 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
28    2600:9000:20eb:d200:1a:635e:8fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
asset.barrons.com
23    2600:9000:21f3:d600:e:b675:f600:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.wsj.net
2    18.169.253.44 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-253-44.eu-west-2.compute.amazonaws.com
mb.moatads.com
geo.moatads.com
6    108.156.60.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-66.ams1.r.cloudfront.net
cdn.privacy-mgmt.com
6    96.16.146.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-146-246.deploy.static.akamaitechnologies.com
video-api.wsj.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2600:9000:225f:6600:f:5016:900:93a1 (United States)

ASN16509 (AMAZON-02, US)
accounts.wsj.com
1    18.64.103.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-62.txl50.r.cloudfront.net
ats.rlcdn.com
3    13.225.77.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-24.fra2.r.cloudfront.net
tagan.adlightning.com
1    50.17.69.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-69-144.compute-1.amazonaws.com
id.sv.rkdms.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    2a02:26f0:6c00:2bf::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
1    13.225.77.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-91.fra2.r.cloudfront.net
geo.privacymanager.io
2    84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com
cl.qualaroo.com
dntcl.qualaroo.com
1    54.145.162.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-162-27.compute-1.amazonaws.com
api.vidora.com
4    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:20eb:c400:19:3d3:51c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.wsj.net
3    147.75.83.64 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
4    147.75.85.120 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
api.cxense.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    3.129.100.179 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-100-179.us-east-2.compute.amazonaws.com
wsjstream.wsj.net
2    162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
2    2600:9000:224a:a000:6:60db:a3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
video-api.shdsvc.dowjones.io
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    54.204.205.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-205-169.compute-1.amazonaws.com
a.vidora.com
5    34.252.147.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-147-157.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
oms.dowjoneson.com
1    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    3.248.150.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-150-209.eu-west-1.compute.amazonaws.com
dowjones.demdex.net
2    54.154.144.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-144-208.eu-west-1.compute.amazonaws.com
cm.everesttech.net
Apex Domain
Subdomains		 Transfer
34 wsj.com
www.wsj.com — Cisco Umbrella Rank: 10554
video-api.wsj.com — Cisco Umbrella Rank: 12707
accounts.wsj.com — Cisco Umbrella Rank: 19707
1 MB
28 barrons.com
asset.barrons.com — Cisco Umbrella Rank: 20517
894 KB
27 wsj.net
sts3.wsj.net — Cisco Umbrella Rank: 12540
images.wsj.net — Cisco Umbrella Rank: 14944
s.wsj.net — Cisco Umbrella Rank: 16609
wsjstream.wsj.net — Cisco Umbrella Rank: 12954
254 KB
23 google.com
news.google.com — Cisco Umbrella Rank: 4593
apis.google.com — Cisco Umbrella Rank: 100
play.google.com — Cisco Umbrella Rank: 29
190 KB
11 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 4611
p1cluster.cxense.com — Cisco Umbrella Rank: 6665
comcluster.cxense.com — Cisco Umbrella Rank: 4476
id.cxense.com — Cisco Umbrella Rank: 8342
api.cxense.com — Cisco Umbrella Rank: 6677
79 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 194
dowjones.demdex.net — Cisco Umbrella Rank: 14988
8 KB
6 privacy-mgmt.com
cdn.privacy-mgmt.com — Cisco Umbrella Rank: 5046
193 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
127 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 280
42 KB
3 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1378
59 KB
3 moatads.com
z.moatads.com — Cisco Umbrella Rank: 341
mb.moatads.com — Cisco Umbrella Rank: 552
geo.moatads.com — Cisco Umbrella Rank: 581
79 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 173
152 KB
2 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 923
1 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
13 KB
2 dowjoneson.com
oms.dowjoneson.com — Cisco Umbrella Rank: 12689
879 B
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 381
332 KB
2 dowjones.io
video-api.shdsvc.dowjones.io — Cisco Umbrella Rank: 14198
3 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 582
1 KB
2 vidora.com
api.vidora.com — Cisco Umbrella Rank: 16252
a.vidora.com — Cisco Umbrella Rank: 37784
774 B
2 qualaroo.com
cl.qualaroo.com — Cisco Umbrella Rank: 5093
dntcl.qualaroo.com — Cisco Umbrella Rank: 6116
49 KB
2 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1245
api.rlcdn.com — Cisco Umbrella Rank: 783
38 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 242
17 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 347
18 KB
1 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 1313
426 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1326
592 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
388 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 4135
165 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 206
6 KB
1 amazonaws.com
s3.amazonaws.com
727 B
1 newscgp.com
us.tags.newscgp.com — Cisco Umbrella Rank: 7241
142 KB
1 zqtk.net
segment-data.zqtk.net — Cisco Umbrella Rank: 8437
1 KB
1 cyberheistnews.com
url9274.cyberheistnews.com — Cisco Umbrella Rank: 608587
317 B
179 32
Domain Requested by
28 asset.barrons.com www.wsj.com
asset.barrons.com
27 www.wsj.com www.wsj.com
23 images.wsj.net www.wsj.com
13 play.google.com www.gstatic.com
9 news.google.com www.wsj.com
news.google.com
www.gstatic.com
6 video-api.wsj.com www.wsj.com
6 cdn.privacy-mgmt.com www.wsj.com
cdn.privacy-mgmt.com
5 dpm.demdex.net 1 redirects www.wsj.com
5 c.amazon-adsystem.com www.wsj.com
4 api.cxense.com www.wsj.com
4 www.gstatic.com news.google.com
www.gstatic.com
4 cdn.cxense.com www.wsj.com
cdn.cxense.com
3 tagan.adlightning.com www.wsj.com
3 securepubads.g.doubleclick.net www.wsj.com
2 cm.everesttech.net 2 redirects
2 pagead2.googlesyndication.com srcdoc
2 oms.dowjoneson.com www.wsj.com
2 imasdk.googleapis.com www.wsj.com
2 video-api.shdsvc.dowjones.io www.wsj.com
2 bam.nr-data.net www.wsj.com
2 wsjstream.wsj.net www.wsj.com
1 dowjones.demdex.net www.wsj.com
1 s0.2mdn.net www.wsj.com
1 a.vidora.com video-api.wsj.com
1 js-agent.newrelic.com www.wsj.com
1 dntcl.qualaroo.com www.wsj.com
1 id.cxense.com www.wsj.com
1 comcluster.cxense.com cdn.cxense.com
1 p1cluster.cxense.com cdn.cxense.com
1 s.wsj.net www.wsj.com
1 fonts.gstatic.com news.google.com
1 as-sec.casalemedia.com www.wsj.com
1 api.vidora.com www.wsj.com
1 cl.qualaroo.com www.wsj.com
1 geo.privacymanager.io www.wsj.com
1 match.adsrvr.org www.wsj.com
1 api.rlcdn.com www.wsj.com
1 id.sv.rkdms.com www.wsj.com
1 ats.rlcdn.com www.wsj.com
1 accounts.wsj.com www.wsj.com
1 cdnjs.cloudflare.com www.wsj.com
1 geo.moatads.com z.moatads.com
1 mb.moatads.com z.moatads.com
1 s3.amazonaws.com www.wsj.com
1 sts3.wsj.net www.wsj.com
1 apis.google.com www.wsj.com
1 z.moatads.com www.wsj.com
1 us.tags.newscgp.com www.wsj.com
1 segment-data.zqtk.net www.wsj.com
1 url9274.cyberheistnews.com 1 redirects
179 50
Subject Issuer Validity Valid
www.wsj.com
Amazon		 2021-11-01 -
2022-11-30		 a year crt.sh
*.zqtk.net
Amazon		 2021-08-17 -
2022-09-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
us.tags.newscgp.com
Amazon		 2022-04-06 -
2023-05-04		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
sts3.wsj.net
Amazon		 2021-11-03 -
2022-12-02		 a year crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
asset.barrons.com
Amazon		 2021-11-01 -
2022-11-30		 a year crt.sh
images.wsj.net
Amazon		 2021-10-25 -
2022-11-22		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.privacy-mgmt.com
R3		 2022-05-21 -
2022-08-19		 3 months crt.sh
ssl.wsj.com
GeoTrust RSA CA 2018		 2021-08-31 -
2022-08-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
accounts.dowjones.com
Amazon		 2022-03-09 -
2023-04-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adlightning.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
securedvisit.com
Amazon		 2021-11-30 -
2022-12-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-17 -
2023-04-17		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
cl.qualaroo.com
R3		 2022-05-27 -
2022-08-25		 3 months crt.sh
vidora.com
R3		 2022-05-28 -
2022-08-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
s.wsj.net
Amazon		 2021-11-01 -
2022-11-30		 a year crt.sh
dntcl.qualaroo.com
R3		 2022-06-05 -
2022-09-03		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
bluegrass.mktdata.dowjones.io
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
video-api.shdsvc.dowjones.io
Amazon		 2022-03-31 -
2023-04-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
oms.dowjoneson.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-08 -
2023-02-08		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh

This page contains 8 frames:

Primary Page: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Frame ID: FAF8ECCC708E78D26740F0797E59C24D
Requests: 146 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?message_id=524524&consentUUID=fdca4211-501e-472c-b0fb-624bbf888a23&requestUUID=9fb5e478-55ff-45ea-854e-30f05f13bdb5&preload_message=true&consentLanguage=en
Frame ID: D2FD7A9B9C01CC744EF964EB8C6B1CA6
Requests: 7 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=459618&publicationId=wsj.com
Frame ID: C37084C8A663DC43ED51E5F21F5C4553
Requests: 16 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 06585F007C7D398B407F032F2D785FBF
Requests: 4 HTTP requests in this frame

Frame: https://dntcl.qualaroo.com/frame.html
Frame ID: 9E1C6641CAFDFA2DB873638A5F379449
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 5D3B43872B9D728DB79E6FAF21F0C346
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7B413919CDDA8E6BF6F62588ED5E9DBB
Requests: 1 HTTP requests in this frame

Frame: https://dowjones.demdex.net/dest5.html?d_nsid=0
Frame ID: 05A7810D83176300206E0F2C4F6B93E0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Russia-Linked Ransomware Groups Are Changing Tactics to Dodge Crackdowns - WSJ

Page URL History Show full URLs

  1. http://url9274.cyberheistnews.com/ls/click?upn=Uamt9mHsVnKn91os22RmxKhZ1Mj-2FHyLt46jPDKxRP3ZAtNYid89UVmVpXakoD... HTTP 302
    https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crack... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <meta[^>]*google-signin-client_id
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com

Page Statistics

179
Requests

98 %
HTTPS

33 %
IPv6

32
Domains

50
Subdomains

44
IPs

6
Countries

4078 kB
Transfer

11930 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://url9274.cyberheistnews.com/ls/click?upn=Uamt9mHsVnKn91os22RmxKhZ1Mj-2FHyLt46jPDKxRP3ZAtNYid89UVmVpXakoD9FJHLAuDDUsnbOs5RaGVJsPu2DT72BwIbO7zpFmKgepcuqsnace1fj8TWjdbR8v7OFsaeqfjmDKaIBaC-2Bk693X2QfhvTTnZ5VGRpD1MJtyu4cc-3DBuE2_PxPRZMFOYN-2B6ymCnruQppjfCLeRJ7Qsmtz0jZyxCMZ-2BlQiuLa2eB1QmwhRJVII5CdjuK3pJ6Un1oDEwFmoJmgVDozcfZGE3-2F-2FtwUwBm7crjThiVjlUrXyPOILGPoWk32AIVxXs5NLyB-2FKgy6DCUevLGUa5XSaPy3ukYANjpUer4sdLA4e6PkEVBqs5RrP2IRPYVqkOo6X6RpEI5-2FTswdlKgBnZngNkFQtGVhM9qg5OhKfOdZdKaA9yS1JN-2BPWHWs7LJPCTB0QoVHSlaVuhUISD-2B4pE05SwmLciPm6FOx1RVzyfj-2Fhvtlr85vBOHFm35iX9Lv2d9ORyZ0eYLtcus3uCGnoSNoDSscJFFsLRtch444EcBo314Al2BsnnFCaJSo15-2FP2bwFDbBgTAI4De3IXkrs3ltYGELGdjw-2Fq4pzGJ91TjQVJN2dZm4-2FbIlnQT87pOW3AO-2BZ-2FmnklWUc-2BnP0nV5MyfRzON8re1CNkQ1yn4-2FK13TqM5uVC2QYH7ICsSPfmZYWZO0YNX01TKgmdBui7HMzPDpQNe7NOVC-2BGD9qputQGNvaXQjcv8d-2ByOBc49SkCvYHF0PELUXzeERmsN-2B2BDCrtq-2FpOVUYnbcqWg1or1Vrg2xpFegr9qU9vOcsexhpErqoZKBgG0NQjw1XI63ToOP48lXv7c8TD-2B53W0QsAqc2nnlI354AJe5J6zObMIwZnBEWuhllefm0oL6hBisLCTIlbqZZa1xWK-2FdftUOy5d20OY4aYmQZM5YbLFlwYt096DVzVxjKZ3GEs8Fv5f1zqvajRqIxMmA4LIL1meTxo4zZqyKTh0nIb1lxv4Ljbuu2NXNqePDaBFIX0yAqoo3L4ZFLeMi7Ao8duLsN3nAsRwuAj0O1Jhwo-2BYUZDU7r2d1sb2ptnigak721rHp81EyxNKg-2FcIHBgr7BRDGuNXT5cObOxd-2FDf8Qq7PupfsAXRST-2FWW7RKgy9gfNWCk6J2xfiJcSDmLR9vNE4GNHY8kHwOGSNpSotvFnozEYwCHxcvd-2F3bskr9QCs0V-2FqznmP2FOPvHhwgjCz65qDQa4isw5-2BThH5gUp0RTxVn03fvnIIwvxgySHpJpI39I2VVH-2B21hAhELLyRdSAxELKxWhjvOWL-2BVw-3D HTTP 302
    https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 168
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CB68E4BA55144CAA0A4C98A5%40AdobeOrg&d_nsid=0&ts=1654626707846 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CB68E4BA55144CAA0A4C98A5%40AdobeOrg&d_nsid=0&ts=1654626707846
Request Chain 180
  • https://cm.everesttech.net/cm/dd?d_uuid=79881919013703691033062505381183092020 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yp_ZlAAAAF2dzwMx
Request Chain 181
  • https://cm.everesttech.net/cm/dd?d_uuid=39561299241864556681069876428853764235 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yp_ZlAAAAF_38wOJ

179 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
www.wsj.com/articles/
Redirect Chain
  • http://url9274.cyberheistnews.com/ls/click?upn=Uamt9mHsVnKn91os22RmxKhZ1Mj-2FHyLt46jPDKxRP3ZAtNYid89UVmVpXakoD9FJHLAuDDUsnbOs5RaGVJsPu2DT72BwIbO7zpFmKgepcuqsnace1fj8TWjdbR8v7OFsaeqfjmDKaIBaC-2Bk693...
  • https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
807 KB
165 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1ce2a3c8bdb62430fcf57ff2052ce9153adcc0d56b2a657efc7e0a567b5cef1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 07 Jun 2022 18:31:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
nginx
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
x-amz-cf-id
d-QYQKEHUhnHX495KbMK4oNscNpt92qMT7vtu2zYqme9JBs_5Ltmzw==
x-amz-cf-pop
FRA2-C2
x-article-template
full
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-info-template
wsj_resp_article_16u
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
136
Content-Type
text/html; charset=utf-8
Date
Tue, 07 Jun 2022 18:31:45 GMT
Location
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Server
nginx
X-Robots-Tag
noindex, nofollow
ace.min.js
www.wsj.com/asset/ace/ 		70 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/asset/ace/ace.min.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
50417f2cd8521fb1f672e3bb87c6f63777b994ee05372790200174e57062d35e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 18 May 2022 14:50:32 GMT
content-encoding
br
last-modified
Wed, 18 May 2022 14:50:24 GMT
server
AmazonS3
age
1741274
etag
W/"b8fe08c20e75daf46c39832ca24accf2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
.JJmQ1FK0EpyWarE7e06OxG7B6FMBV3e
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA2-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
suo5gDIVeB9o-bnee3eecMJk--eFIjj4zgcv2qNhi4PCwfKgw0YOtA==
dowjones-d8s23j
segment-data.zqtk.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://segment-data.zqtk.net/dowjones-d8s23j?url=https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.42.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-42-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
686eaa4284b6d9f12ba07c7c69cf3b97c51c54caedfe533ddb2b57b0c3780c98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 18:31:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Jun 2022 16:02:39 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=423053
Connection
keep-alive
Expires
Sun, 12 Jun 2022 16:02:39 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
e25ed47760171cb2efa98c9de195db1ff71ea9691327c4053ea8b76c7d6e269c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:31:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28121
x-xss-protection
0
server
sffe
etag
"1238 / 344 of 1000 / last-modified: 1654599911"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 07 Jun 2022 18:31:45 GMT
pb.js
us.tags.newscgp.com/prod/prebid/wsj/ 		551 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.tags.newscgp.com/prod/prebid/wsj/pb.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-49.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a859b80f64be563d5e8f79f7a54b8e679f9afde8b51607961e7abe2863b7ed4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 18:16:25 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 23 Feb 2022 20:14:37 GMT
Server
AmazonS3
Age
954
ETag
W/"21390b2ae949a5914b68a9db9ae56777"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
apy4gEfYve55lw100D77sirZqhnp-NYZZvsWqpE2b1eG-2r8-sWnnA==
moatheader.js
z.moatads.com/dowjonesheader64568365681/ 		221 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/dowjonesheader64568365681/moatheader.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
716a2ff510d84b544ada9d563b5713401aa5736f6a2cf91b309bbad418231eab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:31:45 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 17:45:26 GMT
server
AmazonS3
x-amz-request-id
QHYCMXXFZRFAYAZP
etag
"02e7389d4058b9639b4b47c36ff3d3d1"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=62197
accept-ranges
bytes
content-length
79751
x-amz-id-2
AeaC+d0KOcMwXNXgx/50LcYJDjcyfkGYY4E/sIE8Hpfs6t7Px+NX3zybtcWLqRXNKucIkbiihrY=
uac.min.1.0.40.js
www.wsj.com/asset/ace/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/asset/ace/uac.min.1.0.40.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a68ce1b17e2aeccd2a267d19e1a2a3c1f345b1555022484d85013f04c0a8af83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 18 May 2022 14:50:33 GMT
content-encoding
br
last-modified
Wed, 18 May 2022 14:30:23 GMT
server
AmazonS3
age
1741273
etag
W/"355a0b8d0a6e2d54a0ac62c49ca86d6c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
63f9cLIaNbEg0rlvdaV5Qstl4UDuTpki
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
zcP2PyrZH5FASlKbjsPIc2dGcm8URLg2CLU6_qLi8HB9V_XR-2Z-Rg==
djcmp.min.1.0.18.js
www.wsj.com/asset/ace/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/asset/ace/djcmp.min.1.0.18.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e24d8d4e91e562732232a828cbdccb64e7d3776be718e36428385c6846536c20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 13:40:27 GMT
content-encoding
br
last-modified
Tue, 26 Apr 2022 15:52:57 GMT
server
AmazonS3
age
3559879
etag
W/"75bbc12e0d59d355da890272c0518fc2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
W7rPhmmQqDeU4NnX51CtkDw8ZW47VIu7
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
SdjnDWrb60_1esE1Aru4cFvjHz5PZMT6WwQVNFzlfTTEoEGlZR4XVA==
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1eabadac42cf734244db7ffc1ccbe12580ef8574ca267ca2f106439d9eb6169e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 07 Jun 2022 17:45:32 GMT
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront), 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
last-modified
Tue, 24 May 2022 19:53:04 GMT
server
AmazonS3
age
2774
etag
W/"cc07895b7b7c30a55c948b849ccd5e56"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P6
content-encoding
gzip
x-amz-cf-id
5akP5dy0XziixFFC_QuekQJf3dbfR-7y3xt2yZBOTERWEEAv_dehQQ==
Retina-Book.woff2
www.wsj.com/fonts/woffs/retina/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/fonts/woffs/retina/Retina-Book.woff2
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f991604789d1e2850a2fa69278386e36cce9e05a2b90c1c71abcd29c931c2373

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:32:31 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
2865555
x-cache
Hit from cloudfront
content-length
47100
last-modified
Tue, 08 Oct 2019 21:42:55 GMT
server
AmazonS3
etag
"7033b8f58054f0180c90a32395faf73c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
dcIVMA--Yu4Ualicj-DgR1mQDw7qbprpV-w_890qL35G56GRLRyiWA==
Retina-Light.woff2
www.wsj.com/fonts/woffs/retina/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/fonts/woffs/retina/Retina-Light.woff2
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
51547de25ed0756832e259e8eac96c8b4b999c54b85f5a4cc40b2ab7e0f33043

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:32:31 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
2865555
x-cache
Hit from cloudfront
content-length
47072
last-modified
Tue, 08 Oct 2019 21:42:55 GMT
server
AmazonS3
etag
"1e6c88800c670f9ee8bf0e2edb9b873f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
xvvrlxwppFV2JT46DCc1V2RwH8mV3tF8ztbNBbKvnf2GMkwEy_LQFg==
Retina-Medium.woff2
www.wsj.com/fonts/woffs/retina/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/fonts/woffs/retina/Retina-Medium.woff2
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27fd73dee5596813bbd6282a821926ae6cd1281f9736d98943a1deb6955608ee

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:32:31 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
2865555
x-cache
Hit from cloudfront
content-length
47552
last-modified
Tue, 08 Oct 2019 21:42:55 GMT
server
AmazonS3
etag
"87ae136546f1829642c68aa7d5bca0d4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
_sOg8O7ppTq6iojuDQ6i8_nytYRPJ5CrBLkaX3b1DwRZePriZxMqQA==
RetinaNarr-Light.woff2
www.wsj.com/fonts/woffs/retina/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/fonts/woffs/retina/RetinaNarr-Light.woff2
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ad4a9b9e1d7bda32834af951eadbe33f30183272a09c596febf458d07cfa916

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:32:31 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
2865555
x-cache
Hit from cloudfront
content-length
46896
last-modified
Tue, 08 Oct 2019 21:42:56 GMT
server
AmazonS3
etag
"24c68ac27c209da5c83d10b3038c17af"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
URd7SR0j5pM2zbyrWOVTxPT2TuzOZWbCL-siPw3fPmNxTKhZ0DGa8g==
RetinaNarr-Book.woff2
www.wsj.com/fonts/woffs/retina/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/fonts/woffs/retina/RetinaNarr-Book.woff2
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
497f169256ff4f0af835f665a2d105f02e0f12bf078572d12dcbaf6d25328b8d

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:32:31 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
2865555
x-cache
Hit from cloudfront
content-length
47636
last-modified
Tue, 08 Oct 2019 21:42:56 GMT
server
AmazonS3
etag
"0606fb011eb4f71a05f334a661a66c71"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
AuTlVjVJpQpCdGA-lcR0QM-wXx_A8oboZHj-OyMik2G9dja-gvymyQ==
RetinaNarr-Medium.woff2
www.wsj.com/fonts/woffs/retina/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/fonts/woffs/retina/RetinaNarr-Medium.woff2
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d415c84ae3caeab1ef04300f0e9358fde343c99c434645337c0bde0d143d65c

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 03:16:45 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
1005301
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
content-length
47236
last-modified
Tue, 03 May 2022 16:27:06 GMT
server
AmazonS3
etag
"e08c459a519315fcc6b4a26d2b6c8a4a"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
5ZXdiqhpf5.y9hoyr7yqbHGsX4YUZcEc
access-control-allow-origin
*
access-control-expose-headers
ETag
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
font/woff2
x-amz-cf-id
uQVeZcCVWDCYxLc-9iceY7B6K3G0vua0zYfAa4Di7fiizpiGbBc2pA==
RetinaNarr-MediumItalic.woff2
www.wsj.com/fonts/woffs/retina/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/fonts/woffs/retina/RetinaNarr-MediumItalic.woff2
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c337f9794d78976b5880cd58f4d0c0970d605ed10dc881ee332fc6ddc1a26a1

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:32:39 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
2865547
x-cache
Hit from cloudfront
content-length
48600
last-modified
Tue, 08 Oct 2019 21:42:56 GMT
server
AmazonS3
etag
"c9d644bf4a30571ca7736aca3f99d570"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
KblLfrrGLbaRo2HQEwCyEra3aszgQdgqhz83ieNYlTNHDNZ4hbXaqQ==
RetinaNarr-Bold.woff2
www.wsj.com/fonts/woffs/retina/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/fonts/woffs/retina/RetinaNarr-Bold.woff2
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b79b2cf11707054066850ee05de2f625d9914558836d3065c20e7f9776440ff6

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:32:31 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
2865555
x-cache
Hit from cloudfront
content-length
48832
last-modified
Tue, 08 Oct 2019 21:42:55 GMT
server
AmazonS3
etag
"1e2cba1400e0fea01e7634dc03f91399"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
JI58XFBwL2V_hg4KIpuO1sKZav5WN3DyiZlzuf-naLbu_nqB-oOgpw==
RetinaWideLight.woff2
www.wsj.com/fonts/woffs/retina/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/fonts/woffs/retina/RetinaWideLight.woff2
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a58836a49ebe0506fa0b0e06dc47085eeff922c34aa9be92c2312ed64c14b99

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:32:43 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
2865543
x-cache
Hit from cloudfront
content-length
28616
last-modified
Tue, 08 Oct 2019 21:42:56 GMT
server
AmazonS3
etag
"21174c7f2ca8a724ecc9cf3b6f8a5ea7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
hyjhZxogQlwpjrrhXt471g4Ivl4NtYkJ_TpBp3OgaCztzwVrCfHiZw==
Escrow+Display+Condensed+Bold.woff2
www.wsj.com/fonts/woffs/escrow/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/fonts/woffs/escrow/Escrow+Display+Condensed+Bold.woff2
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38a583de4c9a85114ea0d3811417028bd25ca29b2eed3f84372822c527d01ca6

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:32:31 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
2865555
x-cache
Hit from cloudfront
content-length
26844
last-modified
Tue, 08 Oct 2019 21:42:54 GMT
server
AmazonS3
etag
"7c442e963b2fb63c4cb6fcad8abde902"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
fFpsDBYin9ey7tXlMlA405FqSsjCqf9PZRaoBOQ2ueMm5cTJgHLAoQ==
Escrow+Display+Condensed+Roman.woff2
www.wsj.com/fonts/woffs/escrow/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/fonts/woffs/escrow/Escrow+Display+Condensed+Roman.woff2
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30f50c27fb65c2f79bda64a7f209fd8af7abace857ade7dc29e9539587ace1a2

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:32:31 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
2865555
x-cache
Hit from cloudfront
content-length
25736
last-modified
Tue, 08 Oct 2019 21:42:54 GMT
server
AmazonS3
etag
"10ea31224c1480796a64d3dc474588d8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
BFxj2oa-ySF2s41DqHpc2PrRZ94sL-rGJH4FrEgoWPH67fMvrxk7qA==
Escrow+Display+Condensed+Italic.woff2
www.wsj.com/fonts/woffs/escrow/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/fonts/woffs/escrow/Escrow+Display+Condensed+Italic.woff2
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bfda38967e02f468abcb39f9ee8c1a0eab48b2a2be819e76fd313c71e1cc94c

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 16 May 2022 02:06:14 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
1959932
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
content-length
25824
last-modified
Tue, 03 May 2022 16:27:00 GMT
server
AmazonS3
etag
"f8b4dab12479d584ff82a1bdeeee1d1b"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
OVc6EoKtNn4yIp0IsszG9uoTWfs8BVGw
access-control-allow-origin
*
access-control-expose-headers
ETag
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
font/woff2
x-amz-cf-id
hnB9nqTA2_7JkWijT4vmSfSbScDKs3EdPss_vGwPe5_yIN-5U2lcLQ==
Exchange-Book.woff2
www.wsj.com/fonts/woffs/exchange/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/fonts/woffs/exchange/Exchange-Book.woff2
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a760ad2462e5115efb1336e598dd00a47072606dedbdb0bb0f75747529228f7

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:32:31 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
2865555
x-cache
Hit from cloudfront
content-length
63957
last-modified
Tue, 08 Oct 2019 21:42:54 GMT
server
AmazonS3
etag
"0c40a7ae21908c50dab61ba01d106deb"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
Tm1yuQD0AYCgDcu2E9xaskb15ZlyZwz66UPjM4xbqB1t2Wb17sd-gA==
Exchange-BookItalic.woff2
www.wsj.com/fonts/woffs/exchange/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/fonts/woffs/exchange/Exchange-BookItalic.woff2
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec5aef56172acb4f9cc7a533d8846bd6f4c12a8bb635321299d375c3a986095d

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:32:32 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
2865554
x-cache
Hit from cloudfront
content-length
66893
last-modified
Tue, 08 Oct 2019 21:42:54 GMT
server
AmazonS3
etag
"f5141e1492b8d073c44e43cc202d6ffe"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
4C4cFXUwnUSOqkEQgnzshZTN3JPc7q3L0_YVyIDjSY1evg2o7yOGiw==
Exchange-Medium.woff2
www.wsj.com/fonts/woffs/exchange/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/fonts/woffs/exchange/Exchange-Medium.woff2
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b3dafb879aa963cc146639ed50803bb8496968027f35dba28d1e39d0b5ed17d

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 19 May 2022 06:11:29 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
1686017
x-cache
Hit from cloudfront
x-amz-replication-status
REPLICA
content-length
65365
last-modified
Tue, 03 May 2022 16:27:01 GMT
server
AmazonS3
etag
"a2f3390fa1439393209fdbf0864bfbfb"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
cMeuOZRmYGtVhZcGxOvF_Nx1idm2wMty
access-control-allow-origin
*
access-control-expose-headers
ETag
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
font/woff2
x-amz-cf-id
vo95aw2SjAxix-jyT8kwCy4-n2bsl5uA2hkL5W6iV1P2pJzD0LfkFw==
swg.js
news.google.com/swg/js/v1/ 		145 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
101f31de0eb17963d25d2316735d684823b5e8b12c13fada3f3b719cd8ba8b3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 17:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2378
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45844
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 21:03:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Jun 2022 18:42:07 GMT
swg-gaa.js
news.google.com/swg/js/v1/ 		70 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-gaa.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdfe4850c2e1cf74ec48f4b471e58129afd5ced7035cd9c5313658523abd6974
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:22:12 GMT
x-content-type-options
nosniff
age
573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72106
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 21:03:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Jun 2022 19:12:12 GMT
platform.js
apis.google.com/js/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90f0e51c14f3f2b7f591db5a8f4738e9fbe89da7695921f57efd73c0454f0b52
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20319
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Tue, 07 Jun 2022 18:31:45 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"9272bf7c23b70f7b"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jun 2022 18:31:45 GMT
cxense-candy.js
sts3.wsj.net/iweb/static_html_files/ 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sts3.wsj.net/iweb/static_html_files/cxense-candy.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-105.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45687ee74e37aca947c00f003297e6497a6b83f2fc22f86d4faaaba803ecefc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 17:43:31 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 18:05:39 GMT
server
AmazonS3
age
1039695
etag
W/"98ecb64bebfe54792d6370d3120fc3f5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
xukqnd7wnjZlCJ_BLprJ6sOpBTfv6QeT
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
x-amz-replication-status
REPLICA
x-amz-cf-pop
FRA2-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
XZ31kgrA4d6--BL8nK73aunEuNvunX1AQnjJeAfcyMcBaMF3l4FO3g==
evi.js
s3.amazonaws.com/ki.js/46075/ 		377 B
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/ki.js/46075/evi.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.136.248 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
428e345114b5c47392b4afcef76e6a68cb67fac10ef9a4ae2eba20d1573c35d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 18:31:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Aug 2020 14:07:26 GMT
Server
AmazonS3
x-amz-request-id
NPA22NH1678BCAWN
ETag
"1404867bd564ae9a063eb1794c31f15a"
Content-Type
application/ecmascript
Cache-Control
s-maxage=3600, max-age=0
Accept-Ranges
bytes
Content-Length
293
x-amz-id-2
HYw0sJyjjiRPWQKp9Qrdx5ZtrRQ9K8bOl+7b1wqQoFz2lvxycZP4/KHOLRuvXTS4QrMRFsXjgIs=
wrapperMessagingWithoutDetection.1.0.7.js
www.wsj.com/asset/ace/ 		0
41 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/asset/ace/wrapperMessagingWithoutDetection.1.0.7.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 02:56:36 GMT
content-encoding
br
last-modified
Thu, 03 Feb 2022 18:44:01 GMT
server
AmazonS3
age
401710
etag
W/"128d707f6a1d93162de889b18d32e792"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
2pvi81G6vECcwjOjObGnR63_yFtu4XG8
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
LsYqYdxaK8McvrO4SkdmZHXkJlFNJHm8qASKYWMh_bRmklTwz8aHag==
wrapperMessagingWithoutDetection.1.0.7.js
www.wsj.com/asset/ace/ 		153 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/asset/ace/wrapperMessagingWithoutDetection.1.0.7.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d858a3dbb03600e19a60079cb0aefd2d3ade061f28bc40d457bb46a3cf0ff84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 02:56:36 GMT
content-encoding
br
last-modified
Thu, 03 Feb 2022 18:44:01 GMT
server
AmazonS3
age
401710
etag
W/"128d707f6a1d93162de889b18d32e792"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
2pvi81G6vECcwjOjObGnR63_yFtu4XG8
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
Jdemwomqdn0UDct-T_dM2ZXNjZGXoZMJUu2AfUC1DyIp5N5JGFYCGw==
wsj-logo-big-black.165e51ccda3d.svg
asset.barrons.com/article/public/img/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.barrons.com/article/public/img/wsj-logo-big-black.165e51ccda3d.svg
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd6e1b047c6ff55df32853dc017dfc0d353027c8b5f564f8b06584bff654642a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 06:51:33 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 02:37:30 GMT
server
AmazonS3
age
5485213
etag
W/"165e51ccda3da1ace8ad7d40e81a7485"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
1KRfWQhd_UCoEkDNlTNXBn4nmvWzDcK6c0Ax3biuYjOgbnIBDM2EWg==
/
images.wsj.net/im-519083/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-519083/?size=1.5
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHIS
Resource Hash
9dd53cadfbf66ce7e9c8e791a0ae8aeafa53a890ed726e53b851a2687fc1a49b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 02:23:06 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
58119
x-powered-by
PHIS
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-519083,nrtools.im.prod.im-519083_1280x853
phis
imu-20220405214151147
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
q-_tQR4pi6f4qzsqfDBAiWX9YoVkxg2sp_oDyo7Iekl83UOc_baSgg==
v2
mb.moatads.com/yi/ 		510 B
683 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98gkmP%3DKb%2CUC%24%26Qz9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-BQXoISVmV38nsW5MfUWeGV63nryfnddNoioPRu3B0baut%2Ba5pbr0xUE%3D&rs=1-csYy9DU1N6KUTA%3D%3D&sc=1&os=1-dg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.wsj.com%2Farticles%2Frussia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400&pcode=dowjonesheader64568365681&rx=36395975927&callback=MoatNadoAllJsonpRequest_33856878
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/dowjonesheader64568365681/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.253.44 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-253-44.eu-west-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
755d13ecd7388260dd8e2f8a1f587e0ee5e8119c3748b5f308f8c983c068d15a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:31:46 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"119811356f96c16259d7601c8140eb29c6069940"
content-length
510
content-type
text/html; charset=UTF-8
n.js
geo.moatads.com/ 		86 B
259 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B98gkmP%3DKb%2CUC%24%26Qz9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-BQXoISVmV38nsW5MfUWeGV63nryfnddNoioPRu3B0baut%2Ba5pbr0xUE%3D&rs=1-csYy9DU1N6KUTA%3D%3D&sc=1&os=1-dg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=DOWJONES_HEADER1&hp=1&wf=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1654626705889&de=470304254086&rx=36395975927&m=0&ar=750ac7f1444-clean&iw=cca232e&q=1&cb=0&cu=1654626705889&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRC=1&gu=https%3A%2F%2Fwww.wsj.com%2Farticles%2Frussia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=dowjonesheader64568365681&fd=1&ac=1&it=500&pe=1%3A831%3A831%3A0%3A0&fs=198943&na=1044308865&cs=0&callback=MoatDataJsonpRequest_33856878
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/dowjonesheader64568365681/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.253.44 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-253-44.eu-west-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
47ac7224dae73ee65715e8ce609f19b965e33e34908d3c493f67a14b7ed2b948

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:31:46 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"5c50daa4dabb7ab482bcc1e9aa9338ee96beadf9"
content-length
86
content-type
text/html; charset=UTF-8
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
rJc1WQUAqhvSMPW5pAnZljyS35FriyaP
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
58694
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 02 Jun 2022 00:57:09 GMT
server
AmazonS3
date
Tue, 07 Jun 2022 02:41:54 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
qulPcANgvzzj1eKqgU14V7p2X2MKFNk_JVend419cWXweUo9U0xsxw==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3482&u=https%3A%2F%2Fwww.wsj.com
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d120a857812a3e13d55b8532a3d7d078db890246c529b81cc571e7d1d6d06adf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:31:45 GMT
via
1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wsj.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1263
x-amz-cf-id
9074BaXhwdWGqt4ig2CblFRbRNf1jrxkn6t8x4wq4kS8YPvASI5qXQ==
im-555921
images.wsj.net/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-555921?width=300&size=1
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHIS
Resource Hash
90ac2f81611c458309bf3386cdfd89232953170c539c8c6f8190d90baf08a586
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 14:00:12 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
448293
x-powered-by
PHIS
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-555921,nrtools.im.prod.im-555921_300x300
phis
81701656
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
JUhmA6kFyBSdolQ25jcLPIfdojktbA3udp5uLC5jJyjuYqUfbgYS4Q==
pubads_impl_2022060201.js
securepubads.g.doubleclick.net/gpt/ 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
3fef2bb487a75c68deb09f1bb519592f7688129de30f665c72d577df95c102a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
554
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126885
x-xss-protection
0
last-modified
Thu, 02 Jun 2022 08:36:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 07 Jun 2023 18:22:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		580 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wsj.com
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
0d822017f60343257c897877615706808054cfbed8f53ccad98dcd26d2639aad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Jun 2022 18:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
213
x-xss-protection
0
expires
Tue, 07 Jun 2022 18:31:46 GMT
im-557801
images.wsj.net/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-557801?width=111&height=62
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHIS
Resource Hash
1c17d4859b5965703016da80abffa3b5b67016017143c9a4d1673f9ca636aeb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:48:54 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
92572
x-powered-by
PHIS
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-557801,nrtools.im.prod.im-557801_111x62
phis
imu-20220605145753089
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
YHXrdkyaz0xUh6vi2TwtBF1MXfzzjmkrvOAwvs8SzZXPMtfwMfX7Ew==
im-558360
images.wsj.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-558360?width=111&height=62
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHIS
Resource Hash
af185a8c04134f7066d522f44998c73a7019e338d383373ff88c65e60c098e42
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 11:19:33 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
25933
x-powered-by
PHIS
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-558360,nrtools.im.prod.im-558360_111x62
phis
81626175
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
pTP18KnQFhtESxuXvdsapsU9kfaYwk5NTdfHaktXMthrBUk5L25M7A==
im-557834
images.wsj.net/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-557834?width=111&height=62
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Image Pipeline
Resource Hash
e9c7526ec3a5c04c910452e15c7a384a95b3c6925486b9204d4ffd621eaf443f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

imagepipeline
20220605-193552-b2645616-38df-4d74-bbac-84e0d6cbe3ce-wsj
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
94946
x-powered-by
Image Pipeline
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-557834,nrtools.im.prod.im-557834_111x62
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
date
Mon, 06 Jun 2022 16:09:20 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
cbL8ig6kQLC1k6hob0cNqCZCYuh6v5DI-Jp9tl-13fUVPC3Bg9BIaw==
im-558038
images.wsj.net/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-558038?width=111&height=62
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHIS
Resource Hash
d394e2541057139262ca3d045e0853f8df74d6c5a921db32bf414bbe4233d5fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 20:05:10 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
80796
x-powered-by
PHIS
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-558038,nrtools.im.prod.im-558038_111x62
phis
81408155
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
FrUCFgZM4RK9yPpF8Is2IZ1DftI4ECBuYwAKAVFHlAMlMniavmVTKA==
im-557996
images.wsj.net/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-557996?width=111&height=62
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHIS
Resource Hash
573819ae58c176ff238c399cadd5beb93419f743b675274ff2326b13c7fdf84b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:04:23 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
95243
x-powered-by
PHIS
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-557996,nrtools.im.prod.im-557996_111x62
phis
81453558
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
AOSqSOWKeOxmLG6pMKSqMQzIa0dJkjrlSxHwJe53dDuluAFu4rdkTQ==
im-557878
images.wsj.net/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-557878?width=111&height=62
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Image Pipeline
Resource Hash
1621e9e820a678588688774d9f1b3cd8352208db0de317e73635fed4a34df3bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

imagepipeline
20220606-010529-6367a9e1-6dd8-4403-a932-f8f6d4778d46-wsj
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
107088
x-powered-by
Image Pipeline
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-557878,nrtools.im.prod.im-557878_111x62
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
date
Mon, 06 Jun 2022 12:46:58 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
MbyL8vjYTmgSSBGawSoeGNZAJFVaidko_A39RVPODIM0MQnkPyWzuQ==
im-558549
images.wsj.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-558549?width=111&height=62
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHIS
Resource Hash
b20d6977febb2f43faa4fb544ce570474e24120b0ab97806f53254681712ec2b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 23:08:54 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
69772
x-powered-by
PHIS
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-558549,nrtools.im.prod.im-558549_111x62
phis
81386940
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
oxBBHqxvfhzLnXHMCEoGPSShUPKEJbdsM496eTJkNPf1bSoTQ7d9-g==
im-558546
images.wsj.net/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-558546?width=111&height=62
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHIS
Resource Hash
6cedfbf1ed30372e4c4ee33a376b3126170c883e2fd6438fccae0e7249bf4251
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:34:27 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
17839
x-powered-by
PHIS
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-558546,nrtools.im.prod.im-558546_111x62
phis
imu-20220606221152712
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
DOX4TWbGOyuD_1FHpL5I7YgWMj5ZqCyePdfR4BNnLPuqMjkhR7RT_g==
im-558560
images.wsj.net/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-558560?width=111&height=62
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHIS
Resource Hash
887de9d5addaa27f38c1014fdb7f42e7f36dd3df590ba77284500b043a93e0c8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 23:08:58 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
69768
x-powered-by
PHIS
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-558560,nrtools.im.prod.im-558560_111x62
phis
81811823
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
hIR18Jztbk8wyoPuwhtSsUgu7i8i8l68Xo-xdF1V5qGnQa5NVFzMlA==
im-557855
images.wsj.net/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-557855?width=111&height=62
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHIS
Resource Hash
818af5a4769e3c17b6fb72d22039497985a5fb7fce1607addd5eb2d0ad403f0b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 15:05:31 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
12375
x-powered-by
PHIS
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-557855,nrtools.im.prod.im-557855_111x62
phis
80892065
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
rmDLfjdWT8DsBW5VeQVP0OVTrgcxGAuqWKdRfgMNpU0bvOIGEIM7_Q==
im-557830
images.wsj.net/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-557830?width=167&height=94
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHIS
Resource Hash
e44c2bd3fcb63252c32533649842ac8c811d263623b726c25b28f5427d23dcff
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 18:47:30 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
171856
x-powered-by
PHIS
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-557830,nrtools.im.prod.im-557830_167x94
phis
imu-20220605182226773
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Ze8bE_1sg0FskgSv9wVEfB3Yy9nH1u5O3ayykDvIUAwJObtn4mwd3A==
im-557662
images.wsj.net/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-557662?width=167&height=94
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHIS
Resource Hash
3e42e2f6cd0c93f1e9f5f560d0f430749d4eb5b69adf9ad72a76e73862a26dfc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 10:05:38 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
116768
x-powered-by
PHIS
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-557662,nrtools.im.prod.im-557662_167x94
phis
imu-20220603221117885
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
R2Dtc9lMDdWMoVtwxM3P60suJjZp5R6BRILaseyQH5pNQZ4-jROOEg==
im-557011
images.wsj.net/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-557011?width=167&height=94
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Image Pipeline
Resource Hash
29e8b727553c100c6c857831b061d7eec0728640a7041ace40689629a7032e2a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

imagepipeline
20220603-113743-41f47072-06f5-4f2c-92d4-c9a5c320e388-wsj
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
369633
x-powered-by
Image Pipeline
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-557011,nrtools.im.prod.im-557011_167x94
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
date
Fri, 03 Jun 2022 11:51:13 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Ngi-N_3WkVd_UZKO747-QuH9swc1eARPkD_uoQFOhj-nSTXJdxyEvQ==
im-556974
images.wsj.net/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-556974?width=167&height=94
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHIS
Resource Hash
b2e2386c30486c971132fed14b9d456824f371682c4ff450bed7fb3e4705b6ee
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 09:43:29 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
377297
x-powered-by
PHIS
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-556974,nrtools.im.prod.im-556974_167x94
phis
imu-20220603090437211
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
YZkJP6i9HgsWlXr59xpMbGnucMyTAi0_WTJRIlW7p9h7ItFuIEdjZw==
im-557942
images.wsj.net/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-557942?width=167&height=94
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Image Pipeline
Resource Hash
bd3fe0ec6c3609957a35e25473b78d5512f6ea023615634de1d04a2de4b9f996
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

imagepipeline
20220606-100015-aa400068-a48b-4ea4-b956-8d6d16c25034-wsj
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
112992
x-powered-by
Image Pipeline
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-557942,nrtools.im.prod.im-557942_167x94
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
date
Mon, 06 Jun 2022 11:08:34 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
dfXf85PaK2LIOmuh4sw61jrWijtbIJc3bGfux0uWZKa3gT4sMysuaw==
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:28:34 GMT
x-content-type-options
nosniff
age
192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21972
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Jun 2022 19:18:34 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:28:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Jun 2022 19:18:34 GMT
native-message
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=9fb5e478-55ff-45ea-854e-30f05f13bdb5&hasCsp=true&env=prod&consentLanguage=en&body=%7B%22accountId%22%3A229%2C%22requestUUID%22%3A%229fb5e478-55ff-45ea-854e-30f05f13bdb5%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.wsj.com%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-66.ams1.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.wsj.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
https://www.wsj.com
cache-control
no-cache, no-store
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 07 Jun 2022 18:31:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 8f4bc83dd77c2931f6260310f57dde66.cloudfront.net (CloudFront)
x-amz-cf-id
_j_Ie_R775DiqKaVoR3yDHGpLeeK4017bItPTyBhta6eeyWBpIMJNg==
x-amz-cf-pop
AMS1-P2
x-cache
Miss from cloudfront
x-powered-by
Express
native-message
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ 		197 KB
131 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=9fb5e478-55ff-45ea-854e-30f05f13bdb5&hasCsp=true&env=prod&consentLanguage=en&body=%7B%22accountId%22%3A229%2C%22requestUUID%22%3A%229fb5e478-55ff-45ea-854e-30f05f13bdb5%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.wsj.com%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-66.ams1.r.cloudfront.net
Software
/ Express
Resource Hash
92248331dcaa0a7b3f49aed907a59653f3dca2a4ff01500eb1cedc7f56b05dab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Jun 2022 18:31:46 GMT
content-encoding
gzip
x-amz-cf-pop
AMS1-P2
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.wsj.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
qAUNG3qHy3w4AgQGTXWA9aQgYblij83qGETqUBoLRMDc1wLUO9MveA==
via
1.1 8f4bc83dd77c2931f6260310f57dde66.cloudfront.net (CloudFront)
video.min.js
video-api.wsj.com/api-video/player/v3/js/ 		686 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-api.wsj.com/api-video/player/v3/js/video.min.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.146.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-146-246.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
62c45b235100e790ed2d9bd04fd554b63e0c579285ceeb5554a75f92820b1571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
SSzolF0hYzjEGliK.WWcOdc3asRgDM35
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
7R7FM30S02W6PPX4
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
186248
x-amz-id-2
l9DbLtZmiGWkfofIkh6S4wTLUcJfv5GUwS6TAdCWX/1r43IyBjw0ija3PedHeawbCWlLDJpfw0E=
Last-Modified
Mon, 06 Jun 2022 22:55:47 GMT
Date
Tue, 07 Jun 2022 18:31:46 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
Cache-Control
max-age=3600
ETag
"66f9b87ead10447335151fd6ff20776f"
Accept-Ranges
bytes
Expires
Tue, 07 Jun 2022 19:31:46 GMT
video.min.css
video-api.wsj.com/api-video/player/v3/css/ 		38 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-api.wsj.com/api-video/player/v3/css/video.min.css
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.146.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-146-246.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5e8ddc3d47b171623e642528c007773d9b6ad9544ba2ac36cb96ad437fc0c411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
2C5ybru_5fm28Wm9gKs4tWXZwgbcXB7g
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
7R7A9E3TENNV1PXS
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
8307
x-amz-id-2
Do/l4NbTte43rHElo32kpgYK9zNpA1yymKiCpc2bTgMwG2iXXJVt0AudiHCh8jmyVcrzb+t/HdA=
Last-Modified
Mon, 06 Jun 2022 22:55:41 GMT
Date
Tue, 07 Jun 2022 18:31:46 GMT
Vary
Accept-Encoding
Content-Type
text/css
X-XSS-Protection
1; mode=block
Cache-Control
max-age=3600
ETag
"9aaa976f36c87dc4a102498914f53a98"
Accept-Ranges
bytes
Expires
Tue, 07 Jun 2022 19:31:46 GMT
video.6245432f3801.js
asset.barrons.com/article/public/ 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/video.6245432f3801.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4a68873dd8d566b56a8b2d6223d95effc11ab6edca77f3eb6a512b3a95832a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 19:58:44 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 21:56:30 GMT
server
AmazonS3
age
599583
etag
W/"a56d61034c9aa0e0009a8075153352aa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
qsD7uhBcU13P_IrlFO6HqOAQmCEvvBWsfLVXJFCfurT32BOFWsINUA==
wsj_resp_article_16u.async.c9c0bdbf2ed9.css
asset.barrons.com/article/public/ 		59 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/wsj_resp_article_16u.async.c9c0bdbf2ed9.css
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7ae8a5e0869a1bbd53da87bba843e2508746611c0d669a64a863be91433c766

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 10 May 2022 03:03:35 GMT
content-encoding
gzip
last-modified
Thu, 21 Apr 2022 17:51:37 GMT
server
AmazonS3
age
2474892
etag
W/"864c51e4c7e6f43875463f8e0bcb80a5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
No9eid1cYJbRrfAJJ-uCuUORWDV_XhnDTzvqMygJPsdJoPDhoO4aiQ==
require.min.js
cdnjs.cloudflare.com/ajax/libs/require.js/2.1.14/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/require.js/2.1.14/require.min.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f28aad5e4303e98d21626c1044e8afcba3e8dce789e9c6245084bfc83082503e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:31:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8810827
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5569
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fbf-3b73"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L781mZcsVFiUKP1mogUeIn1vnjAQ0iByBER1eJlDjsl%2BOF15UDAs3H6lIUUbyQaPUFogc35GfmeKEGT4eLNEgNYCcGgti%2Ff4wdodN5w3SSlIOUCr7QqfAjd1a96t4f4R8himCbPrlk6rkLbJ6G4abFm0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
717b77716b869bee-FRA
expires
Sun, 28 May 2023 18:31:46 GMT
runtime.e249ab6e9865.js
asset.barrons.com/article/public/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/runtime.e249ab6e9865.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e99680136631fa481607c9852c9779fe1690536eb234d9c0da59558dd22a13f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 24 May 2022 15:18:11 GMT
content-encoding
br
last-modified
Tue, 24 May 2022 13:59:16 GMT
server
AmazonS3
age
1221216
etag
W/"7aaa6bc7a615a67305f4e38baed13a3c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
_DGPu3rTtWYKfKFVamQB4HEUnkdd3M8aocEpJxIUCkgr4TNLljh1sw==
sso-auth.js
accounts.wsj.com/assets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.wsj.com/assets/sso-auth.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225f:6600:f:5016:900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
8970a5667afeafd5746bf5774ddf7f6f708ee9bcead0ef0cd8520d11e912688e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 00:29:20 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 19:11:43 GMT
server
Apache
age
64946
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3588568928e677ce9bb8aedfd6e0ea04.cloudfront.net (CloudFront)
cache-control
public,max-age=14400
x-amz-cf-pop
TXL50-P2
content-length
1480
x-amz-cf-id
qVYkI_nq_OhzVRQTC4iT3RPFtOU87j_fUzvX_IZg1V8yhc91RISA_g==
wsj.js
www.wsj.com/asset/dj-ufc/loaders/ 		539 B
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/asset/dj-ufc/loaders/wsj.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce2f5e811c78e09a295bb6d3efaf7731875d179b6d210678614d52dd03a4c09e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
GSgTEFulyQgOp7TbVYsF_8.q_Jxeen.G
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
last-modified
Wed, 06 Apr 2022 14:54:20 GMT
server
AmazonS3
age
64
etag
"e7f6945a511b23e712d52072d2b6e456"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=600
date
Tue, 07 Jun 2022 18:31:27 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
539
x-amz-cf-id
lR9PEdZHadXvCRZE39n7fqGZmLCVd2RXmuaKkEvDPgwtPdZoW3rYLA==
ats.js
ats.rlcdn.com/ 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-62.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
gzip
etag
W/"148e21f812b555a13b2a9c6b616141f4"
age
63325
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
date
Tue, 07 Jun 2022 00:56:26 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
via
1.1 c25b1f7aa410c3a4dd235dd71a0d38e8.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
TXL50-P3
content-type
application/x-javascript
x-amz-cf-id
K2ifUOF37xbY7rWqW63lmzwk_-kfTq4ki2yGyJIPMEnLiVSPHRK3Tg==
op.js
tagan.adlightning.com/newscorp-wsj-aps/ 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/newscorp-wsj-aps/op.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-24.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31a3304c43792557464b58897b722cdd3d4527514479cf6fdfd8882d26328adb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
lHYFrUDjWlTXJk6Hl9YMQE6mlMeqmPd5
content-encoding
gzip
etag
"9ccd5997406fc5eeb5a209f1bbc863ef"
age
1215
x-cache
Hit from cloudfront
content-length
17293
x-amz-meta-git_commit
c5c1c29
last-modified
Tue, 07 Jun 2022 16:11:29 GMT
server
AmazonS3
date
Tue, 07 Jun 2022 18:12:36 GMT
content-type
application/javascript
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
gSI83xLlyg0Q_srvIB8wLvBaOZ5wGlw1OxNqvGcFVJ8hIuUVLZPakw==
entitlements
news.google.com/swg/_/api/v1/publication/wsj.com/ 		2 B
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/wsj.com/entitlements
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://www.wsj.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
471fe2996db186a05e20d52b03a8cd99b17f6be67d96603689701019afb84629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
b-c5c1c29-7b631b8a.js
tagan.adlightning.com/newscorp-wsj-aps/ 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/newscorp-wsj-aps/b-c5c1c29-7b631b8a.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-24.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b79733b23be8774a3c3aeb2a7de5ea5a0ee5ec3fe425d8f79b0f5c7f36bf54ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 21:39:10 GMT
content-encoding
gzip
age
4049557
x-cache
Hit from cloudfront
content-length
23585
x-amz-meta-git_commit
c5c1c29
last-modified
Thu, 21 Apr 2022 21:38:44 GMT
server
AmazonS3
etag
"aae60c4cce3b20c63dd595427c306ef8"
x-amz-version-id
zUb5PA0avpTUBIhSMtyKDQc0xXt2wwgP
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
0Jy1TZ508CUCG6ynfqT8ckvSQxDrhFrZ1fwtFr9cIxVnWKs-EKWRvQ==
bl-fe8bb3e-2ec227b2.js
tagan.adlightning.com/newscorp-wsj-aps/ 		43 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/newscorp-wsj-aps/bl-fe8bb3e-2ec227b2.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-24.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ae9dfabd3a82cf3350c556619f2625382755759d1dfbb3b5de22fb59ba07172

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 16:11:33 GMT
content-encoding
gzip
age
8414
x-cache
Hit from cloudfront
content-length
18678
x-amz-meta-git_commit
fe8bb3e
last-modified
Tue, 07 Jun 2022 16:11:06 GMT
server
AmazonS3
etag
"7f4af86e073507c5685788c724bc9c6b"
x-amz-version-id
2YTSgK1bebNG.vbZjZGJkWKnz5gVC1JO
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
sgNQsGArWgXZ0VHT4IJ8-UHNXCaif4ckjDo2D88LoPmAICZY4V32oQ==
/
id.sv.rkdms.com/identity/ 		2 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=DOWJONES&sv_domain=www.wsj.com
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.69.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-69-144.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.wsj.com
date
Tue, 07 Jun 2022 18:31:46 GMT
access-control-allow-credentials
true
server
nginx/1.20.2
content-length
2
vary
Origin
content-type
application/json
identity
api.rlcdn.com/api/ 		0
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope&cv=CPaMdIAPaMdIAAGABCENCSCgAAAAAELAAAYgAAAN1gEgAZABAAE8AR0BBwEIAJ2AYEA-wDdQBwkAMADIATwBHCgAYAGQBHAN1GAAwAMgCOAbqOgBAAZAEcQABAAZAEcSABAAZAEcUgBAAgACeAAA.YAAAAAAAAAAA&ct=4
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 07 Jun 2022 18:31:46 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.wsj.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rid
match.adsrvr.org/track/ 		63 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185780
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
019088f98a0ea33df9005adf19912c2adff736fb0ffd977b911b352e5db6b6a5

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 07 Jun 2022 18:31:46 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.wsj.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 07 Jul 2022 18:31:46 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3482&u=https%3A%2F%2Fwww.wsj.com%2Farticles%2Frussia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400&pid=7VFJEsCQPa2aE&cb=0&ws=1600x1200&v=7.75.0&t=1000&slots=%5B%7B%22sd%22%3A%22AD_L%22%2C%22s%22%3A%5B%22300x250%22%2C%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F2%2Finteractive.wsj.com%2Fpro_cyber%22%7D%5D&gdpre=1&gdprc=CPaMdIAPaMdIAAGABCENCSCgAAAAAELAAAYgAAAN1gEgAZABAAE8AR0BBwEIAJ2AYEA-wDdQBwkAMADIATwBHCgAYAGQBHAN1GAAwAMgCOAbqOgBAAZAEcQABAAZAEcSABAAZAEcUgBAAgACeAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:31:46 GMT
via
1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
9M39ZFCCAEHXFRE94V0E
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.wsj.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
K-JEHIh-ccZjrvN9TFnrRlW3B6ryFFIocz6jMflh30SwacUHwi7jQw==
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3482&u=https%3A%2F%2Fwww.wsj.com%2Farticles%2Frussia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400&pid=7VFJEsCQPa2aE&cb=1&ws=1600x1200&v=7.75.0&t=1000&slots=%5B%7B%22sd%22%3A%22AD_G%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F2%2Finteractive.wsj.com%2Fpro_cyber%22%7D%5D&gdpre=1&gdprc=CPaMdIAPaMdIAAGABCENCSCgAAAAAELAAAYgAAAN1gEgAZABAAE8AR0BBwEIAJ2AYEA-wDdQBwkAMADIATwBHCgAYAGQBHAN1GAAwAMgCOAbqOgBAAZAEcQABAAZAEcSABAAZAEcUgBAAgACeAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:31:46 GMT
via
1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
V0AX1C0B7DN33BRRQSAQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.wsj.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
IXazn3yym9Eg7B4OXBbIRpN6qJu2n7ZMidNmZsFSADXlrQg7WXnpfg==
cx.js
cdn.cxense.com/ 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e882f21f00443d4bd815464bda4aab82c1b0280a8fede958d7e429a5d29cd46f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 18:31:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 May 2022 11:21:30 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26209
Expires
Tue, 07 Jun 2022 19:31:46 GMT
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 18:31:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 19:29:56 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5964
Expires
Tue, 07 Jun 2022 19:31:46 GMT
dj-ufc.esm.js
www.wsj.com/asset/dj-ufc/v1.1.2/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/asset/dj-ufc/v1.1.2/dj-ufc.esm.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a7e14b5df09283ed03dd21b1e5588dfed523d0269f1f48d36c24ada43b46196

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 18:03:15 GMT
content-encoding
br
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
3371312
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
https://www.wsj.com
last-modified
Fri, 04 Mar 2022 22:52:19 GMT
server
AmazonS3
etag
W/"a2d705af3a6c25915248701f97750797"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
WKVaHDW5YRyijJCeMw2pV.BEs3hZVPDv
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
cache-control
public, max-age=31557600, immutable
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
Dli1kPGTJNLb7-Y8tiL0nRo6LcCa-nVqLBJKsJHqEn3Sx7T2-yt8Cw==
index.html
cdn.privacy-mgmt.com/ Frame D2FD 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/index.html?message_id=524524&consentUUID=fdca4211-501e-472c-b0fb-624bbf888a23&requestUUID=9fb5e478-55ff-45ea-854e-30f05f13bdb5&preload_message=true&consentLanguage=en
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-66.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb84f1577f2abfa78ac5451f064b8aecf25e18adb887cba39a30a8193c8c2825

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
873
content-encoding
gzip
content-type
text/html
date
Tue, 07 Jun 2022 18:17:14 GMT
etag
W/"2a69e1c8b9e76a17c68c0fbc999a20a4"
last-modified
Wed, 11 May 2022 18:15:27 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 76a2ca53c94ecdb2669e24612a611a48.cloudfront.net (CloudFront)
x-amz-cf-id
2NGvFU-pmw3t32kDeiIrXtZDBbFGzBOkRP42e7YThMmez8OyU2Oudg==
x-amz-cf-pop
AMS1-P2
x-cache
Hit from cloudfront
wsj_resp_article_16u.4bbcab41ed49.js
asset.barrons.com/article/public/ 		662 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/wsj_resp_article_16u.4bbcab41ed49.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
894324ba8423205ef2d94cd709c5f397932f26693dccabad1110cbb886ebcb64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:22:50 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 21:56:30 GMT
server
AmazonS3
age
706137
etag
W/"5808301e31b8d51e0ca195da0b1c9952"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
M1IiUEiuwHhkZPjxeyRvyrkePhbD7sgLERkW7bD1Vo0KhmqkEHnCYQ==
serviceiframe
news.google.com/swg/_/ui/v1/ Frame C370 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/ui/v1/serviceiframe?_=459618&publicationId=wsj.com
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbcd9e6a54f9ff5f78fc0d04ab17fb10d25225b3ec99e77f1149cf6d68562a6f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-52FGPZVQoFG5hFRFHgoH7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-52FGPZVQoFG5hFRFHgoH7A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-52FGPZVQoFG5hFRFHgoH7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-52FGPZVQoFG5hFRFHgoH7A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Tue, 07 Jun 2022 18:31:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
/
geo.privacymanager.io/ 		30 B
592 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-91.fra2.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 02:03:48 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront), 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
age
59278
x-amzn-requestid
1de100dd-6c12-4364-8a07-ff13b828d84d
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-629eb204-53d28f9b135b757175bbcfe0;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA2-C2
x-amz-apigw-id
TVDAsE3PDoEFeEw=
content-length
30
x-amz-cf-id
5r-SO4ghfCTmoCE431LEgYTLOcc6oT-qwi9nVcGy40XMVHmq133yeQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
eviqoo.js
cl.qualaroo.com/ki.js/46075/ 		147 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cl.qualaroo.com/ki.js/46075/eviqoo.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
7d839c332db4f1ad40533b273945219eca20b60406ed4ef1eacbfd163ab9eb96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:31:46 GMT
content-encoding
gzip
cdn-edgestorageid
883
x-amz-request-id
KVTDZBG95Y11SD0P
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
03/10/2022 13:34:22
cdn-pullzone
92714
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
aMJq6U5vl9/a0txPbDuHWEGRylA86Qve/utoH6r0Gk/Q/UaWnGHaITntQ3lNGDNqMOgh86OR+FA=
server
BunnyCDN-AMS1-879
access-control-allow-origin
*
last-modified
Fri, 21 Aug 2020 14:07:26 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"e13089d4c8817590877a2f3efb65145d"
vary
Accept-Encoding, Accept-Encoding
content-type
application/ecmascript
cdn-cache
HIT
cdn-uid
50c043fb-dcd1-4574-9faf-b60384f66f78
cache-control
max-age=0, s-maxage=3600
cdn-requestid
b5b73b0b4bf1d72b0263237c4ec1a2a7
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame C370 		0
25 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qou-HfEuHuBiXJqHcN6qfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-qou-HfEuHuBiXJqHcN6qfg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/_/ui/v1/serviceiframe?_=459618&publicationId=wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
script-src 'report-sample' 'nonce-qou-HfEuHuBiXJqHcN6qfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-qou-HfEuHuBiXJqHcN6qfg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
date
Tue, 07 Jun 2022 18:31:46 GMT
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
p-b45473c5.js
www.wsj.com/asset/dj-ufc/v1.1.2/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/asset/dj-ufc/v1.1.2/p-b45473c5.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aec4674e528ff0149d1d33a7cef62d355857a050f0a9be163f03489bae51ea3a

Request headers

Referer
https://www.wsj.com/asset/dj-ufc/v1.1.2/dj-ufc.esm.js
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 18:03:14 GMT
content-encoding
br
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
3371313
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
https://www.wsj.com
last-modified
Fri, 04 Mar 2022 22:52:20 GMT
server
AmazonS3
etag
W/"6d6dc53366b2f4ce2dd1325c266b7fcf"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
rEqe2LptLF9SRnkUmJLv.aUAiE5Jb7bP
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
cache-control
public, max-age=31557600, immutable
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
gc-bHuxACPLdwkl5dvb4rMEsjLqNQ-gd_9qwn2UssWa8aZ4U7LZppg==
Notice.93195.css
cdn.privacy-mgmt.com/ Frame D2FD 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/Notice.93195.css
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=524524&consentUUID=fdca4211-501e-472c-b0fb-624bbf888a23&requestUUID=9fb5e478-55ff-45ea-854e-30f05f13bdb5&preload_message=true&consentLanguage=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-66.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23583bd9fb970e8849b1cd42b0d11eaeaa1838ae1b2fb5387b1c47bd6b28b990

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?message_id=524524&consentUUID=fdca4211-501e-472c-b0fb-624bbf888a23&requestUUID=9fb5e478-55ff-45ea-854e-30f05f13bdb5&preload_message=true&consentLanguage=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 17:33:17 GMT
content-encoding
gzip
last-modified
Wed, 11 May 2022 18:15:27 GMT
server
AmazonS3
age
3510
etag
W/"a0ac796ad2ed0d9ac69acab496103ef1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 76a2ca53c94ecdb2669e24612a611a48.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
x-amz-cf-id
VCFousOjjz3g-wNJz1YXsqqPbE6tNDTKSDht9u_BDDqZoVqFLCNgcA==
polyfills.d36c5.js
cdn.privacy-mgmt.com/ Frame D2FD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/polyfills.d36c5.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=524524&consentUUID=fdca4211-501e-472c-b0fb-624bbf888a23&requestUUID=9fb5e478-55ff-45ea-854e-30f05f13bdb5&preload_message=true&consentLanguage=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-66.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?message_id=524524&consentUUID=fdca4211-501e-472c-b0fb-624bbf888a23&requestUUID=9fb5e478-55ff-45ea-854e-30f05f13bdb5&preload_message=true&consentLanguage=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 17:57:34 GMT
content-encoding
gzip
last-modified
Wed, 11 May 2022 18:15:27 GMT
server
AmazonS3
age
2053
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 76a2ca53c94ecdb2669e24612a611a48.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
x-amz-cf-id
iQD5hZ0fIbpnMUYvXg0beXioyUJnPNc5WbuQPTrM0VY1iaQk-TzcSA==
Notice.8d27a.js
cdn.privacy-mgmt.com/ Frame D2FD 		209 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/Notice.8d27a.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=524524&consentUUID=fdca4211-501e-472c-b0fb-624bbf888a23&requestUUID=9fb5e478-55ff-45ea-854e-30f05f13bdb5&preload_message=true&consentLanguage=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-66.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0dde6468a37d7df9bba8fbab9d57c7034133093f5c6aab5e8d4183bdb61108e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/index.html?message_id=524524&consentUUID=fdca4211-501e-472c-b0fb-624bbf888a23&requestUUID=9fb5e478-55ff-45ea-854e-30f05f13bdb5&preload_message=true&consentLanguage=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 17:33:17 GMT
content-encoding
gzip
last-modified
Wed, 11 May 2022 18:15:27 GMT
server
AmazonS3
age
3510
etag
W/"e6dd682a112c11cc0345810718906e29"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 76a2ca53c94ecdb2669e24612a611a48.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
x-amz-cf-id
J18EzNzZ1iFR__smEEY5DleyrQP7xs8dQIpjg2gAvSSwSh2xzblDpw==
audioplayer.min.css
video-api.wsj.com/api-video/audio/css/ 		43 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-api.wsj.com/api-video/audio/css/audioplayer.min.css
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.146.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-146-246.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6eda20d6ce0850bdb8601b0f070ab56a8f4d714962e524225c85e7199802ec93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
eeqLzP5XxinzHSxSvvhLv3y.xubV2xIh
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
163V11MVCBP2RDH6
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
5033
x-amz-id-2
XEgTfEdyZE8Ioal47z0IxV796q9In0MgurHYVChjYmELZlbSos1YsZ2NBH/wHZspasODtXyquOQ=
Last-Modified
Thu, 12 May 2022 19:22:59 GMT
Date
Tue, 07 Jun 2022 18:31:46 GMT
Vary
Accept-Encoding
Content-Type
text/css
X-XSS-Protection
1; mode=block
Cache-Control
max-age=3600
ETag
"bdb864d8cf8fac156dba1a10b0306aca"
Accept-Ranges
bytes
Expires
Tue, 07 Jun 2022 19:31:46 GMT
audioplayer.min.js
video-api.wsj.com/api-video/audio/js/ 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-api.wsj.com/api-video/audio/js/audioplayer.min.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.146.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-146-246.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1552188fc95b4f51c7b8ad7e9953959d653d832dcda0153fc4afdf2c9e780a4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
Gz36V_L1TIpHuNwgCYRAGrrisMIYlDZ.
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
163N49AEDY8PZMM1
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
37752
x-amz-id-2
kjpp4h21ez7ERE2GjkYUnTCQ/YS1miG8f2hPGwJs9kNwTQ2vEjuzVyOkBm9aMisohu29JeuVocM=
Last-Modified
Thu, 12 May 2022 19:23:01 GMT
Date
Tue, 07 Jun 2022 18:31:46 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
Cache-Control
max-age=3600
ETag
"5df645521a03f4204b9e919c306a0a68"
Accept-Ranges
bytes
Expires
Tue, 07 Jun 2022 19:31:46 GMT
recommendations
api.vidora.com/v1/users/default/ 		241 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.vidora.com/v1/users/default/recommendations?api_key=wsj.E4B14D56D6D304BA4A96A94B14D11AA9&limit=5&exclude_category=BARRON%27S%26BARRONS%26FILM%20CLIP&publishers=WSJ
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.145.162.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-162-27.compute-1.amazonaws.com
Software
/
Resource Hash
ac6f4240056a1b82f61bf9724639f9472e272c1a9e91741b6082bf1a731c59be

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 18:31:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-robots-tag
noindex
content-length
185
expires
Fri, 01 Jan 1990 00:00:00 GMT
c8882c9c-15d3-4d1f-9b0e-81b6f321365d.3d79e2b421f1.js
asset.barrons.com/article/public/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/c8882c9c-15d3-4d1f-9b0e-81b6f321365d.3d79e2b421f1.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04063ad56ca7c197983ea3d8af59127c170f3336caf0b9d5f2591adf6373e842

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 13:33:34 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 18:09:51 GMT
server
AmazonS3
age
3387493
etag
W/"bfb7d77b3102b1fcecd3e2d6e0847dd8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
Q0jFJ_2ygUo3pB4YyLNIxH9C6OldEzWkC7WOy5fweAjzegORSkzKFQ==
275181c7-8620-4df3-a008-d0cd9937db22.7963ed61186e.js
asset.barrons.com/article/public/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/275181c7-8620-4df3-a008-d0cd9937db22.7963ed61186e.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
916c3c35f2c56ebe9067d9d5774f231662ffa1ea882d3d9cb7774881e361cbb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 13:33:34 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 08:35:35 GMT
server
AmazonS3
age
3387493
etag
W/"1addfb53d329c8493e9e16c3130a0c1c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
p8_jXAyN5Dt8xRp3RqatxD7GzDUeX492oCUzd1AZrPSkNRnn1s5Ctg==
c13492a5-d9db-47c3-a804-80f45f96c081.cafbe9d1e0d3.css
asset.barrons.com/article/public/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/c13492a5-d9db-47c3-a804-80f45f96c081.cafbe9d1e0d3.css
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5802f293c62b42467e0bee021146995034e4ea8741864d07473ebb4556fe3eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 04:37:38 GMT
content-encoding
gzip
last-modified
Mon, 22 Mar 2021 16:32:58 GMT
server
AmazonS3
age
4802049
etag
W/"43d001b5f1cd0707df3ed5f1e627cc52"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
9gto6rGt1oxK95WatjmgUVRK4SrjR9_bI_xJhdOVUYhVKxil290yfw==
c13492a5-d9db-47c3-a804-80f45f96c081.f93f94642b1a.js
asset.barrons.com/article/public/ 		526 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/c13492a5-d9db-47c3-a804-80f45f96c081.f93f94642b1a.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a12c0f22b7f365e56c83cb26c3bdab54cd8940487c5da0baa0ebcaf886a3a094

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 02 May 2022 16:25:51 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 18:09:51 GMT
server
AmazonS3
age
3117956
etag
W/"c2553017e08f712941b6e9416d56873c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
9ihdfgIG9dV4OisvmwzAWhKFH-UHPwyvr-u-Np1kLynzAE3bPOnL1w==
17f32040-0bfd-4790-bb36-732d32093176.8eaf59a63bcc.js
asset.barrons.com/article/public/ 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/17f32040-0bfd-4790-bb36-732d32093176.8eaf59a63bcc.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5811d2c839968d325d56766d7d39198b122a014125f7c3e230f0d91312fb7e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 02 May 2022 16:25:55 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 18:09:51 GMT
server
AmazonS3
age
3117952
etag
W/"bde486608814cd096e1261b31fca7960"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
sCpHGJkWNzTeP2khH-XiPMxWKJk3mWi4i_1seIoKzPjqda0HLuXRtA==
03c85c64-f03f-4789-9e88-00158f0ea41e.45ebe9979571.css
asset.barrons.com/article/public/ 		47 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/03c85c64-f03f-4789-9e88-00158f0ea41e.45ebe9979571.css
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
254d03ab9a5d2a1151000597048262542abf57d997968985aa935d992a1a4e2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 18:39:46 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 10:30:06 GMT
server
AmazonS3
age
4060321
etag
W/"0fe179e2ab351a3888a32ee5187671e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
opAh1_CWotmB-7F5hte_87um6rwPdkFL8jS2PsdryTX-8AgbdRo8HQ==
03c85c64-f03f-4789-9e88-00158f0ea41e.06cda2681ea9.js
asset.barrons.com/article/public/ 		958 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/03c85c64-f03f-4789-9e88-00158f0ea41e.06cda2681ea9.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b8e6d8a6323a964529cce171bf500183091773048de58cf73b05f1f96bc5acf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 18 May 2022 01:54:23 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 18:09:51 GMT
server
AmazonS3
age
1787844
etag
W/"61a35944266adfbb14fd94ad4a397ac5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
jdLBpm5P-dzDGdqe6ioCBgyVe9cPmAjcFzte2TObUpnODkCbK9cXVQ==
5c5570fe-7775-4969-92ed-c47ecb965e78.439d8e15c703.css
asset.barrons.com/article/public/ 		40 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/5c5570fe-7775-4969-92ed-c47ecb965e78.439d8e15c703.css
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e76e7cdbe9fb1c62a52a8d8f5394cdd3f145c124e2e71cc507dc8cb6e8ac285b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:47:22 GMT
content-encoding
gzip
last-modified
Tue, 28 Sep 2021 11:12:45 GMT
server
AmazonS3
age
5550265
etag
W/"36ee5bf56e3e9644f2f1b356515a50fc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
zimW5GNISx3qYyTVWDilnkw7vjeSfV0X5iK7tfElYCPah2M_JcL0VQ==
5c5570fe-7775-4969-92ed-c47ecb965e78.0cbeb41aa6bf.js
asset.barrons.com/article/public/ 		608 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/5c5570fe-7775-4969-92ed-c47ecb965e78.0cbeb41aa6bf.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7597fa975221ba2a29c000203a1c7f2f1cabb7b977ae08000178ef890e5d6cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 02 May 2022 16:25:55 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 08:35:35 GMT
server
AmazonS3
age
3117952
etag
W/"9cf7bf449413d8ae666af2b15a5f739e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
91oWl4gxY90ZfSkVuGXqr7KsFBLj93ufsJijVwCOr5KgxK_pWqEiFA==
0ad70e52-063f-11ea-8d71-362b9e155667.34c44f088137.css
asset.barrons.com/article/public/ 		10 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/0ad70e52-063f-11ea-8d71-362b9e155667.34c44f088137.css
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41e3398a590a67abd119885b7cd7e138273126b72a7a9122ebbf438c469da619

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:47:22 GMT
content-encoding
gzip
last-modified
Fri, 25 Mar 2022 07:39:38 GMT
server
AmazonS3
age
5550265
etag
W/"91ede821401bbdf7222237e89b5e8995"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
vmujZKUgz2VLSsphX-ifnfSgeOd67WKuhg6NlikS3wjexYI54VZhCQ==
0ad70e52-063f-11ea-8d71-362b9e155667.cb07db2b1565.js
asset.barrons.com/article/public/ 		567 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/0ad70e52-063f-11ea-8d71-362b9e155667.cb07db2b1565.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6f103590dfe3286553802727cbd102225a0363c0f8654cbdaaa70b43416182b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 02 May 2022 16:25:49 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 08:35:35 GMT
server
AmazonS3
age
3117957
etag
W/"cd1d2f3efaadf5758d73aad2e628eaf2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
_3jCYxhz_2yOcKCtrKT0D3cEELpsc6xnj_yVO6NGo45gtGptTkhoyQ==
9b6fea7a-ca2a-4ec2-982f-ea3079678342.246af03267ab.css
asset.barrons.com/article/public/ 		13 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/9b6fea7a-ca2a-4ec2-982f-ea3079678342.246af03267ab.css
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c515d84239266624e92f16089179ff92f92ec8e498b3c6e99ac8a6b110050f9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 21 May 2022 13:16:06 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 02:37:29 GMT
server
AmazonS3
age
1487741
etag
W/"6886b57e02c987316a06dd73b2107e11"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
6RvEuRHmKpC2lWfwc7d8VmEaggiV0mW3TmUU1oc5naxnpCWqm3FRLA==
9b6fea7a-ca2a-4ec2-982f-ea3079678342.4eedd8fe04b5.js
asset.barrons.com/article/public/ 		598 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/9b6fea7a-ca2a-4ec2-982f-ea3079678342.4eedd8fe04b5.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ea45b0edffa1a8757b5196cd16bb02dcedfac555eaf9bf738312e3860dcc374

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 02 May 2022 16:25:50 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 08:35:35 GMT
server
AmazonS3
age
3117957
etag
W/"e78399f5020f8878c6fbb49d9252ecd4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
kWKU6GiYfgJHJICK3YEC8VzSDVGIhigtfeO_j0ZfO1A1FXheiG4wJg==
669cbb36-1bd8-4a26-89f6-ec35ac37fb24.3d50a4892ddd.css
asset.barrons.com/article/public/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/669cbb36-1bd8-4a26-89f6-ec35ac37fb24.3d50a4892ddd.css
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a390f4498a7b5e34c082b9cb5691116fe75cc8769e5f2a84bac38b93d27dbf03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 04:56:39 GMT
content-encoding
gzip
last-modified
Mon, 16 Aug 2021 15:14:29 GMT
server
AmazonS3
age
4368907
etag
W/"28bdc287d49158acacb6a1c84eb99b9c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
GiEfhwNnDEn950EkFFoip3mhr5csyiHxC3aS2N7TvoIFMIngSd9sjg==
669cbb36-1bd8-4a26-89f6-ec35ac37fb24.a71cad06e621.js
asset.barrons.com/article/public/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/669cbb36-1bd8-4a26-89f6-ec35ac37fb24.a71cad06e621.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
532c2d8f9559fda3ce86b181d11ac8386bc52431ee8d4f38c781e89064979d64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 02 May 2022 16:26:01 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 08:35:35 GMT
server
AmazonS3
age
3117946
etag
W/"7426c91c7be58b87afc01a9dfbfd6ce1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
x3IgumZYbOLyX2cJGY5R7i-qfs1TXUlyZPvMMd06x5A9o6LaL5zv3Q==
swg-button.css
news.google.com/swg/js/v1/ Frame C370 		21 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=459618&publicationId=wsj.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:28:34 GMT
x-content-type-options
nosniff
age
192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21972
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Jun 2022 19:18:34 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zEMmQen1Szc.es5.O/am=YwBA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7TyqK... Frame C370 		168 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zEMmQen1Szc.es5.O/am=YwBA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7TyqK-ujHClJE6pR-F7TclvQYQcw/m=_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=459618&publicationId=wsj.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2caffbec2a4d88bfb862f130ca1886b71f0c11c45f7cb764e6ddb7d21c0e52ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 19:40:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82299
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60345
x-xss-protection
0
last-modified
Sun, 05 Jun 2022 01:51:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Jun 2023 19:40:07 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c14dd9179913a3fb6d8bee3165293a61a0ffe62aca3be04bae738b5bce30a13

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
headerstats
as-sec.casalemedia.com/ 		0
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=409263&u=https%3A%2F%2Fwww.wsj.com%2Farticles%2Frussia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400&v=3
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 07 Jun 2022 18:31:46 GMT
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[178.162.194.30], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://www.wsj.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Tue, 07 Jun 2022 18:31:46 GMT
sp1.html
cdn.cxense.com/ Frame 0658 		684 B
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
379
Content-Type
text/html
Date
Tue, 07 Jun 2022 18:31:46 GMT
Expires
Fri, 17 Jun 2022 18:31:46 GMT
Last-Modified
Tue, 11 Jan 2022 07:21:04 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
google-play.4699f3c28a26.svg
asset.barrons.com/article/public/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.barrons.com/article/public/img/google-play.4699f3c28a26.svg
Requested by
Host: asset.barrons.com
URL: https://asset.barrons.com/article/public/9b6fea7a-ca2a-4ec2-982f-ea3079678342.246af03267ab.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f173ce9aba85239293aa2d30b59d8e9769ab57261a63376147b22773f84972bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://asset.barrons.com/article/public/9b6fea7a-ca2a-4ec2-982f-ea3079678342.246af03267ab.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:47:24 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 02:37:30 GMT
server
AmazonS3
age
5550263
etag
W/"4699f3c28a26de50bde7eb2e516c4616"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
pRksJzMNPabUOCKTSjD4MVPdo5adwTWB3tr-JbapzEpYerRcpbH38w==
appstore.a6e93ba3daca.svg
asset.barrons.com/article/public/img/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.barrons.com/article/public/img/appstore.a6e93ba3daca.svg
Requested by
Host: asset.barrons.com
URL: https://asset.barrons.com/article/public/9b6fea7a-ca2a-4ec2-982f-ea3079678342.246af03267ab.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
beec0e606b0397cdc95eba5c160317d7c73f18917d6cb2ec97795aec9b10fafa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://asset.barrons.com/article/public/9b6fea7a-ca2a-4ec2-982f-ea3079678342.246af03267ab.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:47:24 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 02:37:30 GMT
server
AmazonS3
age
5550263
etag
W/"a6e93ba3daca96df368bd52a469cf262"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
vD50kQJBADkmrsJWUG-IY8gToHWO-2MaL3YyDhGCK315ef-pA_vyOg==
p-52133049.entry.js
www.wsj.com/asset/dj-ufc/v1.1.2/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/asset/dj-ufc/v1.1.2/p-52133049.entry.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/asset/dj-ufc/v1.1.2/p-b45473c5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0fe343232145a80a8973028881cf744933e1d9483840c78f02a1cfeafef3b00d

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 18:03:15 GMT
content-encoding
br
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
3371312
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
https://www.wsj.com
last-modified
Fri, 04 Mar 2022 22:52:19 GMT
server
AmazonS3
etag
W/"1d9055735131bd8299fd1f9b2cfeb428"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
Njs9_uEwRKYomEIk85rCTiB7mBJ5FrEI
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
cache-control
public, max-age=31557600, immutable
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
wQfwTIwv7zj3xPwMsr1IQ57lPC9K7cW3hQ8WANCwK02EbrxYrUv5cg==
WSJTheme-c8882c9c-15d3-4d1f-9b0e-81b6f321365d.cd69b5260360.css
asset.barrons.com/article/public/ 		90 B
428 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/WSJTheme-c8882c9c-15d3-4d1f-9b0e-81b6f321365d.cd69b5260360.css
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c902ab00352d0ae869550735beabccb7b86654e7198b2d2954bdd3864119496f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 16 May 2022 00:37:00 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
last-modified
Wed, 02 Jun 2021 21:25:59 GMT
server
AmazonS3
age
1965287
etag
"6fbf0c07779fd28ee03d2ce7547692ea"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
90
x-amz-cf-id
mPYdTZSC0qF0195ONS3-9G1nSlN-x9iRGcBX1NLf02cGA2nDN4NVjg==
WSJTheme-c8882c9c-15d3-4d1f-9b0e-81b6f321365d.f27a014f55db.js
asset.barrons.com/article/public/ 		167 B
518 B 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/WSJTheme-c8882c9c-15d3-4d1f-9b0e-81b6f321365d.f27a014f55db.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c31b906cca9bc6a02bc951518c76295bcbd05858dc69821fb5ae5393a99a3f8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:47:24 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
last-modified
Wed, 23 Feb 2022 15:03:46 GMT
server
AmazonS3
age
5550262
etag
"a7e6b042abd555661396005d4a9fec3e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
167
x-amz-cf-id
6YdR-ExpMYQboXIr-8IkI1VnBz4SJxGMyTqu8pZ6FZWUL_TmNtTtGQ==
WSJTheme-275181c7-8620-4df3-a008-d0cd9937db22.19ffb35d6384.css
asset.barrons.com/article/public/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/WSJTheme-275181c7-8620-4df3-a008-d0cd9937db22.19ffb35d6384.css
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
267643b1790a2c87a0fdfec4a2cccd321cd1b22a5d7af7861bd8f118f3d74e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 18:22:20 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 10:30:06 GMT
server
AmazonS3
age
4061367
etag
W/"433448ec6abdcc06747c8a171e528762"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
VQ9-7_O8mpBqVgX-soaZbTxqjoYTBr756uXYBKNddJsc8zYaR4_GDg==
WSJTheme-275181c7-8620-4df3-a008-d0cd9937db22.6d195009ce08.js
asset.barrons.com/article/public/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/WSJTheme-275181c7-8620-4df3-a008-d0cd9937db22.6d195009ce08.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a71d84f1b53f545fd62160359e05bb751aaefde1cebc05e5ce49d258a3b9eeac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 18:22:20 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 10:30:06 GMT
server
AmazonS3
age
4061367
etag
W/"3858f0bd1cf1583352b75ce1ca770eaf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
rs5I-cvITpjcBcBWfy77Faxba7u6DlkL_GbUKublpeK4LDFtb4PNkg==
WSJTheme-17f32040-0bfd-4790-bb36-732d32093176.388efae4898e.css
asset.barrons.com/article/public/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/WSJTheme-17f32040-0bfd-4790-bb36-732d32093176.388efae4898e.css
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a2953c323d5dc9e496ffe18c2a8dac61c62e45e0775a965ce05330921355b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:47:21 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 21:50:55 GMT
server
AmazonS3
age
5550266
etag
W/"f1b578c803002ec314040321c4564d17"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
fRTKGXqreGZ4-KX_xWK0h36JDmJ74qMj1va-byAgmgK8Sc4lsAD2Bw==
WSJTheme-17f32040-0bfd-4790-bb36-732d32093176.f363f07f2ea0.js
asset.barrons.com/article/public/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.barrons.com/article/public/WSJTheme-17f32040-0bfd-4790-bb36-732d32093176.f363f07f2ea0.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:1a:635e:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4bcd35fc37fb9bb2a2687152e96b39045e222b302d8cf23bc3429710a3ecf4c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:47:26 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 15:03:46 GMT
server
AmazonS3
age
5550261
etag
W/"73f6372d134753ef2a0d16cbba1934f1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
JMcQ6bbrSESKWXjW1ua7kVD1K-Qv8ET0cw4CZgOc-s1z_xzP_fOkKA==
cx.js
cdn.cxense.com/ Frame 0658 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e882f21f00443d4bd815464bda4aab82c1b0280a8fede958d7e429a5d29cd46f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 18:31:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 May 2022 11:21:30 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26209
Expires
Tue, 07 Jun 2022 19:31:46 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C370 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=459618&publicationId=wsj.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 11:18:05 GMT
x-content-type-options
nosniff
age
26021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 07 Jun 2023 11:18:05 GMT
wsj-logo.svg
s.wsj.net/img/meta/ Frame D2FD 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.wsj.net/img/meta/wsj-logo.svg
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:c400:19:3d3:51c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5054a1af89cc72bcb7c086ce9fc4f8a6fc230b90b92c6dbf340bb25cd728a02c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.privacy-mgmt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 01:43:48 GMT
via
1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
last-modified
Sat, 31 Jul 2021 12:13:43 GMT
server
AmazonS3
age
60480
etag
"15c521bde9426a80b2f9a04d9c540547"
x-cache
Hit from cloudfront
x-amz-version-id
hzPppwvr3FIBSh69YZ6YAken11m2wwUJ
x-amz-replication-status
REPLICA
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/svg+xml
content-length
10225
x-amz-cf-id
6FcWnRtaNpzWNm27IEWO9QHBsYLQH2HnB3TNVBH6WNM_FCNqYuaq-w==
truncated
/ Frame D2FD 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b14684edc7a33025134268da451328fe23fd64c0ab1614a9811f47b3dbe944b4

Request headers

Referer
Origin
https://cdn.privacy-mgmt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ Frame D2FD 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f27f7b08cdba301dc4a18d86a6749ca5e133b70aa2fdc166327c8be7d9a30a37

Request headers

Referer
Origin
https://cdn.privacy-mgmt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
application/font-woff
m=byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,ws9Tlc,U0aPgd,zG9H6c,LEikZe,NwH0H,OmgaI,gychg,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zEMmQen1Szc.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.NA0HCwtZCHA.L.B1... Frame C370 		129 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zEMmQen1Szc.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.NA0HCwtZCHA.L.B1.O/am=YwBA/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4u9uCs-cW7PwuiAozm-OvXSkkfoQ/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,ws9Tlc,U0aPgd,zG9H6c,LEikZe,NwH0H,OmgaI,gychg,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zEMmQen1Szc.es5.O/am=YwBA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7TyqK-ujHClJE6pR-F7TclvQYQcw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc234d2ae3c7e323e3aa487fbc55740086b8c8373d63e5e3cac10cb155f79145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 21:42:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74931
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44234
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 21:55:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Jun 2023 21:42:56 GMT
p-791323ec.js
www.wsj.com/asset/dj-ufc/v1.1.2/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/asset/dj-ufc/v1.1.2/p-791323ec.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4bd2ddea4ae7c1bc280443e24892e8db3b17179ce81f358077c2076840786390

Request headers

Referer
https://www.wsj.com/asset/dj-ufc/v1.1.2/p-52133049.entry.js
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 18:03:16 GMT
content-encoding
br
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
3371312
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
https://www.wsj.com
last-modified
Fri, 04 Mar 2022 22:52:19 GMT
server
AmazonS3
etag
W/"1ffc857c3d187f8fc055935c29c30cde"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
Dan_PP9lPvGXK5DgyXMDvOYL1RZgRHEV
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
cache-control
public, max-age=31557600, immutable
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
content-type
application/javascript; charset=utf-8
x-amz-cf-id
MuPOnSszPsAaNjbnjGBI0Jv2zeb4G_HaCBDwaDeyi5jNuNOrXs_HYg==
p-112455b1.js
www.wsj.com/asset/dj-ufc/v1.1.2/ 		372 B
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wsj.com/asset/dj-ufc/v1.1.2/p-112455b1.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:3:4b0:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b2bc0afa46bdbe8d1ae0b9981af58a37b994f4fbcd7bc692a7b94fd7dcfdd9d

Request headers

Referer
https://www.wsj.com/asset/dj-ufc/v1.1.2/p-52133049.entry.js
Origin
https://www.wsj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 18:03:20 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
3371308
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
372
last-modified
Fri, 04 Mar 2022 22:52:19 GMT
server
AmazonS3
etag
"e08f3ee888e231da9c7188f8f4b3a9cd"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
l0LxjpfeFo2X9sA.LpDeO.FYDQfyxhbH
access-control-allow-origin
https://www.wsj.com
access-control-expose-headers
ETag
cache-control
public, max-age=31557600, immutable
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-amz-cf-id
Ou62LL51gSSh2ru6DGxiBQYz0cH_UhasTM70qD1FhjbcgIR7iq64WQ==
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zEMmQen1Szc.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.NA0HCwtZCHA.L.B1... Frame C370 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zEMmQen1Szc.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.NA0HCwtZCHA.L.B1.O/am=YwBA/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4u9uCs-cW7PwuiAozm-OvXSkkfoQ/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zEMmQen1Szc.es5.O/am=YwBA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7TyqK-ujHClJE6pR-F7TclvQYQcw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b76239cd0cadc8d8e09c76653f1dfbc675d20b075104409041506ccc94706745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 21:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7441
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 21:55:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Jun 2023 21:47:05 GMT
p1.js
p1cluster.cxense.com/ Frame 0658 		47 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
2d6c01123fc24ab7bc7871fef44091c438df9d40906b0f8fa350dea0c2aa41db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:31:47 GMT
last-modified
Tue, 07 Dec 2021 18:31:47 GMT
server
Jetty(9.4.28.v20200408)
etag
28ul201ming3z263tskf3e6c3y
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
private, proxy-revalidate
content-type
text/javascript;charset=utf-8
content-length
47
expires
Wed, 07 Jun 2023 18:31:47 GMT
find_all_videos.asp
video-api.wsj.com/api-video/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-api.wsj.com/api-video/find_all_videos.asp?fields=duration,name,thumbnailList,linkURL,guid&query=830BDF53-1919-4DA4-80FB-97EEBA0833A7,7C998B36-AEB9-4A92-BE09-F574890606FB,3CD5096F-7984-4569-B680-5A2E464C4447,D1E5E6B2-8DEE-4D9D-87EB-55440EB107B2,471F8909-AAE7-4248-A534-4D4752C8F02F&type=guid
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.146.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-146-246.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
92c50838c4570e4cf1eb0b4eb4ba5f96c65ea0caa081394cca1fb72c1e955f02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 18:31:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P7
ETag
W/"1b9d-RUjW8Zv5azBNFhEwDxHwR3sGBFU"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=60
Connection
keep-alive
Content-Length
1143
X-XSS-Protection
1; mode=block
X-Amz-Cf-Id
cT1B-QT7UnnEYiu-k53ugQJF2ZOx7-dnnncRce3AXfBZiVOWTl458g==
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zEMmQen1Szc.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.NA0HCwtZCHA.L.B1... Frame C370 		1 KB
714 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zEMmQen1Szc.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.NA0HCwtZCHA.L.B1.O/am=YwBA/d=1/exm=COQbmf,DfBslb,FCpbqb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,WhJNk,Wt6vjf,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hhhU8,lPKSwe,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4u9uCs-cW7PwuiAozm-OvXSkkfoQ/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zEMmQen1Szc.es5.O/am=YwBA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7TyqK-ujHClJE6pR-F7TclvQYQcw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce1681fd1ad1eb968a2e3f571eb2380a95a1d8a8a3f240c25ed86430c5548987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 21:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
688
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 21:55:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Jun 2023 21:47:05 GMT
log
play.google.com/ Frame C370 		131 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zEMmQen1Szc.es5.O/am=YwBA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7TyqK-ujHClJE6pR-F7TclvQYQcw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 07 Jun 2022 18:31:47 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 07 Jun 2022 18:31:47 GMT
batchexecute
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame C370 		435 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2F_%2Fui%2Fv1%2Fserviceiframe&f.sid=5022045115765618135&bl=boq_subscribewithgoogleclientserver_20220605.16_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=66708&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zEMmQen1Szc.es5.O/am=YwBA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7TyqK-ujHClJE6pR-F7TclvQYQcw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2d5e2a69bbebcaf505d91ed8d4301a54e5de43d9d4571317405660effeceea8
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 07 Jun 2022 18:31:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
rep.gif
comcluster.cxense.com/Repo/ Frame 0658 		43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.4.0&typ=pgv&rnd=l44i0ozmotiaatvf&sid=9222318613852486900&loc=https%3A%2F%2Fwww.wsj.com%2Farticles%2Frussia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400&new=1&arf=0&ltm=1654626706651&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=l44i0pw3nggkiqq5&ckp=l44i0pvwn7sz7m8q&glb=&cp_ver=2.47&cp_testGroup=61&cp_topDomain=wsj.com&cp_pwTag=default&cp_pwPlacement=cx-pro-scrim&cp_pwCampaign=54325&cp_pwType=free&cp_type=Pro%20Cyber%20News&cp_template=full&cp_access=paid&cp_section=WSJ%20Pro&cp_subsection=Pro%20Cyber&cp_cms_name=METHODE&cp_vix=&cp_subscriber=nonsubscriber&cp_edition=naus&cp_bucket=9&cp_ab_bucket=15&cp_pageContentTypeDetai=article&cp_pageSiteProduct=WSJ&cst=28ul201ming3z263tskf3e6c3y
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:31:47 GMT
server
Jetty(9.4.28.v20200408)
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
43
content-type
image/gif
id
id.cxense.com/public/user/ 		117 B
688 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22l44i0pvwn7sz7m8q%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%2228ul201ming3z263tskf3e6c3y%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%2228ul201ming3z263tskf3e6c3y%22%7D%5D%2C%22siteId%22%3A%229222318613852486900%22%2C%22location%22%3A%22https%3A%2F%2Fwww.wsj.com%2Farticles%2Frussia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400%22%7D&callback=cXJsonpCBl44i0q7xw6uswse0
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
02150b16d794354b660b5569e7080cdb02fbc09df350091093de5851ad616f20
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 18:31:47 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript;charset=utf-8
content-length
117
expires
Mon, 26 Jul 1997 05:00:00 GMT
log
play.google.com/ Frame C370 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zEMmQen1Szc.es5.O/am=YwBA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7TyqK-ujHClJE6pR-F7TclvQYQcw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 07 Jun 2022 18:31:47 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 07 Jun 2022 18:31:47 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Jun 2022 18:31:47 GMT
expires
Tue, 07 Jun 2022 18:31:47 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame C370 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zEMmQen1Szc.es5.O/am=YwBA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7TyqK-ujHClJE6pR-F7TclvQYQcw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 07 Jun 2022 18:31:47 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 07 Jun 2022 18:31:47 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Jun 2022 18:31:47 GMT
expires
Tue, 07 Jun 2022 18:31:47 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame C370 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zEMmQen1Szc.es5.O/am=YwBA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7TyqK-ujHClJE6pR-F7TclvQYQcw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 07 Jun 2022 18:31:47 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 07 Jun 2022 18:31:47 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Jun 2022 18:31:47 GMT
expires
Tue, 07 Jun 2022 18:31:47 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame C370 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zEMmQen1Szc.es5.O/am=YwBA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7TyqK-ujHClJE6pR-F7TclvQYQcw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 07 Jun 2022 18:31:47 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 07 Jun 2022 18:31:47 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Jun 2022 18:31:47 GMT
expires
Tue, 07 Jun 2022 18:31:47 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame C370 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zEMmQen1Szc.es5.O/am=YwBA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7TyqK-ujHClJE6pR-F7TclvQYQcw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 07 Jun 2022 18:31:47 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 07 Jun 2022 18:31:47 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Jun 2022 18:31:47 GMT
expires
Tue, 07 Jun 2022 18:31:47 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame C370 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.zEMmQen1Szc.es5.O/am=YwBA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7TyqK-ujHClJE6pR-F7TclvQYQcw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 07 Jun 2022 18:31:47 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 07 Jun 2022 18:31:47 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Jun 2022 18:31:47 GMT
expires
Tue, 07 Jun 2022 18:31:47 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
data
api.cxense.com/public/widget/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22categories%22%3A%7B%22subscriber%22%3A%22nonsubscriber%22%2C%22edition%22%3A%22naus%22%2C%22pwcampaign%22%3A%2254325%22%2C%22bucket%22%3A%229%22%2C%22testgroup%22%3A%2261%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22subscriber%22%2C%22value%22%3A%22nonsubscriber%22%7D%2C%7B%22key%22%3A%22edition%22%2C%22value%22%3A%22naus%22%7D%2C%7B%22key%22%3A%22pwcampaign%22%2C%22value%22%3A%2254325%22%7D%2C%7B%22key%22%3A%22bucket%22%2C%22value%22%3A%229%22%7D%2C%7B%22key%22%3A%22ver%22%2C%22value%22%3A%222.47%22%7D%2C%7B%22key%22%3A%22testGroup%22%2C%22value%22%3A%2261%22%7D%2C%7B%22key%22%3A%22topDomain%22%2C%22value%22%3A%22wsj.com%22%7D%2C%7B%22key%22%3A%22pwTag%22%2C%22value%22%3A%22default%22%7D%2C%7B%22key%22%3A%22pwPlacement%22%2C%22value%22%3A%22cx-pro-scrim%22%7D%2C%7B%22key%22%3A%22pwCampaign%22%2C%22value%22%3A%2254325%22%7D%2C%7B%22key%22%3A%22pwType%22%2C%22value%22%3A%22free%22%7D%2C%7B%22key%22%3A%22type%22%2C%22value%22%3A%22Pro%20Cyber%20News%22%7D%2C%7B%22key%22%3A%22template%22%2C%22value%22%3A%22full%22%7D%2C%7B%22key%22%3A%22access%22%2C%22value%22%3A%22paid%22%7D%2C%7B%22key%22%3A%22section%22%2C%22value%22%3A%22WSJ%20Pro%22%7D%2C%7B%22key%22%3A%22subsection%22%2C%22value%22%3A%22Pro%20Cyber%22%7D%2C%7B%22key%22%3A%22cms_name%22%2C%22value%22%3A%22METHODE%22%7D%2C%7B%22key%22%3A%22vix%22%2C%22value%22%3A%22%22%7D%2C%7B%22key%22%3A%22ab_bucket%22%2C%22value%22%3A%2215%22%7D%2C%7B%22key%22%3A%22pageContentTypeDetai%22%2C%22value%22%3A%22article%22%7D%2C%7B%22key%22%3A%22pageSiteProduct%22%2C%22value%22%3A%22WSJ%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2261%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.wsj.com%2Farticles%2Frussia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400%22%7D%2C%22widgetId%22%3A%22fdffeaef25759d5a4b278e2b045241d7cc93fb7c%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22l44i0pvwn7sz7m8q%22%7D%7D%2C%22prnd%22%3A%22l44i0ozmotiaatvf%22%7D&media=javascript&sid=9222318613852486900&widgetId=fdffeaef25759d5a4b278e2b045241d7cc93fb7c&resizeToContentSize=true&useSecureUrls=true&usi=l44i0pvwn7sz7m8q&rnd=1310973681&prnd=l44i0ozmotiaatvf&tzo=0&callback=cXJsonpCBl44i0qa6icowvkpa
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
d9c68ff44bf762aae92a7ea0e313c7a496fb8a81abe44ea1e5119433502be480
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 18:31:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript;charset=utf-8
content-length
3519
expires
Mon, 26 Jul 1997 05:00:00 GMT
data
api.cxense.com/public/widget/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22categories%22%3A%7B%22subscriber%22%3A%22nonsubscriber%22%2C%22edition%22%3A%22naus%22%2C%22pwcampaign%22%3A%2254325%22%2C%22bucket%22%3A%229%22%2C%22testgroup%22%3A%2261%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22subscriber%22%2C%22value%22%3A%22nonsubscriber%22%7D%2C%7B%22key%22%3A%22edition%22%2C%22value%22%3A%22naus%22%7D%2C%7B%22key%22%3A%22pwcampaign%22%2C%22value%22%3A%2254325%22%7D%2C%7B%22key%22%3A%22bucket%22%2C%22value%22%3A%229%22%7D%2C%7B%22key%22%3A%22ver%22%2C%22value%22%3A%222.47%22%7D%2C%7B%22key%22%3A%22testGroup%22%2C%22value%22%3A%2261%22%7D%2C%7B%22key%22%3A%22topDomain%22%2C%22value%22%3A%22wsj.com%22%7D%2C%7B%22key%22%3A%22pwTag%22%2C%22value%22%3A%22default%22%7D%2C%7B%22key%22%3A%22pwPlacement%22%2C%22value%22%3A%22cx-pro-scrim%22%7D%2C%7B%22key%22%3A%22pwCampaign%22%2C%22value%22%3A%2254325%22%7D%2C%7B%22key%22%3A%22pwType%22%2C%22value%22%3A%22free%22%7D%2C%7B%22key%22%3A%22type%22%2C%22value%22%3A%22Pro%20Cyber%20News%22%7D%2C%7B%22key%22%3A%22template%22%2C%22value%22%3A%22full%22%7D%2C%7B%22key%22%3A%22access%22%2C%22value%22%3A%22paid%22%7D%2C%7B%22key%22%3A%22section%22%2C%22value%22%3A%22WSJ%20Pro%22%7D%2C%7B%22key%22%3A%22subsection%22%2C%22value%22%3A%22Pro%20Cyber%22%7D%2C%7B%22key%22%3A%22cms_name%22%2C%22value%22%3A%22METHODE%22%7D%2C%7B%22key%22%3A%22vix%22%2C%22value%22%3A%22%22%7D%2C%7B%22key%22%3A%22ab_bucket%22%2C%22value%22%3A%2215%22%7D%2C%7B%22key%22%3A%22pageContentTypeDetai%22%2C%22value%22%3A%22article%22%7D%2C%7B%22key%22%3A%22pageSiteProduct%22%2C%22value%22%3A%22WSJ%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2261%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.wsj.com%2Farticles%2Frussia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400%22%7D%2C%22widgetId%22%3A%222de24eadb5f96a9436a375f0d2087dac83093d90%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22l44i0pvwn7sz7m8q%22%7D%7D%2C%22prnd%22%3A%22l44i0ozmotiaatvf%22%7D&media=javascript&sid=9222318613852486900&widgetId=2de24eadb5f96a9436a375f0d2087dac83093d90&resizeToContentSize=true&useSecureUrls=true&usi=l44i0pvwn7sz7m8q&rnd=1623271161&prnd=l44i0ozmotiaatvf&tzo=0&callback=cXJsonpCBl44i0qa8sgzddd1k
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
0c27785849601e7683d75644433f48c9623d4206ebac7a801a64fb7f547971a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 18:31:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript;charset=utf-8
content-length
5811
expires
Mon, 26 Jul 1997 05:00:00 GMT
data
api.cxense.com/public/widget/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22categories%22%3A%7B%22subscriber%22%3A%22nonsubscriber%22%2C%22edition%22%3A%22naus%22%2C%22pwcampaign%22%3A%2254325%22%2C%22bucket%22%3A%229%22%2C%22testgroup%22%3A%2261%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22subscriber%22%2C%22value%22%3A%22nonsubscriber%22%7D%2C%7B%22key%22%3A%22edition%22%2C%22value%22%3A%22naus%22%7D%2C%7B%22key%22%3A%22pwcampaign%22%2C%22value%22%3A%2254325%22%7D%2C%7B%22key%22%3A%22bucket%22%2C%22value%22%3A%229%22%7D%2C%7B%22key%22%3A%22ver%22%2C%22value%22%3A%222.47%22%7D%2C%7B%22key%22%3A%22testGroup%22%2C%22value%22%3A%2261%22%7D%2C%7B%22key%22%3A%22topDomain%22%2C%22value%22%3A%22wsj.com%22%7D%2C%7B%22key%22%3A%22pwTag%22%2C%22value%22%3A%22default%22%7D%2C%7B%22key%22%3A%22pwPlacement%22%2C%22value%22%3A%22cx-pro-scrim%22%7D%2C%7B%22key%22%3A%22pwCampaign%22%2C%22value%22%3A%2254325%22%7D%2C%7B%22key%22%3A%22pwType%22%2C%22value%22%3A%22free%22%7D%2C%7B%22key%22%3A%22type%22%2C%22value%22%3A%22Pro%20Cyber%20News%22%7D%2C%7B%22key%22%3A%22template%22%2C%22value%22%3A%22full%22%7D%2C%7B%22key%22%3A%22access%22%2C%22value%22%3A%22paid%22%7D%2C%7B%22key%22%3A%22section%22%2C%22value%22%3A%22WSJ%20Pro%22%7D%2C%7B%22key%22%3A%22subsection%22%2C%22value%22%3A%22Pro%20Cyber%22%7D%2C%7B%22key%22%3A%22cms_name%22%2C%22value%22%3A%22METHODE%22%7D%2C%7B%22key%22%3A%22vix%22%2C%22value%22%3A%22%22%7D%2C%7B%22key%22%3A%22ab_bucket%22%2C%22value%22%3A%2215%22%7D%2C%7B%22key%22%3A%22pageContentTypeDetai%22%2C%22value%22%3A%22article%22%7D%2C%7B%22key%22%3A%22pageSiteProduct%22%2C%22value%22%3A%22WSJ%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2261%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.wsj.com%2Farticles%2Frussia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400%22%7D%2C%22widgetId%22%3A%22cd6dfe5cad0e11d2b5b32bf63b7776a73af93c00%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22l44i0pvwn7sz7m8q%22%7D%7D%2C%22prnd%22%3A%22l44i0ozmotiaatvf%22%7D&media=javascript&sid=9222318613852486900&widgetId=cd6dfe5cad0e11d2b5b32bf63b7776a73af93c00&resizeToContentSize=true&useSecureUrls=true&usi=l44i0pvwn7sz7m8q&rnd=945058205&prnd=l44i0ozmotiaatvf&tzo=0&callback=cXJsonpCBl44i0qa98nrae59s
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
e78be1060337d94e996119488a82835fa19cdd0ace3b60ebeccdebff1c899cd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 18:31:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript;charset=utf-8
content-length
794
expires
Mon, 26 Jul 1997 05:00:00 GMT
im-558541
images.wsj.net/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-558541?width=115&height=65
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHIS
Resource Hash
d21a86121c86cd91c03464bc07e5e5dddf36b5c782a267f69d9144c82e84119f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 09:30:09 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
32498
x-powered-by
PHIS
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-558541,nrtools.im.prod.im-558541_115x65
phis
imu-20220606220454612
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
FaHjm6oObEsccIkkTxh9BJx-PzZq7SRsBuku8Hdp9z46rzg27NglOw==
im-557662
images.wsj.net/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-557662?width=115&height=65
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHIS
Resource Hash
98a5c3dec2ef027ad3ccf631ca493e44ba08cb81380e704052e7a55d967f0a4a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 09:30:07 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
118900
x-powered-by
PHIS
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-557662,nrtools.im.prod.im-557662_115x65
phis
imu-20220603221117885
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
3rYL7DEvBJKqlmtNexk2kn5b6zUeT30N-cKnSUdNsGeKkLXf8yNCSg==
im-557011
images.wsj.net/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-557011?width=115&height=65
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Image Pipeline
Resource Hash
6b88892d01e0509dd58d06e15d4a452fb1772ef126c086a6e954633f4f442ab6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

imagepipeline
20220603-113743-41f47072-06f5-4f2c-92d4-c9a5c320e388-wsj
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
369087
x-powered-by
Image Pipeline
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-557011,nrtools.im.prod.im-557011_115x65
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
date
Fri, 03 Jun 2022 12:00:20 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
jKBy-N4XfEeo0facPyfjl8tVQhwW72OxaGonT-m8YB2UgfIkCqr0Ag==
im-556620
images.wsj.net/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-556620?width=115&height=65
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Image Pipeline
Resource Hash
40672ed66aee4f8869afe0722b3cdd855d829b009639dbc795e757c41712569e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

imagepipeline
20220602-190245-7be3f185-d8b4-4a53-9fac-0cfa6d6b350c-wsj
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
428714
x-powered-by
Image Pipeline
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-556620,nrtools.im.prod.im-556620_115x65
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
date
Thu, 02 Jun 2022 19:26:33 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
hH9uiM3MJb5q5mthtmTVf4ppDj_k9BBeNL6qnh-oJ_VcJczU8oOv-g==
im-559015
images.wsj.net/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-559015?width=115&height=65
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Image Pipeline
Resource Hash
56826e7a9bb17601ecc3b711c12eed9eb72bb07c534bbd5232c874b9020505ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

imagepipeline
20220607-175114-97ea6f8a-6fa6-44e1-b31d-53d1f5650caf-wsj
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
322
x-powered-by
Image Pipeline
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-559015,nrtools.im.prod.im-559015_115x65
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
date
Tue, 07 Jun 2022 18:26:25 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=6048800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Oy-rebjXq9vXuBGPrDxK9QbcsRblXUvuVxXjXuW5xScJ3QjKn0lN8g==
frame.html
dntcl.qualaroo.com/ Frame 9E1C 		323 B
695 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dntcl.qualaroo.com/frame.html
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
2e8900ba4a5768754de4fc21bcdde72bdcafa25c6c766a7f3bc44bf6c21fc412

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=604800
cdn-cache
HIT
cdn-cachedat
02/07/2022 19:30:59
cdn-edgestorageid
459
cdn-fileserver
55
cdn-proxyver
1.02
cdn-pullzone
99568
cdn-requestcountrycode
DE
cdn-requestid
2b6f3d11ac8f0bb3ffb9103a2d0ae062
cdn-requestpullcode
206
cdn-requestpullsuccess
True
cdn-status
200
cdn-storageserver
DE-51
cdn-uid
50c043fb-dcd1-4574-9faf-b60384f66f78
content-encoding
gzip
content-type
text/html
date
Tue, 07 Jun 2022 18:31:47 GMT
last-modified
Fri, 06 Dec 2019 12:46:59 GMT
server
BunnyCDN-AMS1-879
vary
Accept-Encoding
nr-spa-1216.min.js
js-agent.newrelic.com/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding
gzip
etag
"63e2df852d15ab21d7ff8fc4363222e8"
x-amz-request-id
74D0PMFHP7WP50DN
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
18216
x-amz-id-2
HMfk0ASGr8lwHT+12p+1gWOnum+QLURCxWa/e5kA1dl6ehiLxaCeTY5+stCcO/KIxcTCSOsodXs=
x-served-by
cache-fra19129-FRA
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1654626707.343176,VS0,VE0
date
Tue, 07 Jun 2022 18:31:47 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4753
negotiate
wsjstream.wsj.net/bg2/signalr/ 		303 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wsjstream.wsj.net/bg2/signalr/negotiate?clientProtocol=2.1&connectionData=%5B%7B%22name%22%3A%22mainhub%22%7D%5D&_=1654626707314
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.129.100.179 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-100-179.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9c7ce5f84b07d2021cd44c176ff76f6bc71222389bd79af2e184014f472897af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 18:31:47 GMT
x-content-type-options
nosniff
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.wsj.com
cache-control
no-cache
access-control-allow-credentials
true
expires
-1
cd2b77ba49
bam.nr-data.net/1/ 		49 B
715 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/cd2b77ba49?a=906054257&v=1216.487a282&to=ZwEAbRQCWEVVVBYPVl5LJ0EWEVNFR10RSX51ME0WBxFCX1dbBxUWCgUQTQ8AWlN9Uw%3D%3D&rst=2345&ck=1&ref=https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400&ap=130.709985&be=791&fe=2307&dc=1283&tt=67a0fe6c57f6071d&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1654626705006,%22n%22:0,%22f%22:332,%22dn%22:334,%22dne%22:404,%22c%22:404,%22s%22:412,%22ce%22:429,%22rq%22:432,%22rp%22:730,%22rpe%22:758,%22dl%22:733,%22di%22:1281,%22ds%22:1282,%22de%22:1288,%22dc%22:2302,%22l%22:2306,%22le%22:2308%7D,%22navigation%22:%7B%7D%7D&fp=831&fcp=831&ja=%7B%22browserWidth%22:1600,%22uac-loaded%22:849,%22moat-loaded%22:933,%22apstag-loaded%22:939,%22gpt-tagLoaded%22:978,%22prebid-loaded%22:1009,%22gpt-tag-load%22:1149,%22apstag-firstBid%22:1323%7D&jsonp=NREUM.setToken
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 18:31:47 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
717b77792e579b4c-FRA
806.d903797a231742a4cece.min.js
video-api.wsj.com/api-video/audio/js/chunks/ 		114 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-api.wsj.com/api-video/audio/js/chunks/806.d903797a231742a4cece.min.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.146.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-146-246.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a0d3ba604090ddbe22bb41fae88ef3f8e54c9b0031dbf3cedb8406a79a15067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
9pYI4OCDOxHKL0YjAvuTkW3FsHU2h.kv
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
R7H513ZV757BZX68
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
36655
x-amz-id-2
yW/PmiJd8F8UDd9iXL3hz44lvwmqNjtHiBeTHxSAS3eDBVRzqL1p36JTnAgK9BaGrKuTtSm5+tg=
Last-Modified
Thu, 12 May 2022 19:23:03 GMT
Date
Tue, 07 Jun 2022 18:31:47 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
Cache-Control
max-age=3600
ETag
"b19bcda7f9355e4e5d2bac413350720f"
Accept-Ranges
bytes
Expires
Tue, 07 Jun 2022 19:31:47 GMT
find-all-videos
video-api.shdsvc.dowjones.io/api/legacy/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-api.shdsvc.dowjones.io/api/legacy/find-all-videos?type=read-to-me&query=SB11810340439002804574104588578322281411006&fields=adZone,allthingsd-section,allthingsd-subsection,audioURL,audioURLPanoply,author,body,column,description,doctypeID,duration,episodeNumber,formattedCreationDate,guid,keywords,linkURL,name,omniPublishDate,omniVideoFormat,playbackSite,podcastName,podcastSubscribeLinks,podcastUrl,sm-section,sm-subsection,thumbnailImageManager,thumbnailList,titletag,type,wsj-section,wsj-subsection
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:a000:6:60db:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
9ddc32f1f3c6b7049ecb31ed96176c1f0e9af0af7877cc2c999ad43bc3855d11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:31:47 GMT
content-encoding
gzip
etag
W/"978-8ua3JG20YvMJWhRD1hHtXY805OY"
x-amz-cf-pop
DUS51-P1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
x-amz-cf-id
XOMyX5L4IcbeqIs2lkvj7EiGeJgP3rYyYmPLvqUbchraK3yunNbdbA==
via
1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		377 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52ad644da868878b67f129a0857315706f2b683876f5ff18f0ffb5c546d44958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:31:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128968
x-xss-protection
0
expires
Tue, 07 Jun 2022 18:31:47 GMT
find-all-videos
video-api.shdsvc.dowjones.io/api/legacy/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-api.shdsvc.dowjones.io/api/legacy/find-all-videos?type=guid&query=7FFDDAD6-5FC1-4147-A2B6-F2CBEED76E42&fields=adZone,allthingsd-section,allthingsd-subsection,audioURL,audioURLPanoply,author,body,column,description,doctypeID,duration,episodeNumber,formattedCreationDate,guid,keywords,linkURL,name,omniPublishDate,omniVideoFormat,playbackSite,podcastName,podcastSubscribeLinks,podcastUrl,sm-section,sm-subsection,thumbnailImageManager,thumbnailList,titletag,type,wsj-section,wsj-subsection
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:a000:6:60db:a3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
f76e5d4bd961822b2cc790ad44e383d7a33a3f35a4953322d6aea1ecd0b406d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:31:47 GMT
content-encoding
gzip
etag
W/"aed-iqaFl4GkNsQ6II23o72emHRrowk"
x-amz-cf-pop
DUS51-P1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
x-amz-cf-id
jMtzEHs5MBq_OL4veK8iEBcPp9gDkJ7O11Wsa7QlykkMb-n8JcYggA==
via
1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
validate
a.vidora.com/v1/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.vidora.com/v1/validate?api_key=wsj.E4B14D56D6D304BA4A96A94B14D11AA9
Requested by
Host: video-api.wsj.com
URL: https://video-api.wsj.com/api-video/player/v3/js/video.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.204.205.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-205-169.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 07 Jun 2022 18:31:48 GMT
cache-control
no-cache
server
nginx/1.14.0 (Ubuntu)
content-type
application/octet-stream
transfer-encoding
chunked
expires
Tue, 07 Jun 2022 18:31:47 GMT
im-368558
images.wsj.net/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wsj.net/im-368558?height=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d600:e:b675:f600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Image Pipeline
Resource Hash
7cc6c4c10b542424c241dfa52ad54b930a6d32f70b5d1d580742e2f3a223df5b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

imagepipeline
20210713-161616-7c9c6082-81c2-440a-ad63-37a1deb53a09-wsj
via
1.1 6f70804d483d6d4c1e564e18fcd2c96c.cloudfront.net (CloudFront), 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
age
11362883
x-powered-by
Image Pipeline
x-dns-prefetch-control
off
edge-cache-tag
nrtools.im.prod.im-368558,nrtools.im.prod.im-368558_60x60
date
Thu, 27 Jan 2022 06:10:24 GMT
x-cache
Hit from cloudfront
x-amz-apigw-id
Ml2UkGPPIAMFSNA=
content-length
3737
x-xss-protection
1; mode=block
x-amzn-requestid
72ad599b-553e-4d68-978f-aac60d2cf47f
x-frame-options
SAMEORIGIN
x-amzn-trace-id
Root=1-61f23750-6f739f5e70f80a81712510ca;Sampled=1
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
x-amz-cf-pop
IAD79-C2, FRA2-C2
x-amz-cf-id
melaXlRcaRtCg3p_4g10bnQNK2WFTJ0HAGqJuAfY60IezZ_7CYeRxA==
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CB68E4BA55144CAA0A4C98A5%40AdobeOrg&d_nsid=0&ts=1654626707846
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CB68E4BA55144CAA0A4C98A5%40AdobeOrg&d_nsid=0&ts=1654626707846
367 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CB68E4BA55144CAA0A4C98A5%40AdobeOrg&d_nsid=0&ts=1654626707846
Protocol
HTTP/1.1
Server
34.252.147.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-147-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1731334c11557fe227669e713a472b152a727af0dba2ea4adcfde99e1f2a4ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v033-0ddbf482a.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
sAWGbe/0RsU=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.wsj.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
309
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v033-0fa624547.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://www.wsj.com
X-TID
9T8sFIKOR98=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CB68E4BA55144CAA0A4C98A5%40AdobeOrg&d_nsid=0&ts=1654626707846
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
id
oms.dowjoneson.com/ 		48 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oms.dowjoneson.com/id?d_visid_ver=4.4.0&d_fieldgroup=MC&mcorgid=CB68E4BA55144CAA0A4C98A5%40AdobeOrg&ts=1654626707850
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
410b8d8c630afefc91d4f518cc562fec4cfbc109c545dcc76b4ed3bdc505b0de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 07 Jun 2022 18:31:48 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-df488f754-8ztrc
vary
Origin
x-c
main-1645.Id526ce.M0-571
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.wsj.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame 5D3B 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
472523
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 07:16:25 GMT
expires
Fri, 02 Jun 2023 07:16:25 GMT
last-modified
Mon, 23 May 2022 16:49:57 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:31:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 07 Jun 2022 18:31:48 GMT
id
oms.dowjoneson.com/ 		48 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oms.dowjoneson.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=CB68E4BA55144CAA0A4C98A5%40AdobeOrg&mid=39573791219107198281068873311267617707&ts=1654626708017
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
bd394376a3c78023dd8ba9d0071f1b73b5692a85286c22e4adfd942af28b79f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 07 Jun 2022 18:31:48 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-df488f754-pg48f
vary
Origin
x-c
main-1645.Id526ce.M0-571
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.wsj.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/gif
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7B41 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 18:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 07 Jun 2022 19:05:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?aot=ob&tte=f&lid=158&sdkv=h.3.517.2&e=44750823%2C44752711%2C44760950%2C44761692%2C44762462&id=ima_html5&c=2111854881042286&domain=www.wsj.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 18:31:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
dpm.demdex.net/ 		362 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=CB68E4BA55144CAA0A4C98A5%40AdobeOrg&d_nsid=0&d_mid=39573791219107198281068873311267617707&ts=1654626708033
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.147.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-147-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
caffc235031602195d232af480e8e1cb65874807d8639f3e5943935e379c2408
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v033-0fbdf29f8.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
yRMGPvFrSts=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.wsj.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
305
Expires
Thu, 01 Jan 1970 00:00:00 UTC
start
wsjstream.wsj.net/bg2/signalr/ 		25 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wsjstream.wsj.net/bg2/signalr/start?transport=webSockets&clientProtocol=2.1&connectionToken=2483d0dd-13c4-4f64-afb7-ec2a9a56039d%3A&connectionData=%5B%7B%22name%22%3A%22mainhub%22%7D%5D&_=1654626708036
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.129.100.179 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-100-179.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 18:31:48 GMT
x-content-type-options
nosniff
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.wsj.com
cache-control
no-cache
access-control-allow-credentials
true
expires
-1
data
api.cxense.com/public/widget/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22categories%22%3A%7B%22subscriber%22%3A%22nonsubscriber%22%2C%22edition%22%3A%22naus%22%2C%22pwcampaign%22%3A%2254325%22%2C%22bucket%22%3A%229%22%2C%22testgroup%22%3A%2261%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22subscriber%22%2C%22value%22%3A%22nonsubscriber%22%7D%2C%7B%22key%22%3A%22edition%22%2C%22value%22%3A%22naus%22%7D%2C%7B%22key%22%3A%22pwcampaign%22%2C%22value%22%3A%2254325%22%7D%2C%7B%22key%22%3A%22bucket%22%2C%22value%22%3A%229%22%7D%2C%7B%22key%22%3A%22ver%22%2C%22value%22%3A%222.47%22%7D%2C%7B%22key%22%3A%22testGroup%22%2C%22value%22%3A%2261%22%7D%2C%7B%22key%22%3A%22topDomain%22%2C%22value%22%3A%22wsj.com%22%7D%2C%7B%22key%22%3A%22pwTag%22%2C%22value%22%3A%22default%22%7D%2C%7B%22key%22%3A%22pwPlacement%22%2C%22value%22%3A%22cx-pro-scrim%22%7D%2C%7B%22key%22%3A%22pwCampaign%22%2C%22value%22%3A%2254325%22%7D%2C%7B%22key%22%3A%22pwType%22%2C%22value%22%3A%22free%22%7D%2C%7B%22key%22%3A%22type%22%2C%22value%22%3A%22Pro%20Cyber%20News%22%7D%2C%7B%22key%22%3A%22template%22%2C%22value%22%3A%22full%22%7D%2C%7B%22key%22%3A%22access%22%2C%22value%22%3A%22paid%22%7D%2C%7B%22key%22%3A%22section%22%2C%22value%22%3A%22WSJ%20Pro%22%7D%2C%7B%22key%22%3A%22subsection%22%2C%22value%22%3A%22Pro%20Cyber%22%7D%2C%7B%22key%22%3A%22cms_name%22%2C%22value%22%3A%22METHODE%22%7D%2C%7B%22key%22%3A%22vix%22%2C%22value%22%3A%22%22%7D%2C%7B%22key%22%3A%22ab_bucket%22%2C%22value%22%3A%2215%22%7D%2C%7B%22key%22%3A%22pageContentTypeDetai%22%2C%22value%22%3A%22article%22%7D%2C%7B%22key%22%3A%22pageSiteProduct%22%2C%22value%22%3A%22WSJ%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2261%22%7D%2C%7B%22key%22%3A%22ctrlUrl1%22%2C%22value%22%3A%22https%3A%2F%2Fstore.wsj.com%2Fshop%2Femea%2Fwsjsemea822%2F%3FinttrackingCode%3Daaqxi2pw%26icid%3DWSJ_ON_ALL_ACQ_NA%26cx_campaign%3DWSJEMEAPTSFY22%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.wsj.com%2Farticles%2Frussia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400%22%7D%2C%22widgetId%22%3A%222de24eadb5f96a9436a375f0d2087dac83093d90%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22l44i0pvwn7sz7m8q%22%7D%7D%2C%22prnd%22%3A%22l44i0ozmotiaatvf%22%7D&media=javascript&sid=9222318613852486900&widgetId=2de24eadb5f96a9436a375f0d2087dac83093d90&resizeToContentSize=true&useSecureUrls=true&usi=l44i0pvwn7sz7m8q&rnd=1394197259&prnd=l44i0ozmotiaatvf&tzo=0&callback=cXJsonpCBl44i0qxuhhpjbrsn
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
5c6371d6271a9575d2849e8ba4962459aaa2b9912d68f2b5c5aa6c4ea7c7b95f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 18:31:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript;charset=utf-8
content-length
5808
expires
Mon, 26 Jul 1997 05:00:00 GMT
dest5.html
dowjones.demdex.net/ Frame 05A7 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dowjones.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.150.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-150-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v033-093c98d9b.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
fcbQdCYNRUc=
content-encoding
gzip
date
Tue, 7 Jun 2022 18:31:48 GMT
last-modified
Thu, 26 May 2022 14:42:23 GMT
vary
accept-encoding
ibs:dpid=411&dpuuid=Yp_ZlAAAAF2dzwMx
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=79881919013703691033062505381183092020
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yp_ZlAAAAF2dzwMx
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yp_ZlAAAAF2dzwMx
Protocol
HTTP/1.1
Server
34.252.147.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-147-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v033-093c98d9b.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
m2nzOr7jRbU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yp_ZlAAAAF2dzwMx
Date
Tue, 07 Jun 2022 18:31:48 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
ibs:dpid=411&dpuuid=Yp_ZlAAAAF_38wOJ
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=39561299241864556681069876428853764235
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yp_ZlAAAAF_38wOJ
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yp_ZlAAAAF_38wOJ
Protocol
HTTP/1.1
Server
34.252.147.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-147-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v033-0c1662d6b.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
gB02Ssm+SrY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yp_ZlAAAAF_38wOJ
Date
Tue, 07 Jun 2022 18:31:48 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
cd2b77ba49
bam.nr-data.net/events/1/ 		24 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/cd2b77ba49?a=906054257&v=1216.487a282&to=ZwEAbRQCWEVVVBYPVl5LJ0EWEVNFR10RSX51ME0WBxFCX1dbBxUWCgUQTQ8AWlN9Uw%3D%3D&rst=6412&ck=1&ref=https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Requested by
Host: www.wsj.com
URL: https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.wsj.com/articles/russia-linked-ransomware-groups-are-changing-tactics-to-dodge-crackdowns-11654178400
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 07 Jun 2022 18:31:51 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.wsj.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
717b77926db49b4c-FRA
Content-Length
24

Verdicts & Comments Add Verdict or Comment

198 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| utag_data object| aceConfig object| googletag function| __tcfapi function| djcmp object| ace function| __ace object| ace_data function| moatYieldReady object| apstag boolean| supportsPreload function| loadCSS function| whenAvailable function| loadJs object| NREUM object| newrelic function| __nr_require object| observer object| _perfMarkAllowedList function| djcmpCheck function| optimizelyWrapperWithoutGDPR string| AB_EXPERIMENTS_OPTIMIZELY_EDGE_EXPERIMENT_ID string| AB_EXPERIMENTS_OPTIMIZELY_EDGE_PROJECT_ID boolean| AB_EXPERIMENTS_OPTIMIZELY_USER_LOGGED_IN object| _kiq object| surveyStyles object| INITIAL_PROPS_SKIP object| INITIAL_PROPS_HEADER object| regeneratorRuntime object| _sp_ object| __dataLayer object| __dataProvider boolean| isMoatTimer boolean| moatReady object| moatQueue object| __uac object| adslots function| __buildAd function| __setExperimentalTargeting function| __setTargetABExperiments object| aceManifest object| INITIAL_PROPS_ARTICLE_TOOLS object| INITIAL_PROPS_SHARETOOLS undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_33856878 object| Moat#PML#26#1.2 boolean| Moat#EVA object| MoatDataJsonpRequest_33856878 object| moatPrebidApi boolean| apstagLOADED object| WEBUI_NEWSLETTERCARD object| ggeac object| google_tag_data object| google_js_reporting_queue object| prebidBiddingData object| pbjs function| readCookieValue function| getParameterByName function| setHbTestKey function| addHbTestKey function| isDebug function| logMessage function| pbjs_log function| getMeta function| getPrebidPageConfigure function| setupABTest object| ProgrammaticBidding object| headertag object| ortbSiteExt function| pbjsChunk function| AppNexusPrebidAnalytics object| _pbjsGlobals string| pxSegmentIDs object| gapi object| ___jsl object| INITIAL_PROPS_WSJFOOTER object| UrlCache object| SUBSCRIPTIONS object| SWG function| GaaGoogleSignInButton function| GaaGoogle3pSignInButton function| GaaSignInWithGoogleButton function| GaaMeteringRegwall function| GaaMetering undefined| videoScript undefined| videoCSS undefined| videoInit boolean| delayOptimizelyForVid string| ASSET_PATH boolean| creativeVendorLibraryLoaded undefined| google_measure_js_timing number| moatTimerId function| requirejs function| require function| define object| webpackJsonp object| rIuoao2 function| rIuoao3 object| xop object| _sp_queue boolean| videoLoaded object| cxdj object| cX object| cxenseOffers object| webpackChunk$jQ111 object| _vidora_jsonp object| vidora object| Conviva object| _comscore object| COMSCORE object| adobe function| Visitor number| s_objectID number| s_giq function| AppMeasurement function| $jQ111 object| ats object| OFxPdD2 function| OFxPdD3 function| xblocker object| W1Ep2O function| W1Ep2i function| xblacklist object| BlueGrass2 object| FrameMessenger object| ReactDOM object| React function| setImmediate function| clearImmediate function| P object| dj function| cxCCE_callQueueExecute object| cxTest object| KI object| webpackChunkcom_marketwatch_audioplayer function| com_marketwatch_audioplayer undefined| cXJsonpCBl44i0q7xw6uswse0 undefined| cXJsonpCBl44i0qa6icowvkpa undefined| cXJsonpCBl44i0qa8sgzddd1k undefined| cXJsonpCBl44i0qa98nrae59s function| cxActionSubscriberTopRhsTest function| cxActionSubscriberTopRhsTrialist function| cxRunHokTest75e function| cxUpdateSubscribeLinkWithPopupUrl function| cxHandleNonSubTopRhsHeaderClick function| cxHandleSubTileAppCtaButtonClick object| uacQueue object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| s_c_il number| s_c_in object| closure_lm_360343 undefined| cXJsonpCBl44i0qxuhhpjbrsn object| closure_lm_616292

32 Cookies

Domain/Path Name / Value
www.wsj.com/articles Name: djvideovol
Value: 1
.wsj.com/ Name: wsjregion
Value: na%2Cus
.wsj.com/ Name: gdprApplies
Value: true
.wsj.com/ Name: ccpaApplies
Value: false
.wsj.com/ Name: ab_uuid
Value: e9114a1b-7dfb-457e-867a-3a8a1cdca9de
.wsj.com/ Name: usr_bkt
Value: HY0f8Of9M1
.wsj.com/ Name: usr_prof_v2
Value: eyJpYyI6MX0%3D
.wsj.com/ Name: has_optimizely
Value: true
.google.com/ Name: NID
Value: 511=oemZTtKYtpHR9XuO6PwqHXySOtN87KSNFj744PMrahyrJ3o3A6Ik9HyuvU-MJ43OrNNcyIDqthVbUPZRknUxvnKheSoFziT2cM7NR3hgRE4XQu2YM5X7P27sOVdiie4go7eZNmozmEoBw7LpPrM9gkt8CtY6TH8ll7Nvv3GebFY
www.wsj.com/ Name: _sp_v1_uid
Value: 1:959:23b147f4-7e6d-456d-90b0-2511c20cf998
www.wsj.com/ Name: _sp_v1_data
Value: 2:371407:1654626706:0:1:0:1:0:0:_:-1
www.wsj.com/ Name: _sp_v1_ss
Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbKKxsrIAzEMamN1YpRSQcy80pwcILsErKC6lgwJpVgAEA5-UnQAAAA%3D
www.wsj.com/ Name: _sp_v1_opt
Value: 1:
www.wsj.com/ Name: _sp_v1_consent
Value: 1!0:-1:-1:-1:-1:-1
www.wsj.com/ Name: _sp_v1_csv
Value: null
www.wsj.com/ Name: _sp_v1_lt
Value: 1:
.wsj.com/ Name: consentUUID
Value: fdca4211-501e-472c-b0fb-624bbf888a23
www.wsj.com/ Name: _lr_geo_location
Value: DE
.wsj.com/ Name: cX_P
Value: l44i0pvwn7sz7m8q
.wsj.com/ Name: cX_S
Value: l44i0pw3nggkiqq5
.wsj.com/ Name: cX_G
Value: cx%3A24ukhc6592gvin9jxx1taa94t%3A2xwjotfg3m82v
www.wsj.com/ Name: vidoraUserId
Value: 5t5o27ddmrgltm4spq07s2lc6u9jr8
.cxense.com/ Name: gckp
Value: cx:24ukhc6592gvin9jxx1taa94t:2xwjotfg3m82v
www.wsj.com/ Name: ki_t
Value: 1654626707309%3B1654626707309%3B1654626707309%3B1%3B1
www.wsj.com/ Name: ki_r
Value:
.nr-data.net/ Name: JSESSIONID
Value: fe445c980d0d10e8
www.wsj.com/ Name: djvideovol
Value: 1
.demdex.net/ Name: demdex
Value: 79881919013703691033062505381183092020
.wsj.com/ Name: AMCVS_CB68E4BA55144CAA0A4C98A5%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yp_ZlAAAAF_38wOJ
.dpm.demdex.net/ Name: dpm
Value: 79881919013703691033062505381183092020
.wsj.com/ Name: AMCV_CB68E4BA55144CAA0A4C98A5%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C19151%7CMCMID%7C39573791219107198281068873311267617707%7CMCAID%7CNONE%7CMCOPTOUT-1654633908s%7CNONE%7CMCAAMLH-1655231508%7C6%7CMCAAMB-1655231508%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19158%7CvVersion%7C4.4.0

2 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope&cv=CPaMdIAPaMdIAAGABCENCSCgAAAAAELAAAYgAAAN1gEgAZABAAE8AR0BBwEIAJ2AYEA-wDdQBwkAMADIATwBHCgAYAGQBHAN1GAAwAMgCOAbqOgBAAZAEcQABAAZAEcSABAAZAEcUgBAAgACeAAA.YAAAAAAAAAAA&ct=4
Message:
Failed to load resource: the server responded with a status of 451 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vidora.com
accounts.wsj.com
api.cxense.com
api.rlcdn.com
api.vidora.com
apis.google.com
as-sec.casalemedia.com
asset.barrons.com
ats.rlcdn.com
bam.nr-data.net
c.amazon-adsystem.com
cdn.cxense.com
cdn.privacy-mgmt.com
cdnjs.cloudflare.com
cl.qualaroo.com
cm.everesttech.net
comcluster.cxense.com
dntcl.qualaroo.com
dowjones.demdex.net
dpm.demdex.net
fonts.gstatic.com
geo.moatads.com
geo.privacymanager.io
id.cxense.com
id.sv.rkdms.com
images.wsj.net
imasdk.googleapis.com
js-agent.newrelic.com
match.adsrvr.org
mb.moatads.com
news.google.com
oms.dowjoneson.com
p1cluster.cxense.com
pagead2.googlesyndication.com
play.google.com
s.wsj.net
s0.2mdn.net
s3.amazonaws.com
securepubads.g.doubleclick.net
segment-data.zqtk.net
sts3.wsj.net
tagan.adlightning.com
url9274.cyberheistnews.com
us.tags.newscgp.com
video-api.shdsvc.dowjones.io
video-api.wsj.com
wsjstream.wsj.net
www.gstatic.com
www.wsj.com
z.moatads.com
108.129.42.99
108.138.4.10
108.156.60.66
13.224.198.49
13.225.77.105
13.225.77.24
13.225.77.91
142.250.185.226
147.75.83.64
147.75.85.120
15.236.176.210
151.101.194.137
162.247.241.14
167.89.118.83
18.169.253.44
18.64.103.62
23.35.236.247
23.35.237.151
2600:9000:20eb:c400:19:3d3:51c0:93a1
2600:9000:20eb:d200:1a:635e:8fc0:93a1
2600:9000:21f3:ba00:3:4b0:de80:93a1
2600:9000:21f3:d600:e:b675:f600:93a1
2600:9000:224a:a000:6:60db:a3c0:93a1
2600:9000:225f:6600:f:5016:900:93a1
2606:4700::6811:180e
2a00:1450:4001:810::2006
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a02:26f0:6c00:2bf::268b
3.129.100.179
3.248.150.209
3.33.220.150
34.120.133.55
34.252.147.157
50.17.69.144
54.145.162.27
54.154.144.208
54.204.205.169
54.231.136.248
84.17.46.53
96.16.146.246
019088f98a0ea33df9005adf19912c2adff736fb0ffd977b911b352e5db6b6a5
02150b16d794354b660b5569e7080cdb02fbc09df350091093de5851ad616f20
04063ad56ca7c197983ea3d8af59127c170f3336caf0b9d5f2591adf6373e842
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a7e14b5df09283ed03dd21b1e5588dfed523d0269f1f48d36c24ada43b46196
0bfda38967e02f468abcb39f9ee8c1a0eab48b2a2be819e76fd313c71e1cc94c
0c27785849601e7683d75644433f48c9623d4206ebac7a801a64fb7f547971a6
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d822017f60343257c897877615706808054cfbed8f53ccad98dcd26d2639aad
0dde6468a37d7df9bba8fbab9d57c7034133093f5c6aab5e8d4183bdb61108e7
0fe343232145a80a8973028881cf744933e1d9483840c78f02a1cfeafef3b00d
101f31de0eb17963d25d2316735d684823b5e8b12c13fada3f3b719cd8ba8b3a
1552188fc95b4f51c7b8ad7e9953959d653d832dcda0153fc4afdf2c9e780a4e
1621e9e820a678588688774d9f1b3cd8352208db0de317e73635fed4a34df3bc
1a2953c323d5dc9e496ffe18c2a8dac61c62e45e0775a965ce05330921355b96
1c17d4859b5965703016da80abffa3b5b67016017143c9a4d1673f9ca636aeb5
1ea45b0edffa1a8757b5196cd16bb02dcedfac555eaf9bf738312e3860dcc374
1eabadac42cf734244db7ffc1ccbe12580ef8574ca267ca2f106439d9eb6169e
23583bd9fb970e8849b1cd42b0d11eaeaa1838ae1b2fb5387b1c47bd6b28b990
254d03ab9a5d2a1151000597048262542abf57d997968985aa935d992a1a4e2c
267643b1790a2c87a0fdfec4a2cccd321cd1b22a5d7af7861bd8f118f3d74e3f
27fd73dee5596813bbd6282a821926ae6cd1281f9736d98943a1deb6955608ee
29e8b727553c100c6c857831b061d7eec0728640a7041ace40689629a7032e2a
2ad4a9b9e1d7bda32834af951eadbe33f30183272a09c596febf458d07cfa916
2caffbec2a4d88bfb862f130ca1886b71f0c11c45f7cb764e6ddb7d21c0e52ff
2d6c01123fc24ab7bc7871fef44091c438df9d40906b0f8fa350dea0c2aa41db
2d858a3dbb03600e19a60079cb0aefd2d3ade061f28bc40d457bb46a3cf0ff84
2e8900ba4a5768754de4fc21bcdde72bdcafa25c6c766a7f3bc44bf6c21fc412
30f50c27fb65c2f79bda64a7f209fd8af7abace857ade7dc29e9539587ace1a2
31a3304c43792557464b58897b722cdd3d4527514479cf6fdfd8882d26328adb
38a583de4c9a85114ea0d3811417028bd25ca29b2eed3f84372822c527d01ca6
3a760ad2462e5115efb1336e598dd00a47072606dedbdb0bb0f75747529228f7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e42e2f6cd0c93f1e9f5f560d0f430749d4eb5b69adf9ad72a76e73862a26dfc
3fef2bb487a75c68deb09f1bb519592f7688129de30f665c72d577df95c102a8
40672ed66aee4f8869afe0722b3cdd855d829b009639dbc795e757c41712569e
410b8d8c630afefc91d4f518cc562fec4cfbc109c545dcc76b4ed3bdc505b0de
41e3398a590a67abd119885b7cd7e138273126b72a7a9122ebbf438c469da619
428e345114b5c47392b4afcef76e6a68cb67fac10ef9a4ae2eba20d1573c35d6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45687ee74e37aca947c00f003297e6497a6b83f2fc22f86d4faaaba803ecefc9
471fe2996db186a05e20d52b03a8cd99b17f6be67d96603689701019afb84629
47ac7224dae73ee65715e8ce609f19b965e33e34908d3c493f67a14b7ed2b948
497f169256ff4f0af835f665a2d105f02e0f12bf078572d12dcbaf6d25328b8d
4ae9dfabd3a82cf3350c556619f2625382755759d1dfbb3b5de22fb59ba07172
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4bcd35fc37fb9bb2a2687152e96b39045e222b302d8cf23bc3429710a3ecf4c1
4bd2ddea4ae7c1bc280443e24892e8db3b17179ce81f358077c2076840786390
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50417f2cd8521fb1f672e3bb87c6f63777b994ee05372790200174e57062d35e
5054a1af89cc72bcb7c086ce9fc4f8a6fc230b90b92c6dbf340bb25cd728a02c
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
51547de25ed0756832e259e8eac96c8b4b999c54b85f5a4cc40b2ab7e0f33043
52ad644da868878b67f129a0857315706f2b683876f5ff18f0ffb5c546d44958
532c2d8f9559fda3ce86b181d11ac8386bc52431ee8d4f38c781e89064979d64
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
56826e7a9bb17601ecc3b711c12eed9eb72bb07c534bbd5232c874b9020505ea
573819ae58c176ff238c399cadd5beb93419f743b675274ff2326b13c7fdf84b
5a58836a49ebe0506fa0b0e06dc47085eeff922c34aa9be92c2312ed64c14b99
5b3dafb879aa963cc146639ed50803bb8496968027f35dba28d1e39d0b5ed17d
5c6371d6271a9575d2849e8ba4962459aaa2b9912d68f2b5c5aa6c4ea7c7b95f
5e8ddc3d47b171623e642528c007773d9b6ad9544ba2ac36cb96ad437fc0c411
62c45b235100e790ed2d9bd04fd554b63e0c579285ceeb5554a75f92820b1571
686eaa4284b6d9f12ba07c7c69cf3b97c51c54caedfe533ddb2b57b0c3780c98
6a0d3ba604090ddbe22bb41fae88ef3f8e54c9b0031dbf3cedb8406a79a15067
6b88892d01e0509dd58d06e15d4a452fb1772ef126c086a6e954633f4f442ab6
6cedfbf1ed30372e4c4ee33a376b3126170c883e2fd6438fccae0e7249bf4251
6eda20d6ce0850bdb8601b0f070ab56a8f4d714962e524225c85e7199802ec93
716a2ff510d84b544ada9d563b5713401aa5736f6a2cf91b309bbad418231eab
755d13ecd7388260dd8e2f8a1f587e0ee5e8119c3748b5f308f8c983c068d15a
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7cc6c4c10b542424c241dfa52ad54b930a6d32f70b5d1d580742e2f3a223df5b
7d839c332db4f1ad40533b273945219eca20b60406ed4ef1eacbfd163ab9eb96
818af5a4769e3c17b6fb72d22039497985a5fb7fce1607addd5eb2d0ad403f0b
887de9d5addaa27f38c1014fdb7f42e7f36dd3df590ba77284500b043a93e0c8
894324ba8423205ef2d94cd709c5f397932f26693dccabad1110cbb886ebcb64
8970a5667afeafd5746bf5774ddf7f6f708ee9bcead0ef0cd8520d11e912688e
8b2bc0afa46bdbe8d1ae0b9981af58a37b994f4fbcd7bc692a7b94fd7dcfdd9d
8c14dd9179913a3fb6d8bee3165293a61a0ffe62aca3be04bae738b5bce30a13
8c337f9794d78976b5880cd58f4d0c0970d605ed10dc881ee332fc6ddc1a26a1
8d415c84ae3caeab1ef04300f0e9358fde343c99c434645337c0bde0d143d65c
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8e99680136631fa481607c9852c9779fe1690536eb234d9c0da59558dd22a13f
90ac2f81611c458309bf3386cdfd89232953170c539c8c6f8190d90baf08a586
90f0e51c14f3f2b7f591db5a8f4738e9fbe89da7695921f57efd73c0454f0b52
916c3c35f2c56ebe9067d9d5774f231662ffa1ea882d3d9cb7774881e361cbb6
92248331dcaa0a7b3f49aed907a59653f3dca2a4ff01500eb1cedc7f56b05dab
92c50838c4570e4cf1eb0b4eb4ba5f96c65ea0caa081394cca1fb72c1e955f02
98a5c3dec2ef027ad3ccf631ca493e44ba08cb81380e704052e7a55d967f0a4a
9a859b80f64be563d5e8f79f7a54b8e679f9afde8b51607961e7abe2863b7ed4
9c7ce5f84b07d2021cd44c176ff76f6bc71222389bd79af2e184014f472897af
9dd53cadfbf66ce7e9c8e791a0ae8aeafa53a890ed726e53b851a2687fc1a49b
9ddc32f1f3c6b7049ecb31ed96176c1f0e9af0af7877cc2c999ad43bc3855d11
a12c0f22b7f365e56c83cb26c3bdab54cd8940487c5da0baa0ebcaf886a3a094
a390f4498a7b5e34c082b9cb5691116fe75cc8769e5f2a84bac38b93d27dbf03
a68ce1b17e2aeccd2a267d19e1a2a3c1f345b1555022484d85013f04c0a8af83
a71d84f1b53f545fd62160359e05bb751aaefde1cebc05e5ce49d258a3b9eeac
ac6f4240056a1b82f61bf9724639f9472e272c1a9e91741b6082bf1a731c59be
aec4674e528ff0149d1d33a7cef62d355857a050f0a9be163f03489bae51ea3a
af185a8c04134f7066d522f44998c73a7019e338d383373ff88c65e60c098e42
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14684edc7a33025134268da451328fe23fd64c0ab1614a9811f47b3dbe944b4
b1ce2a3c8bdb62430fcf57ff2052ce9153adcc0d56b2a657efc7e0a567b5cef1
b20d6977febb2f43faa4fb544ce570474e24120b0ab97806f53254681712ec2b
b2d5e2a69bbebcaf505d91ed8d4301a54e5de43d9d4571317405660effeceea8
b2e2386c30486c971132fed14b9d456824f371682c4ff450bed7fb3e4705b6ee
b6f103590dfe3286553802727cbd102225a0363c0f8654cbdaaa70b43416182b
b76239cd0cadc8d8e09c76653f1dfbc675d20b075104409041506ccc94706745
b79733b23be8774a3c3aeb2a7de5ea5a0ee5ec3fe425d8f79b0f5c7f36bf54ed
b79b2cf11707054066850ee05de2f625d9914558836d3065c20e7f9776440ff6
b8e6d8a6323a964529cce171bf500183091773048de58cf73b05f1f96bc5acf8
bd394376a3c78023dd8ba9d0071f1b73b5692a85286c22e4adfd942af28b79f8
bd3fe0ec6c3609957a35e25473b78d5512f6ea023615634de1d04a2de4b9f996
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
beec0e606b0397cdc95eba5c160317d7c73f18917d6cb2ec97795aec9b10fafa
c31b906cca9bc6a02bc951518c76295bcbd05858dc69821fb5ae5393a99a3f8a
c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20
c515d84239266624e92f16089179ff92f92ec8e498b3c6e99ac8a6b110050f9d
c902ab00352d0ae869550735beabccb7b86654e7198b2d2954bdd3864119496f
caffc235031602195d232af480e8e1cb65874807d8639f3e5943935e379c2408
cb84f1577f2abfa78ac5451f064b8aecf25e18adb887cba39a30a8193c8c2825
cd6e1b047c6ff55df32853dc017dfc0d353027c8b5f564f8b06584bff654642a
ce1681fd1ad1eb968a2e3f571eb2380a95a1d8a8a3f240c25ed86430c5548987
ce2f5e811c78e09a295bb6d3efaf7731875d179b6d210678614d52dd03a4c09e
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d120a857812a3e13d55b8532a3d7d078db890246c529b81cc571e7d1d6d06adf
d1731334c11557fe227669e713a472b152a727af0dba2ea4adcfde99e1f2a4ab
d21a86121c86cd91c03464bc07e5e5dddf36b5c782a267f69d9144c82e84119f
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d394e2541057139262ca3d045e0853f8df74d6c5a921db32bf414bbe4233d5fe
d9c68ff44bf762aae92a7ea0e313c7a496fb8a81abe44ea1e5119433502be480
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc234d2ae3c7e323e3aa487fbc55740086b8c8373d63e5e3cac10cb155f79145
e24d8d4e91e562732232a828cbdccb64e7d3776be718e36428385c6846536c20
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e25ed47760171cb2efa98c9de195db1ff71ea9691327c4053ea8b76c7d6e269c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44c2bd3fcb63252c32533649842ac8c811d263623b726c25b28f5427d23dcff
e4a68873dd8d566b56a8b2d6223d95effc11ab6edca77f3eb6a512b3a95832a2
e5802f293c62b42467e0bee021146995034e4ea8741864d07473ebb4556fe3eb
e5811d2c839968d325d56766d7d39198b122a014125f7c3e230f0d91312fb7e4
e7597fa975221ba2a29c000203a1c7f2f1cabb7b977ae08000178ef890e5d6cc
e76e7cdbe9fb1c62a52a8d8f5394cdd3f145c124e2e71cc507dc8cb6e8ac285b
e78be1060337d94e996119488a82835fa19cdd0ace3b60ebeccdebff1c899cd0
e7ae8a5e0869a1bbd53da87bba843e2508746611c0d669a64a863be91433c766
e882f21f00443d4bd815464bda4aab82c1b0280a8fede958d7e429a5d29cd46f
e9c7526ec3a5c04c910452e15c7a384a95b3c6925486b9204d4ffd621eaf443f
eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f
ec5aef56172acb4f9cc7a533d8846bd6f4c12a8bb635321299d375c3a986095d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f173ce9aba85239293aa2d30b59d8e9769ab57261a63376147b22773f84972bb
f27f7b08cdba301dc4a18d86a6749ca5e133b70aa2fdc166327c8be7d9a30a37
f28aad5e4303e98d21626c1044e8afcba3e8dce789e9c6245084bfc83082503e
f76e5d4bd961822b2cc790ad44e383d7a33a3f35a4953322d6aea1ecd0b406d1
f991604789d1e2850a2fa69278386e36cce9e05a2b90c1c71abcd29c931c2373
fbcd9e6a54f9ff5f78fc0d04ab17fb10d25225b3ec99e77f1149cf6d68562a6f
fdfe4850c2e1cf74ec48f4b471e58129afd5ced7035cd9c5313658523abd6974