URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Submission: On October 07 via api from US — Scanned from DE

Summary

This website contacted 8 IPs in 2 countries across 3 domains to perform 42 HTTP transactions. The main IP is 45.40.132.39, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is articles.sanctionsassociation.org.
This is the only time articles.sanctionsassociation.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 45.40.132.39 26496 (AS-26496-...)
2 143.204.98.74 16509 (AMAZON-02)
1 18.66.97.22 16509 (AMAZON-02)
1 52.29.0.64 16509 (AMAZON-02)
6 142.250.185.163 15169 (GOOGLE)
1 143.204.98.14 16509 (AMAZON-02)
7 13.32.121.24 16509 (AMAZON-02)
42 8
Domain Requested by
22 articles.sanctionsassociation.org articles.sanctionsassociation.org
7 platform-cdn.sharethis.com articles.sanctionsassociation.org
6 fonts.gstatic.com articles.sanctionsassociation.org
2 platform-api.sharethis.com articles.sanctionsassociation.org
1 count-server.sharethis.com platform-api.sharethis.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
42 7

This site contains links to these domains. Also see Links.

Domain
sanctionsassociation.org
home.treasury.gov
www.facebook.com
twitter.com
Subject Issuer Validity Valid
sharethis.com
Amazon
2021-07-19 -
2022-08-17
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh

This page contains 1 frames:

Primary Page: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Frame ID: B1BDC1E17888D4A5D8EF63F77420BC33
Requests: 42 HTTP requests in this frame

Screenshot

Page Title

Potential Sanctions Risks for Facilitating Ransomware Payments | Association of Certified Sanctions Specialists Blog

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

42
Requests

40 %
HTTPS

0 %
IPv6

3
Domains

7
Subdomains

8
IPs

2
Countries

655 kB
Transfer

2352 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
151 KB
27 KB
Document
General
Full URL
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
257ffb778dcba1ec4d81629b9ad3d9ac2781e4a2c2d84f5f0d59630bc1b387d8

Request headers

Host
articles.sanctionsassociation.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 07 Oct 2021 06:57:23 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Link
<http://articles.sanctionsassociation.org/wp-json/>; rel="https://api.w.org/", <http://articles.sanctionsassociation.org/wp-json/wp/v2/posts/248741>; rel="alternate"; type="application/json", <http://articles.sanctionsassociation.org/?p=248741>; rel=shortlink
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
style.min.css
articles.sanctionsassociation.org/wp-includes/css/dist/block-library/
79 KB
11 KB
Stylesheet
General
Full URL
http://articles.sanctionsassociation.org/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:24 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Aug 2021 10:14:57 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
10523
Expires
Sat, 06 Nov 2021 06:57:24 GMT
mu-style.css
articles.sanctionsassociation.org/wp-content/plugins/sharethis-share-buttons/css/
26 B
426 B
Stylesheet
General
Full URL
http://articles.sanctionsassociation.org/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=5.8.1
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
f85e538e44687fc0feaa2f66a67831ec9f9b03446f115dec74b996da4a0a4a52

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:24 GMT
Last-Modified
Sat, 28 Aug 2021 13:25:27 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
26
Expires
Sat, 06 Nov 2021 06:57:24 GMT
style.min.css
articles.sanctionsassociation.org/wp-content/plugins/divi-blog-extras/styles/
70 KB
9 KB
Stylesheet
General
Full URL
http://articles.sanctionsassociation.org/wp-content/plugins/divi-blog-extras/styles/style.min.css?ver=2.6.3
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
f00f8973de9b0b5c7afff33f53eadde98f802fbc44bf8beefd09a549430b4009

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:24 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Aug 2021 10:14:38 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8878
Expires
Sat, 06 Nov 2021 06:57:24 GMT
style.min.css
articles.sanctionsassociation.org/wp-content/plugins/divi-essential/styles/
703 KB
66 KB
Stylesheet
General
Full URL
http://articles.sanctionsassociation.org/wp-content/plugins/divi-essential/styles/style.min.css?ver=4.4.5
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
c07f64478a2897a11d14d11ca8277b03ddfa5f6a52fd76e63bc0a456c09d4681

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:24 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Aug 2021 10:14:40 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Expires
Sat, 06 Nov 2021 06:57:24 GMT
sharethis.js
platform-api.sharethis.com/js/
183 KB
41 KB
Script
General
Full URL
http://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
143.204.98.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-74.fra50.r.cloudfront.net
Software
/
Resource Hash
b3dca6992b4f8770bc3dba5f82f6325a82d2adabf685da88d950f6fe87b16716

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:47:46 GMT
Content-Encoding
gzip
Age
578
X-Amz-Cf-Pop
FRA50-C1
ETag
W/"2dcf1-RQaJcGO9+DuZ32kDJGMESLkOoPg"
Vary
Accept-Encoding
X-Edge-Origin-Shield-Skipped
0
Content-Type
text/javascript; charset=utf-8
Via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
Edge-control
cache-maxage=60m,downstream-ttl=60m
Cache-Control
max-age=600, public
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
fHFDdmUtP0SR2JU1i092S_Cc8ffykVxFm736_aAaV9njUZgPJ7dQzg==
sharethis.js
platform-api.sharethis.com/js/
183 KB
41 KB
Script
General
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-74.fra50.r.cloudfront.net
Software
/
Resource Hash
b3dca6992b4f8770bc3dba5f82f6325a82d2adabf685da88d950f6fe87b16716

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 06:47:46 GMT
content-encoding
gzip
age
579
etag
W/"2dcf1-RQaJcGO9+DuZ32kDJGMESLkOoPg"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
text/javascript; charset=utf-8
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
h1YnF-qANEQY-_43AUmnxw8VfwBfG6_o0XaQLIzzSih1I4lQJvNzqQ==
et-divi-customizer-global.min.css
articles.sanctionsassociation.org/wp-content/et-cache/global/
5 KB
2 KB
Stylesheet
General
Full URL
http://articles.sanctionsassociation.org/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1632436719
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
c05b146fe5fddb6b2f805e4c66e2aeed49a0b10fdedd163fee342fca3ad33992

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Sep 2021 22:38:39 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1454
Expires
Sat, 06 Nov 2021 06:57:24 GMT
et-core-unified-tb-248424-deferred-248741.min.css
articles.sanctionsassociation.org/wp-content/et-cache/248741/
1 KB
694 B
Stylesheet
General
Full URL
http://articles.sanctionsassociation.org/wp-content/et-cache/248741/et-core-unified-tb-248424-deferred-248741.min.css?ver=1633184166
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
ed895fdc1b594317aac4796d97607b9d10ef864013dffc5d279a1afa5f481082

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:24 GMT
Content-Encoding
gzip
Last-Modified
Sat, 02 Oct 2021 14:16:06 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
270
Expires
Sat, 06 Nov 2021 06:57:24 GMT
Logo_Now.png
articles.sanctionsassociation.org/wp-content/uploads/2020/11/
23 KB
24 KB
Image
General
Full URL
http://articles.sanctionsassociation.org/wp-content/uploads/2020/11/Logo_Now.png
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
a1994df345e0e4d35a82c3618067bc4dfec559b5f76c4f4ee4ce5b07e99a8449

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Nov 2020 04:51:28 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
23661
Expires
Sat, 06 Nov 2021 06:57:25 GMT
jquery.min.js
articles.sanctionsassociation.org/wp-includes/js/jquery/
87 KB
31 KB
Script
General
Full URL
http://articles.sanctionsassociation.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:24 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Aug 2021 10:14:56 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
30908
Expires
Sat, 06 Nov 2021 06:57:24 GMT
jquery-migrate.min.js
articles.sanctionsassociation.org/wp-includes/js/jquery/
11 KB
5 KB
Script
General
Full URL
http://articles.sanctionsassociation.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Aug 2021 10:14:56 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4169
Expires
Sat, 06 Nov 2021 06:57:25 GMT
default-value.js
articles.sanctionsassociation.org/wp-content/plugins/divi-essential/scripts/
11 KB
3 KB
Script
General
Full URL
http://articles.sanctionsassociation.org/wp-content/plugins/divi-essential/scripts/default-value.js?ver=1633505140
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
ba66e626b8fffd184d979cab2bd8deeb36f47a89d5e7bffc083d940c006b0a83

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Aug 2021 10:14:40 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2530
Expires
Sat, 06 Nov 2021 06:57:25 GMT
magnific-popup.min.js
articles.sanctionsassociation.org/wp-content/plugins/divi-essential/scripts/
20 KB
8 KB
Script
General
Full URL
http://articles.sanctionsassociation.org/wp-content/plugins/divi-essential/scripts/magnific-popup.min.js?ver=1633505140
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Aug 2021 10:14:40 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
7348
Expires
Sat, 06 Nov 2021 06:57:25 GMT
imagesloaded.min.js
articles.sanctionsassociation.org/wp-content/plugins/divi-essential/scripts/
5 KB
2 KB
Script
General
Full URL
http://articles.sanctionsassociation.org/wp-content/plugins/divi-essential/scripts/imagesloaded.min.js?ver=1633505140
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
5a65b0ca177f1c0433c0ead611692521c23e6668846a2861fedc09ae11416ffc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Aug 2021 10:14:40 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1814
Expires
Sat, 06 Nov 2021 06:57:25 GMT
scripts.js
articles.sanctionsassociation.org/wp-content/plugins/divi-essential/scripts/
5 KB
2 KB
Script
General
Full URL
http://articles.sanctionsassociation.org/wp-content/plugins/divi-essential/scripts/scripts.js?ver=1633505140
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
3e88a82b8f0e4ecbc72806ba7933eb01556cd5af85e8d833ba38d614576cb8cf

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Aug 2021 10:14:40 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1405
Expires
Sat, 06 Nov 2021 06:57:25 GMT
scripts.min.js
articles.sanctionsassociation.org/wp-content/themes/Divi/js/
248 KB
64 KB
Script
General
Full URL
http://articles.sanctionsassociation.org/wp-content/themes/Divi/js/scripts.min.js?ver=4.10.5
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
56f6ba9d3f7eb3d795c335af2320b0504d48c6d4cc8f0a0ffa27b9249df182ac

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Aug 2021 10:15:25 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Expires
Sat, 06 Nov 2021 06:57:25 GMT
jquery.fitvids.js
articles.sanctionsassociation.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/
3 KB
2 KB
Script
General
Full URL
http://articles.sanctionsassociation.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.10.4
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Aug 2021 10:15:25 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1341
Expires
Sat, 06 Nov 2021 06:57:25 GMT
frontend-bundle.min.js
articles.sanctionsassociation.org/wp-content/plugins/divi-blog-extras/scripts/
35 KB
7 KB
Script
General
Full URL
http://articles.sanctionsassociation.org/wp-content/plugins/divi-blog-extras/scripts/frontend-bundle.min.js?ver=2.6.3
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
f33ff48fdfdcb3649784c21267920aa4e06157303987aae782a34ec053ea1db9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Aug 2021 10:14:38 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
6666
Expires
Sat, 06 Nov 2021 06:57:25 GMT
frontend-bundle.min.js
articles.sanctionsassociation.org/wp-content/plugins/divi-essential/scripts/
271 KB
73 KB
Script
General
Full URL
http://articles.sanctionsassociation.org/wp-content/plugins/divi-essential/scripts/frontend-bundle.min.js?ver=4.4.5
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
56a864f29b22b4c58cc921ba7d16c2c173bd9243f74d564ca9c3fbd402ed44cb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Aug 2021 10:14:40 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Expires
Sat, 06 Nov 2021 06:57:25 GMT
common.js
articles.sanctionsassociation.org/wp-content/themes/Divi/core/admin/js/
1 KB
1004 B
Script
General
Full URL
http://articles.sanctionsassociation.org/wp-content/themes/Divi/core/admin/js/common.js?ver=4.10.4
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Aug 2021 10:15:25 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
566
Expires
Sat, 06 Nov 2021 06:57:25 GMT
wp-embed.min.js
articles.sanctionsassociation.org/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
http://articles.sanctionsassociation.org/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Apr 2021 00:33:54 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
765
Expires
Sat, 06 Nov 2021 06:57:25 GMT
612a39cb4b43b00013899cb8.js
buttons-config.sharethis.com/js/
1 KB
856 B
Script
General
Full URL
https://buttons-config.sharethis.com/js/612a39cb4b43b00013899cb8.js
Requested by
Host: platform-api.sharethis.com
URL: http://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f16043f49ac97719142a6a7f71f1a2699796c16308cfb35322414ce1e619f436

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 06:57:14 GMT
content-encoding
gzip
etag
W/"d1819d289920ca270380249503e2a22c"
last-modified
Sat, 28 Aug 2021 13:37:35 GMT
server
AmazonS3
age
12
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 e44e0b24e706487eaec6b9e01f2166dd.cloudfront.net (CloudFront)
cache-control
public, max-age=60
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
9EuMGp-oQ5h8ux5YADXBDX-8xBeQhVLSVzbTg-FcvqB7rWY6cc8HJg==
pview
l.sharethis.com/
0
354 B
XHR
General
Full URL
https://l.sharethis.com/pview?event=pview&hostname=articles.sanctionsassociation.org&location=%2Fpotential-sanctions-risks-for-facilitating-ransomware-payments%2F&product=unknown&url=http%3A%2F%2Farticles.sanctionsassociation.org%2Fpotential-sanctions-risks-for-facilitating-ransomware-payments%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Potential%20Sanctions%20Risks%20for%20Facilitating%20Ransomware%20Payments%20%7C%20Association%20of%20Certified%20Sanctions%20Specialists%20Blog&cms=unknown&publisher=612a39cb4b43b00013899cb8&sop=true&version=st_sop.js&lang=en
Requested by
Host: platform-api.sharethis.com
URL: http://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:25 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
http://articles.sanctionsassociation.org
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
fonts.gstatic.com/s/opensans/v26/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
4bf0b230b1fd3fe81f873ef81805e149ba038d72cc013b0a1f86b5d8300e2c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://articles.sanctionsassociation.org/
Origin
http://articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 14:00:36 GMT
x-content-type-options
nosniff
age
320209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22048
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 03 Oct 2022 14:00:36 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
fonts.gstatic.com/s/opensans/v26/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
db798f1682c13502dc4315105747ca0804aece7f82cf562be5dc7e04d80aa563
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://articles.sanctionsassociation.org/
Origin
http://articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 17:13:07 GMT
x-content-type-options
nosniff
age
567858
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22108
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:15 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 30 Sep 2022 17:13:07 GMT
modules.ttf
articles.sanctionsassociation.org/wp-content/themes/Divi/core/admin/fonts/modules/all/
0
0

memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
fonts.gstatic.com/s/opensans/v26/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
70609060856199983a8cbb9b95c8ce2dd2d8495aa4969db90e831eb7730799c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://articles.sanctionsassociation.org/
Origin
http://articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 17:13:07 GMT
x-content-type-options
nosniff
age
567858
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21480
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 30 Sep 2022 17:13:07 GMT
memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWV4ewA.woff2
fonts.gstatic.com/s/opensans/v26/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v26/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWV4ewA.woff2
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
649bc63da1674e5e7bd10a5709490a68c80b6996f9f048b47155baef77ac4260
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://articles.sanctionsassociation.org/
Origin
http://articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 18:50:07 GMT
x-content-type-options
nosniff
age
562038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22880
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:51:25 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 30 Sep 2022 18:50:07 GMT
malware4.jpg
articles.sanctionsassociation.org/wp-content/uploads/2021/10/
70 KB
64 KB
Image
General
Full URL
http://articles.sanctionsassociation.org/wp-content/uploads/2021/10/malware4.jpg
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
a95d133b4b5e99ac37b2b92136579b2d86a79adf47225c7fff3cda5bf4c471de

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 02 Oct 2021 09:36:44 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Expires
Sat, 06 Nov 2021 06:57:25 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVQ.woff
fonts.gstatic.com/s/opensans/v26/
26 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVQ.woff
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
d7b1cc7adbb4f5634a499522102c63be2eae6a7e65c694d2da7005d35926f35b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://articles.sanctionsassociation.org/
Origin
http://articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 18:09:42 GMT
x-content-type-options
nosniff
age
564463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26576
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 30 Sep 2022 18:09:42 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVc.ttf
fonts.gstatic.com/s/opensans/v26/
43 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVc.ttf
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
d90a8dd5efa9cc758bc468021ead7707a537eccde31ae61340e3606b1cb4210f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://articles.sanctionsassociation.org/
Origin
http://articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 09:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27309
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Oct 2022 09:49:27 GMT
modules.woff
articles.sanctionsassociation.org/wp-content/themes/Divi/core/admin/fonts/modules/all/
0
0

get_counts
count-server.sharethis.com/v2.0/
204 B
571 B
Script
General
Full URL
https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=http%3A%2F%2Farticles.sanctionsassociation.org%2Fpotential-sanctions-risks-for-facilitating-ransomware-payments%2F
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-14.fra50.r.cloudfront.net
Software
/
Resource Hash
132cdbfd066c10b9fb72e4f68594e9b5a347d7238955a9cf885b82fb08942a43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 06:57:25 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-edge-origin-shield-skipped
0, 0
etag
ab40f05eb4fa44246db86354f3860f00
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-pop
FRA50-C1
content-length
204
apigw-requestid
G00Nch0YoAMEJGg=
x-amz-cf-id
35xAFsPyhZKl3d50GDh6EddaZf1aW0qUdG2ERIDRIOY1Sb-43rPPuA==
facebook.svg
platform-cdn.sharethis.com/img/
301 B
678 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 02 Oct 2021 05:51:09 GMT
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
435977
etag
"c6e9be45643e197ce1db1d7e24a99adc"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
301
x-amz-cf-id
XcCGNR41Wbojh28zkeSq7Z2xoP-Z3hPF4LdtWH5T_fDuwnac7sr8CA==
twitter.svg
platform-cdn.sharethis.com/img/
731 B
1 KB
Image
General
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 02 Oct 2021 07:18:34 GMT
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
430731
etag
"0af2fb38987598376c99e21af17ade45"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
731
x-amz-cf-id
cD-mndkqwuP7jl9AA-QFDyzKf8fzQ3unvX-avyGKLwpuqDvW-l-s2A==
pinterest.svg
platform-cdn.sharethis.com/img/
771 B
1 KB
Image
General
Full URL
https://platform-cdn.sharethis.com/img/pinterest.svg
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 16 Sep 2021 11:51:31 GMT
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
1796755
etag
"2b10a062e719c64b686e2e8fcdc216dc"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
771
x-amz-cf-id
G-NSLXeWYWUrv7NGOulhWGTZOlQBtEAhzc5CT9pTkSXv9g4RpdgPKA==
email.svg
platform-cdn.sharethis.com/img/
343 B
723 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/email.svg
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 13 Sep 2021 18:39:39 GMT
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
2031467
etag
"5977437466e857c7ddcadda6f6d88c2a"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
343
x-amz-cf-id
LIVO2ZlvR12BQeJeAXAKOHHBhKzMdi6gIendAjG9NKIsGkVfWQC6VA==
sharethis.svg
platform-cdn.sharethis.com/img/
514 B
892 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/sharethis.svg
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 17 Sep 2021 06:11:13 GMT
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
1730773
etag
"deecdaa377907db5cc1722fc831670a1"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
514
x-amz-cf-id
gx1UiYvwYAXly2FLBRj8Bexy8knh3rz__k337Z5VLYHOQ_occsmCwQ==
arrow_left.svg
platform-cdn.sharethis.com/img/
565 B
944 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/arrow_left.svg
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 03 Oct 2021 13:15:42 GMT
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
322904
etag
"b55d8d2b9321e381a3c38a4bddb74037"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
565
x-amz-cf-id
052L95UzjXb0FdjYVK60NfBsifcZOQ3K_eUXmUaTJh4ceNM4PMfQIw==
arrow_right.svg
platform-cdn.sharethis.com/img/
565 B
944 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/arrow_right.svg
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 22 Sep 2021 17:15:09 GMT
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
1258937
etag
"9928d025bd5792b718ee0a185f62e67c"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
565
x-amz-cf-id
_kkSZ7rJnqVB8d-uH1z9MAU_GT9iMbeXFSJMMQBQlT2LdXpNptbmwg==
Logo_Now.png
articles.sanctionsassociation.org/wp-content/uploads/2020/11/
23 KB
24 KB
Image
General
Full URL
http://articles.sanctionsassociation.org/wp-content/uploads/2020/11/Logo_Now.png
Requested by
Host: articles.sanctionsassociation.org
URL: http://articles.sanctionsassociation.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
HTTP/1.1
Server
45.40.132.39 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-132-39.ip.secureserver.net
Software
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
a1994df345e0e4d35a82c3618067bc4dfec559b5f76c4f4ee4ce5b07e99a8449

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
articles.sanctionsassociation.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 06:57:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Nov 2020 04:51:28 GMT
Server
Apache/2.4.49 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
23661
Expires
Sat, 06 Nov 2021 06:57:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
articles.sanctionsassociation.org
URL
https://articles.sanctionsassociation.org/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
Domain
articles.sanctionsassociation.org
URL
https://articles.sanctionsassociation.org/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| jQuery function| $ object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ function| EvEmitter function| imagesLoaded object| DIVI object| et_builder_utils_params object| et_frontend_scripts object| et_pb_custom object| et_pb_box_shadow_elements function| Waypoint function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect function| et_pb_menu_inject_inline_centered_logo function| et_pb_menu_inject_item function| et_pb_reposition_menu_module_dropdowns boolean| et_load_event_fired boolean| et_is_transparent_nav boolean| et_is_vertical_nav boolean| et_is_fixed_nav boolean| et_is_minified_js boolean| et_is_minified_css boolean| et_force_width_container_change function| et_pb_init_woo_star_rating function| et_pb_wrap_woo_attribute_fields_in_span function| et_pb_init_modules function| etFixDividerSpacing function| etInitWooReviewsRatingStars boolean| et_calculating_scroll_position boolean| et_side_nav_links_initialized object| DiviBlogExtrasFrontendData object| wp string| et_location_hash function| et_calculate_header_values function| et_change_primary_nav_position function| et_fix_page_container_position function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init function| et_pb_slider_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_tabs_init function| et_pb_circle_counter_update function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| et_calculate_fullscreen_section_size function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_pb_shop_add_hover_class string| waypointContextKey

0 Cookies

4 Console Messages

Source Level URL
Text
javascript error URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Message:
Access to font at 'https://articles.sanctionsassociation.org/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf' from origin 'http://articles.sanctionsassociation.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://articles.sanctionsassociation.org/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://articles.sanctionsassociation.org/potential-sanctions-risks-for-facilitating-ransomware-payments/
Message:
Access to font at 'https://articles.sanctionsassociation.org/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff' from origin 'http://articles.sanctionsassociation.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://articles.sanctionsassociation.org/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

articles.sanctionsassociation.org
buttons-config.sharethis.com
count-server.sharethis.com
fonts.gstatic.com
l.sharethis.com
platform-api.sharethis.com
platform-cdn.sharethis.com
articles.sanctionsassociation.org
13.32.121.24
142.250.185.163
143.204.98.14
143.204.98.74
18.66.97.22
45.40.132.39
52.29.0.64
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
132cdbfd066c10b9fb72e4f68594e9b5a347d7238955a9cf885b82fb08942a43
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
257ffb778dcba1ec4d81629b9ad3d9ac2781e4a2c2d84f5f0d59630bc1b387d8
3e88a82b8f0e4ecbc72806ba7933eb01556cd5af85e8d833ba38d614576cb8cf
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
4bf0b230b1fd3fe81f873ef81805e149ba038d72cc013b0a1f86b5d8300e2c8c
56a864f29b22b4c58cc921ba7d16c2c173bd9243f74d564ca9c3fbd402ed44cb
56f6ba9d3f7eb3d795c335af2320b0504d48c6d4cc8f0a0ffa27b9249df182ac
5a65b0ca177f1c0433c0ead611692521c23e6668846a2861fedc09ae11416ffc
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
649bc63da1674e5e7bd10a5709490a68c80b6996f9f048b47155baef77ac4260
70609060856199983a8cbb9b95c8ce2dd2d8495aa4969db90e831eb7730799c1
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
a1994df345e0e4d35a82c3618067bc4dfec559b5f76c4f4ee4ce5b07e99a8449
a95d133b4b5e99ac37b2b92136579b2d86a79adf47225c7fff3cda5bf4c471de
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
b3dca6992b4f8770bc3dba5f82f6325a82d2adabf685da88d950f6fe87b16716
ba66e626b8fffd184d979cab2bd8deeb36f47a89d5e7bffc083d940c006b0a83
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c05b146fe5fddb6b2f805e4c66e2aeed49a0b10fdedd163fee342fca3ad33992
c07f64478a2897a11d14d11ca8277b03ddfa5f6a52fd76e63bc0a456c09d4681
d7b1cc7adbb4f5634a499522102c63be2eae6a7e65c694d2da7005d35926f35b
d90a8dd5efa9cc758bc468021ead7707a537eccde31ae61340e3606b1cb4210f
db798f1682c13502dc4315105747ca0804aece7f82cf562be5dc7e04d80aa563
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed895fdc1b594317aac4796d97607b9d10ef864013dffc5d279a1afa5f481082
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f00f8973de9b0b5c7afff33f53eadde98f802fbc44bf8beefd09a549430b4009
f16043f49ac97719142a6a7f71f1a2699796c16308cfb35322414ce1e619f436
f33ff48fdfdcb3649784c21267920aa4e06157303987aae782a34ec053ea1db9
f85e538e44687fc0feaa2f66a67831ec9f9b03446f115dec74b996da4a0a4a52