URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Submission: On June 14 via api from TR — Scanned from DE

Summary

This website contacted 81 IPs in 7 countries across 63 domains to perform 234 HTTP transactions. The main IP is 2a02:26f0:480:996::2506, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.nbcnews.com. The Cisco Umbrella rank of the primary domain is 15655.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 8th 2022. Valid for: a year.
This is the only time www.nbcnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 23.52.120.37 16625 (AKAMAI-AS)
58 2a02:26f0:480... 20940 (AKAMAI-ASN1)
5 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 4 34.254.142.64 16509 (AMAZON-02)
8 34.96.102.137 396982 (GOOGLE-CL...)
2 2a04:4e42::645 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.222.250.165 16509 (AMAZON-02)
1 18.66.97.49 16509 (AMAZON-02)
1 18.66.112.45 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.147.105 16509 (AMAZON-02)
3 2600:9000:224... 16509 (AMAZON-02)
1 108.138.17.81 16509 (AMAZON-02)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 2600:1901:0:7... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
1 3 13.32.99.21 16509 (AMAZON-02)
1 52.213.166.38 16509 (AMAZON-02)
2 63.140.62.160 15224 (OMNITURE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.66.100.58 16509 (AMAZON-02)
1 52.222.236.63 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
2 2a04:4e42:600... 54113 (FASTLY)
1 2600:9000:223... 16509 (AMAZON-02)
2 3.211.191.187 14618 (AMAZON-AES)
1 2 142.250.186.102 15169 (GOOGLE)
1 54.155.18.159 16509 (AMAZON-02)
5 5 142.250.186.98 15169 (GOOGLE)
1 52.214.226.234 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 54.76.136.163 16509 (AMAZON-02)
2 2a04:4e42:200... 54113 (FASTLY)
1 1 212.82.100.182 34010 (YAHOO-IRD)
2 3.75.62.37 16509 (AMAZON-02)
2 2600:9000:249... 16509 (AMAZON-02)
1 104.18.9.110 13335 (CLOUDFLAR...)
2 99.83.154.140 16509 (AMAZON-02)
1 23.20.40.7 14618 (AMAZON-AES)
1 2 54.208.26.70 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
4 23.32.185.123 16625 (AKAMAI-AS)
3 52.222.208.154 16509 (AMAZON-02)
1 52.21.155.36 14618 (AMAZON-AES)
1 143.204.98.71 16509 (AMAZON-02)
1 23.201.255.110 16625 (AKAMAI-AS)
1 108.138.9.235 16509 (AMAZON-02)
1 13.32.99.59 16509 (AMAZON-02)
2 18.133.8.189 16509 (AMAZON-02)
1 185.89.210.90 29990 (ASN-APPNEX)
1 3.68.146.172 16509 (AMAZON-02)
1 3.123.242.222 16509 (AMAZON-02)
1 3.123.184.25 16509 (AMAZON-02)
1 2a02:2638:d::a 44788 (ASN-CRITE...)
1 104.18.25.185 13335 (CLOUDFLAR...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.30.71.191 16509 (AMAZON-02)
2 23.212.89.123 16625 (AKAMAI-AS)
2 18.195.124.181 16509 (AMAZON-02)
2 2a02:2638:d::2 44788 (ASN-CRITE...)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
1 178.250.1.11 44788 (ASN-CRITE...)
1 76.223.111.18 ()
2 23.212.211.47 ()
1 104.18.10.47 ()
2 23.32.184.192 ()
1 185.64.190.78 ()
1 2 185.80.39.216 ()
1 185.29.132.245 ()
1 35.204.74.118 ()
234 81
Apex Domain
Subdomains
Transfer
65 nbcnews.com
www.nbcnews.com — Cisco Umbrella Rank: 15655
nodeassets.nbcnews.com — Cisco Umbrella Rank: 20198
aamt.nbcnews.com — Cisco Umbrella Rank: 30554
1 MB
14 doubleclick.net
8168974.fls.doubleclick.net — Cisco Umbrella Rank: 29623
cm.g.doubleclick.net — Cisco Umbrella Rank: 244
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219
168 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 133
97590d9bd7c8ffaa58ff60c8f61be8ec.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
52 KB
8 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4707
109 KB
7 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 413
147 KB
6 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3206
fastlane.rubiconproject.com — Cisco Umbrella Rank: 543
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3036
eus.rubiconproject.com
pixel.rubiconproject.com Failed
134 KB
6 moatads.com
z.moatads.com — Cisco Umbrella Rank: 620
mb.moatads.com — Cisco Umbrella Rank: 831
geo.moatads.com — Cisco Umbrella Rank: 795
px.moatads.com — Cisco Umbrella Rank: 541
196 KB
6 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 6341
identity.mparticle.com — Cisco Umbrella Rank: 2797
cookiesync.mparticle.com — Cisco Umbrella Rank: 15247
jssdks.mparticle.com — Cisco Umbrella Rank: 4927
48 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 218
nbcuni.demdex.net — Cisco Umbrella Rank: 10312
nbcu.demdex.net — Cisco Umbrella Rank: 11969
10 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 107
www.google.com — Cisco Umbrella Rank: 3
2 KB
5 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 3339
secure-dcr.imrworldwide.com — Cisco Umbrella Rank: 3135
uhi1rpbiteztsr0brykpv8kaoazed1686708494.nuid.imrworldwide.com
68 KB
5 s-nbcnews.com
media-cldnry.s-nbcnews.com — Cisco Umbrella Rank: 17021
media1.s-nbcnews.com — Cisco Umbrella Rank: 31525
366 KB
4 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 564
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com Failed
13 KB
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 742
gum.criteo.com — Cisco Umbrella Rank: 407
mug.criteo.com — Cisco Umbrella Rank: 2114
dis.criteo.com Failed
7 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 357
aax.amazon-adsystem.com — Cisco Umbrella Rank: 444
s.amazon-adsystem.com Failed
aax-eu.amazon-adsystem.com Failed
61 KB
3 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 626
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com Failed
4 KB
3 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1303
ups.analytics.yahoo.com — Cisco Umbrella Rank: 340
pr-bh.ybp.yahoo.com Failed
932 B
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 160
3 KB
3 tvpixel.com
c.tvpixel.com — Cisco Umbrella Rank: 9505
p.tvpixel.com — Cisco Umbrella Rank: 2107
32 KB
3 tru.am
tru.am — Cisco Umbrella Rank: 5077
beacon.tru.am — Cisco Umbrella Rank: 6409
12 KB
3 nondescriptnote.com
nondescriptnote.com — Cisco Umbrella Rank: 36369
25 KB
3 branch.io
cdn.branch.io — Cisco Umbrella Rank: 990
api2.branch.io — Cisco Umbrella Rank: 627
23 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 583
59 KB
2 moatpixel.com
nbcudisplay.s.moatpixel.com — Cisco Umbrella Rank: 12615
502 B
2 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 637
791 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 638
eb2.3lift.com
682 B
2 rkdms.com
mid.rkdms.com — Cisco Umbrella Rank: 1858
234 B
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 3314
497 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3107
p1.parsely.com — Cisco Umbrella Rank: 2311
26 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 684
539 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 749
script.hotjar.com — Cisco Umbrella Rank: 1067
73 KB
2 lightboxcdn.com
www.lightboxcdn.com — Cisco Umbrella Rank: 6386
2 KB
2 nbcuni.com
mps.nbcuni.com — Cisco Umbrella Rank: 14827
80 KB
1 simpli.fi
um.simpli.fi
610 B
1 mathtag.com
sync.mathtag.com
443 B
1 indexww.com
js-sec.indexww.com
cdn.indexww.com Failed
2 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 207
55 KB
1 kargo.com
krk2.kargo.com — Cisco Umbrella Rank: 5699
499 B
1 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1094
239 B
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 249
861 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 2038
616 B
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 2151
73 KB
1 admantx.com
usasync01.admantx.com — Cisco Umbrella Rank: 13779
703 B
1 google.se
adservice.google.se — Cisco Umbrella Rank: 179114
515 B
1 securedvisit.com
nbcu.track.securedvisit.com — Cisco Umbrella Rank: 13167
24 KB
1 reson8.com
ds.reson8.com — Cisco Umbrella Rank: 3518
96 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 628
482 B
1 app.link
app.link — Cisco Umbrella Rank: 2307
632 B
1 cnbc.com
geo.cnbc.com — Cisco Umbrella Rank: 13482
292 B
1 researchnow.com
tag.researchnow.com — Cisco Umbrella Rank: 2606
444 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82
50 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 3451
33 KB
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1 KB
1 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 398
199 KB
0 smartadserver.com Failed
ssbsync.smartadserver.com Failed
0 adform.net Failed
c1.adform.net Failed
0 audrte.com Failed
a.audrte.com Failed
0 weborama.fr Failed
cr.frontend.weborama.fr Failed
0 crwdcntrl.net Failed
sync.crwdcntrl.net Failed
0 de17a.com Failed
d5p.de17a.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 linkedin.com Failed
px.ads.linkedin.com Failed
0 adsrvr.org Failed
match.adsrvr.org Failed
234 63
Domain Requested by
58 nodeassets.nbcnews.com www.nbcnews.com
nodeassets.nbcnews.com
8 dev.visualwebsiteoptimizer.com www.nbcnews.com
dev.visualwebsiteoptimizer.com
7 securepubads.g.doubleclick.net mps.nbcuni.com
securepubads.g.doubleclick.net
www.nbcnews.com
www.googletagservices.com
7 cdn.cookielaw.org www.nbcnews.com
cdn.cookielaw.org
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 cm.g.doubleclick.net 5 redirects ssum-sec.casalemedia.com
5 www.nbcnews.com nodeassets.nbcnews.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 dpm.demdex.net 1 redirects www.nbcnews.com
4 media-cldnry.s-nbcnews.com www.nbcnews.com
3 c.amazon-adsystem.com mps.nbcuni.com
c.amazon-adsystem.com
3 adservice.google.com 8168974.fls.doubleclick.net
securepubads.g.doubleclick.net
3 sb.scorecardresearch.com 1 redirects www.nbcnews.com
3 nondescriptnote.com www.nbcnews.com
nondescriptnote.com
3 cdn-gl.imrworldwide.com www.nbcnews.com
cdn-gl.imrworldwide.com
2 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
2 ads.pubmatic.com micro.rubiconproject.com
2 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net micro.rubiconproject.com
static.criteo.net
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 nbcudisplay.s.moatpixel.com
2 beacon.krxd.net
2 px.moatads.com
2 www.google.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 z.moatads.com mps.nbcuni.com
securepubads.g.doubleclick.net
2 mid.rkdms.com 1 redirects www.nbcnews.com
2 api.sail-personalize.com ak.sail-horizon.com
2 api2.branch.io cdn.branch.io
2 ups.analytics.yahoo.com www.nbcnews.com
ssum-sec.casalemedia.com
2 cookiesync.mparticle.com www.nbcnews.com
2 8168974.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 p.tvpixel.com c.tvpixel.com
2 identity.mparticle.com jssdkcdns.mparticle.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 aamt.nbcnews.com www.nbcnews.com
2 tru.am www.nbcnews.com
tru.am
2 www.lightboxcdn.com www.nbcnews.com
2 mps.nbcuni.com mps.nbcuni.com
1 um.simpli.fi
1 sync.mathtag.com ads.pubmatic.com
ssum-sec.casalemedia.com
1 image6.pubmatic.com ads.pubmatic.com
1 js-sec.indexww.com micro.rubiconproject.com
1 eb2.3lift.com micro.rubiconproject.com
1 jssdks.mparticle.com jssdkcdns.mparticle.com
1 mug.criteo.com
1 geo.moatads.com z.moatads.com
1 www.googletagservices.com securepubads.g.doubleclick.net
1 97590d9bd7c8ffaa58ff60c8f61be8ec.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 fastlane.rubiconproject.com micro.rubiconproject.com
1 htlb.casalemedia.com micro.rubiconproject.com
1 bidder.criteo.com micro.rubiconproject.com
1 krk2.kargo.com micro.rubiconproject.com
1 tlx.3lift.com micro.rubiconproject.com
1 grid.bidswitch.net micro.rubiconproject.com
1 ib.adnxs.com micro.rubiconproject.com
ssum-sec.casalemedia.com
1 mb.moatads.com z.moatads.com
1 geo.privacymanager.io ats.rlcdn.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 micro.rubiconproject.com mps.nbcuni.com
1 ats.rlcdn.com www.nbcnews.com
1 usasync01.admantx.com mps.nbcuni.com
1 adservice.google.se adservice.google.com
1 nbcu.track.securedvisit.com www.nbcnews.com
1 ds.reson8.com www.nbcnews.com
1 cms.analytics.yahoo.com 1 redirects
1 nbcu.demdex.net www.nbcnews.com
1 uhi1rpbiteztsr0brykpv8kaoazed1686708494.nuid.imrworldwide.com www.nbcnews.com
1 secure-dcr.imrworldwide.com www.nbcnews.com
1 beacon.tru.am tru.am
1 p1.parsely.com www.nbcnews.com
1 static.adsafeprotected.com www.nbcnews.com
1 app.link cdn.branch.io
1 script.hotjar.com static.hotjar.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 nbcuni.demdex.net www.nbcnews.com
1 media1.s-nbcnews.com nodeassets.nbcnews.com
1 c.tvpixel.com www.nbcnews.com
1 geo.cnbc.com www.nbcnews.com
1 cdn.branch.io www.nbcnews.com
1 tag.researchnow.com www.nbcnews.com
1 www.googletagmanager.com www.nbcnews.com
1 ak.sail-horizon.com www.nbcnews.com
1 static.hotjar.com www.nbcnews.com
1 d1z2jf7jlzjs58.cloudfront.net www.nbcnews.com
1 jssdkcdns.mparticle.com www.nbcnews.com
1 assets.adobedtm.com www.nbcnews.com
0 cdn.indexww.com Failed ssum-sec.casalemedia.com
0 ssbsync.smartadserver.com Failed ssum-sec.casalemedia.com
0 dsum-sec.casalemedia.com Failed ssum-sec.casalemedia.com
0 c1.adform.net Failed
0 image2.pubmatic.com Failed
0 a.audrte.com Failed
0 cr.frontend.weborama.fr Failed
0 sync.crwdcntrl.net Failed
0 d5p.de17a.com Failed ads.pubmatic.com
0 dis.criteo.com Failed ads.pubmatic.com
0 p.rfihub.com Failed ads.pubmatic.com
0 pixel.rubiconproject.com Failed
0 px.ads.linkedin.com Failed
0 match.adsrvr.org Failed ssum-sec.casalemedia.com
0 aax-eu.amazon-adsystem.com Failed ads.pubmatic.com
0 pr-bh.ybp.yahoo.com Failed
0 s.amazon-adsystem.com Failed ssum-sec.casalemedia.com
234 105
Subject Issuer Validity Valid
*.nbcnews.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-10
a year crt.sh
*.nbcuni.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-31 -
2024-01-03
a year crt.sh
*.s-nbcnews.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-14 -
2023-12-14
a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-19 -
2023-08-19
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2023-04-01 -
2024-03-31
a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-26 -
2023-10-27
a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2
2022-07-04 -
2023-08-05
a year crt.sh
jssdkcdns.mparticle.com
Go Daddy Secure Certificate Authority - G2
2023-05-02 -
2024-06-02
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-11-09 -
2023-11-08
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M01
2023-02-28 -
2024-01-16
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
*.researchnow.com
Amazon RSA 2048 M01
2023-03-02 -
2023-11-11
8 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-03 -
2024-02-03
a year crt.sh
*.branch.io
Amazon RSA 2048 M01
2023-02-21 -
2023-11-09
9 months crt.sh
*.cnbc.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-26 -
2023-11-29
a year crt.sh
nondescriptnote.com
R3
2023-04-07 -
2023-07-06
3 months crt.sh
*.tvpixel.com
Amazon RSA 2048 M01
2023-02-21 -
2024-01-13
a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA
2022-12-15 -
2023-12-28
a year crt.sh
aamt.nbcnews.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-03 -
2024-05-03
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-12-13 -
2023-12-13
a year crt.sh
*.parsely.com
Amazon RSA 2048 M02
2023-05-06 -
2024-06-03
a year crt.sh
appipv4.link
Amazon RSA 2048 M02
2023-04-25 -
2024-05-23
a year crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2
2023-05-08 -
2024-06-08
a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01
2023-02-24 -
2023-09-04
6 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
*.nuid.imrworldwide.com
Amazon RSA 2048 M01
2023-04-12 -
2024-05-10
a year crt.sh
api.sail-personalize.com
Amazon RSA 2048 M01
2023-04-25 -
2024-05-23
a year crt.sh
*.track.securedvisit.com
Amazon RSA 2048 M01
2023-02-23 -
2023-10-27
8 months crt.sh
*.google.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
*.google.se
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-11-18
a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
*.admantx.com
SSL.com RSA SSL subCA
2023-04-18 -
2024-05-18
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M02
2023-02-22 -
2023-09-24
7 months crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-05
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
*.dev.kargo.com
Amazon RSA 2048 M01
2023-02-13 -
2024-03-12
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-12 -
2023-08-10
3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
www.google.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2023-04-14 -
2024-04-12
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-27 -
2023-08-27
3 months crt.sh
jssdks.mparticle.com
Go Daddy Secure Certificate Authority - G2
2022-09-15 -
2023-10-17
a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2
2022-12-13 -
2024-01-13
a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-30 -
2024-04-29
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-12-08
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-02-21 -
2023-08-16
6 months crt.sh

This page contains 21 frames:

Primary Page: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Frame ID: 114B36BC2367E596DD2556A043213D19
Requests: 167 HTTP requests in this frame

Frame: https://nbcuni.demdex.net/dest5.html?d_nsid=0
Frame ID: 1E3B38E0163B071E24528FB243D03671
Requests: 5 HTTP requests in this frame

Frame: https://8168974.fls.doubleclick.net/activityi;dc_pre=CM3YneXWwf8CFYjjuwgdf-kAsg;src=8168974;type=nbcvi0;cat=nbcne0;ord=4662676505686;gtm=45fe36c0;auiddc=1547124173.1686708494;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983
Frame ID: BA6018793806AF4F1BB49EEB0BF93434
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: A3274E62C1F4DE3C367D852D4707C05D
Requests: 3 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CM3YneXWwf8CFYjjuwgdf-kAsg;src=8168974;type=nbcvi0;cat=nbcne0;ord=4662676505686;gtm=45fe36c0;auiddc=1547124173.1686708494;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983
Frame ID: D3A45EC05144CD78DF31DB70897EDE06
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.se/ddm/fls/i/dc_pre=CM3YneXWwf8CFYjjuwgdf-kAsg;src=8168974;type=nbcvi0;cat=nbcne0;ord=4662676505686;gtm=45fe36c0;auiddc=1547124173.1686708494;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983
Frame ID: 6A5F8BCBB05ABE7EAC45C6BB3436528B
Requests: 1 HTTP requests in this frame

Frame: https://97590d9bd7c8ffaa58ff60c8f61be8ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9941F0A43FE4139FA41461C005426F12
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss03qvqfTA4yBt0qJDfoU2AxG_ZXMbqQyDvaFOLwIJzYMTDD349e8WjT5sp-BcA7z2EoNPScSzj87gcY-sxBQaJ9Vwkg4fHYL0-l3t9PycV2JIgag0zX4WhvAl0Ub6c_qjjb-36b6MdqPfZ3bnuWpdjWj_DWsB724ZNsl0BY2G7kjeIv2KtUI4nWNxecQPCuPH6BgqacvxcH4v6LeRAnFyaKtIZ6v-pijKquSu9iKDmy_2HHTXqy5q-bLjYFf6TmnN4tiQoT7fqACHni2cPvErnrENARcXAtHCqM3rvfg6HoWaCKrLeUy5K0rKzcCE80BC2&sai=AMfl-YT2wAhDsTyVsweRh6NS4GGQtZ0oQPYuYocowo20cfihft-tmfb40i8jcGV2ooSgQClGiHnj4iJsezq0FcI6l3N1Mdplsq2BY0wkpc4C0gl5Md3k3TrLyGO-Ht4vaw&sig=Cg0ArKJSzJVjN3eDSkNcEAE&uach_m=[UACH]&adurl=
Frame ID: 7D621FFA3213E02B315D51BB252D3B11
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EF3569C5AA0EA34577DCD5CF786D2584
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 923C985C43F45872DC04EE43376D10EE
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.nbcnews.com
Frame ID: 9AEFFB9D2B27FD533DA88357A9863C4E
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: A068A26F3A3873B41CB4D51B55639740
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: F73E5577A7A66F80167EF7BF3E89C2A9
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3DA0401364864E58DA5B11CBBD326E85
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162862&us_privacy=1---
Frame ID: 6F43D98D22F37B59B84FA04E1CB0A6DA
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.nbcnews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: D7098B8E27B3B8017A204A482BF9B822
Requests: 10 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 9869E5270907CD9B91B45C75420BEB1F
Requests: 1 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 34F8004CBF89F8876CC13C909F52E918
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 8D3E541E65B3972BD3A3EAC3327629AD
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: FC35CC5CD33E8F0B91E6CC506CCEC349
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CB7A9D4B-2588-4F40-86D3-E2E5E4E70390&redir=true&gdpr=0&gdpr_consent=
Frame ID: 1FDBAFF19928F52B010B1BAA73FAFDBB
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

An Illinois hospital links closure to ransomware attackNBC News LogoWatch NowSearchSearchNBC News LogoMSNBC LogoToday LogoBack ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

234
Requests

85 %
HTTPS

38 %
IPv6

63
Domains

105
Subdomains

81
IPs

7
Countries

3212 kB
Transfer

11331 kB
Size

62
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035083&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686708494221&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&c8=An%20Illinois%20hospital%20links%20closure%20to%20ransomware%20attack&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035083&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686708494221&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&c8=An%20Illinois%20hospital%20links%20closure%20to%20ransomware%20attack&c9=
Request Chain 104
  • https://8168974.fls.doubleclick.net/activityi;src=8168974;type=nbcvi0;cat=nbcne0;ord=4662676505686;gtm=45fe36c0;auiddc=1547124173.1686708494;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983 HTTP 302
  • https://8168974.fls.doubleclick.net/activityi;dc_pre=CM3YneXWwf8CFYjjuwgdf-kAsg;src=8168974;type=nbcvi0;cat=nbcne0;ord=4662676505686;gtm=45fe36c0;auiddc=1547124173.1686708494;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983
Request Chain 117
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTY4NTQyNzkyOTQwMjQ1OTI4NDE5NDk1ODc5Njc1MjcyNjMyODc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTY4NTQyNzkyOTQwMjQ1OTI4NDE5NDk1ODc5Njc1MjcyNjMyODc=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIW1dMKoYXSu7dR0ESAhlcA&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 124
  • https://dpm.demdex.net/ibs:dpid=130884&dpuuid=-2032154493243489053&redir=https%3A%2F%2Fcookiesync.mparticle.com%2Fv1%2Fsync%3Fesid%3D37590%26MPID%3D-2032154493243489053%26ID%3D%24%7BDD_UUID%7D%26Key%3D65ea0b28a73c4c4abd08599774d30799%26env%3D2 HTTP 302
  • https://cookiesync.mparticle.com/v1/sync?esid=37590&MPID=-2032154493243489053&ID=16854279294024592841949587967527263287&Key=65ea0b28a73c4c4abd08599774d30799&env=2
Request Chain 125
  • https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm&MPID=-2032154493243489053&esid=37591&Key=65ea0b28a73c4c4abd08599774d30799&env=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm=&MPID=-2032154493243489053&esid=37591&Key=65ea0b28a73c4c4abd08599774d30799&env=2&google_tc= HTTP 302
  • https://cookiesync.mparticle.com/v1/sync/?id=CAESEFE5tewj6NG_PjAtsFuJWyM&MPID=-2032154493243489053&esid=37591&Key=65ea0b28a73c4c4abd08599774d30799&env=2&google_cver=1
Request Chain 126
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=16854279294024592841949587967527263287&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=16854279294024592841949587967527263287&gdpr=0&gdpr_consent=
Request Chain 134
  • https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=16854279294024592841949587967527263287&_ct=img HTTP 302
  • https://mid.rkdms.com/restricted
Request Chain 195
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nbcnews.com&sn=ChromeSyncframe&so=0&topUrl=www.nbcnews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=9kwUxHxrbStvemdGMS8rbUJoeVhOWkwwYTZiZzRmMkV0bDJDZGZhSHNHSmhKaTY2ZVhlYlEwS0lZTmtQY2FaamVvT0Rta1JiZXJ1YXdyaDZUNnI2ZG1Rek1ndzEvbGd3czJhMTVuYjZ1UFZ1czI0ZlU3eVNkdS9Yc3lQYTlhbk1Sa1E5dUxESCtHZUF2SnpUK2VTdjVFN0MyV2U3akpDKzlCMVhxVHF4azNEMDVZWkFBV2ROVVc1M01EVmtDOGVpQmtvMDRmZEhld3N3THU4UUVvRExEbVp1eWt3ZnVRWlJJL1ZtRzhoRHF1SWlhUURRN3RuNEFudVNjRk02TzZMMkNLOSs1TjRBYjNnNnoxUjVaM0VoZlVrZkpYQT09fA&cppv=2
Request Chain 203
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.nbcnews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.nbcnews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 205
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/vu8wP5K9uCxdH8dDYaUCgcn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
Request Chain 207
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmIyZjFlOWExZmFhNWQ4NTZiMmI1ZDBmMmZjODQ5ODQyNWVkNzcxZg&us_privacy=1---
Request Chain 208
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElWMk9USzgtMVgtNEY0Mg==&us_privacy=1---
Request Chain 210
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIV2OTK8-1X-4F42&us_privacy=1---
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ-L2UjQBeiKyiO7QTRLxtI&google_cver=1
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=y3qdSyWIT0CG0-Ll5OcDkA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 219
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2870608729
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0I3QTlENEItMjU4OC00RjQwLTg2RDMtRTJFNUU0RTcwMzkw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 222
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEPdDmv-clPJclkG5upagQo&google_cver=1
Request Chain 230
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID

234 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request illinois-hospital-links-closure-ransomware-attack-rcna85983
www.nbcnews.com/tech/security/
227 KB
38 KB
Document
General
Full URL
https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:996::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / Next.js
Resource Hash
e020712650fc6e07aed8ed755b2952943ff22111a6c4d4543ece1b31ef6a68bf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2628000 ; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-language
en
content-length
37953
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Wed, 14 Jun 2023 02:08:12 GMT
etag
"38bef-ipf6NudQHvN4P937nPgGafwvNoY"
link
<https://nodeassets.nbcnews.com>; rel=preconnect, <https://media-cldnry.s-nbcnews.com>; rel=preconnect, <https://securepubads.g.doubleclick.net>; rel=preconnect, <https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq>; as=script; rel=preload
server
nginx
strict-transport-security
max-age=2628000 ; preload
x-backend-server
blue-ramen2-647b9dd7fb-zfk4m
x-powered-by
Next.js
load-nbcnews-bento.js
mps.nbcuni.com/fetch/ext/
286 KB
68 KB
Script
General
Full URL
https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.120.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-37.deploy.static.akamaitechnologies.com
Software
Apache/2.4.38 (Debian) / PHP/7.1.33
Resource Hash
88b4d4627e1e206d18640d49737db3589b7a76c88bc34f671842f685a618492e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jun 2023 02:08:12 GMT
Content-Encoding
gzip
Server
Apache/2.4.38 (Debian)
X-Powered-By
PHP/7.1.33
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
68719
Expires
Wed, 14 Jun 2023 02:08:12 GMT
d1d8bb9846b53b79.css
nodeassets.nbcnews.com/_next/static/css/
17 KB
5 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/d1d8bb9846b53b79.css
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
78b0d8f6d021cfcd896c6759c2eb639e49ff8af391fb6e7385607c2301a805f7
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
IqJsdIai8OfIbFHHNp.IBQBc9DZCTY5a
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
BS7CNG6NH57VPJ4V
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767087_28_310899_28_0_-";dur=1
content-length
4109
x-amz-id-2
NJf0TBSnH53lHGX/NVNzbyj4NgpLZp1xq4gYl42hX38GQbBE0wm5ZB8ePyHs37Dr8KBAzem1vgs=
last-modified
Tue, 13 Jun 2023 07:07:13 GMT
server
AmazonS3
etag
"850a442edcb421f7066304f58d77566d"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
230524-saint-margaret-health-spring-valley-illinois-mn-1540-556af9.jpg
media-cldnry.s-nbcnews.com/image/upload/t_fit-1240w,f_auto,q_auto:best/rockcms/2023-05/
132 KB
132 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_fit-1240w,f_auto,q_auto:best/rockcms/2023-05/230524-saint-margaret-health-spring-valley-illinois-mn-1540-556af9.jpg
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3100:794::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
e47f281010b99f7d4dd2bc45d579228e60076e5c5310c409cfec0069711032ce
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-cache-hits
1
date
Wed, 14 Jun 2023 02:08:12 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
521404208423555078644083828496465507805,293791617176120272957848547754048325783,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="230524-saint-margaret-health-spring-valley-illinois-mn-1540-556af9.webp"
content-length
134870
x-served-by
cache-lga21920-LGA
last-modified
Mon, 12 Jun 2023 15:27:14 GMT
server
cloudinary
x-timer
S1686681781.938517,VS0,VE4
etag
"2135c5fde6668e3f16c214cf41e1bb06"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31530851
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Thu, 13 Jun 2024 00:42:23 GMT
fontface.css
nodeassets.nbcnews.com/assets/fonts/shared/
4 KB
1 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
77014622bb2b3b959cef95b4e87520f3422d0344a366b0820580b9f9201d5b7f
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
rJ0HSxqkRVpZ0gf5u3RFI_ZcC7nBQXU1
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
last-modified
Thu, 11 Jul 2019 19:07:39 GMT
server
AmazonS3
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
PS32QV1SHM3TWDXE
etag
"2b115064a98912d96b0f2df36459659e"
content-type
text/css
cache-control
private, max-age=900
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767088_167_319380_28_0_-";dur=1
content-length
686
x-amz-id-2
auH73+tsiySdeD4KPlygvAoRwGUjKmgYIylEB2X08yWG9A9ozyyFCOps8fwriEdYPuze/XHe1zQ=
expires
Wed, 14 Jun 2023 02:23:13 GMT
header.css
nodeassets.nbcnews.com/assets/header-footer/1.136.0/news/
44 KB
7 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/assets/header-footer/1.136.0/news/header.css
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3cb8a00600b5b4b40c0ab1dab3bcc85cb1d06c2fd80dd55f13b7766688250aa
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
Z6Zjif5VHKKE8CiZN3QmXGe1UT5V4GOj
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
3P8NNRWQ5XJYN5B6
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767089_28_310854_28_0_-";dur=1
content-length
7081
x-amz-id-2
XvQOF/ypLD2c4HIk7dZ3Saifsu40c1XYXGKt/RiWskQWBcU/UKSDa+nc4R/B6Tbntc/6/joqukI=
last-modified
Wed, 07 Jun 2023 19:57:02 GMT
server
AmazonS3
etag
"013ff932b91a5d066f52d3438fbcbf23"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
footer.css
nodeassets.nbcnews.com/assets/header-footer/1.136.0/news/
5 KB
2 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/assets/header-footer/1.136.0/news/footer.css
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9cc784d74aae0ce2d405dd7026de5535e0cb3b87a3afa0fd6a2ca556d5ffec09
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
5lH6wHBupicFxyhFv495ci7CirXMNwhZ
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
3P8JY5ZQJR8VR4BE
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767090_30_310183_28_0_-";dur=1
content-length
1299
x-amz-id-2
LBSbBfv2t9GCBinixNDEOQZScsDnjj4Jen2xAEiSkbDeLZiTcIejKwCZZ1QDVq1uNFR+us9qY08=
last-modified
Wed, 07 Jun 2023 19:57:02 GMT
server
AmazonS3
etag
"ca94be18d3dbd5d643cf082deacfa0c9"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
081996956e64833b.css
nodeassets.nbcnews.com/_next/static/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/081996956e64833b.css
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3292bf84f2a19c113ed57e0e88988580e8862ce144828359601b141d951b3c96
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
znx4rU_yauKp9FE4P7iD_x0yLNl3CYOG
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
9EGECPDPKPT42SH6
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767091_34_310145_28_0_-";dur=1
content-length
1838
x-amz-id-2
vvCrhwDPLUgqUxbBKXDlgPXDw/SWWvB2XAn5vT5tdCmbnOBefXBt3DCnRzoHdzfdP0TnEfeYMAk=
last-modified
Tue, 13 Jun 2023 14:25:26 GMT
server
AmazonS3
etag
"5fc5d1bb8b538dd305fdb1055745ba67"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
6de75f5b60a9738b.css
nodeassets.nbcnews.com/_next/static/css/
120 KB
13 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/6de75f5b60a9738b.css
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3413b8b45b46d42539ff1142bb12eccdea03e29b1a40c7015c3acb8b9b314905
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
P9lZ9U1L.XICNvvKwHsQMzLFkkrLMRsK
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
K468JD1R534Q5HQG
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767092_35_310138_28_0_-";dur=1
content-length
12492
x-amz-id-2
Nwh2ZJmOqijUCLW05lj8KhWNzj+/FZABFS9AVlKADatIz9mfpIgaNz2E1zmvSGHwTqaIfyrQ2k0=
last-modified
Tue, 13 Jun 2023 19:12:28 GMT
server
AmazonS3
etag
"3e09b2123ec2628fa3dff209b03db32a"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
8294a19ab892aed6.css
nodeassets.nbcnews.com/_next/static/css/
35 KB
7 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/8294a19ab892aed6.css
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc02d77ac49d58b5aaf302bb58e4bfdb8ddbaf55db57a30d1941bfcc86374743
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
eikT7QM0yPa_cdjPr1pDLsRTJemAwhPo
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
YJZE09P0EMYWJBQC
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767094_36_310696_28_0_-";dur=1
content-length
6152
x-amz-id-2
wo80U/hQQ1m68xWotCYg31Vj947s5dvjleaobzRWjhZ2hHZ4obXV0mlZnBz8RPja5YozEba5E6w=
last-modified
Tue, 13 Jun 2023 16:03:48 GMT
server
AmazonS3
etag
"3d6d42a86af6454e911c527b0a677467"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
079bf2766172efda.css
nodeassets.nbcnews.com/_next/static/css/
61 KB
9 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/079bf2766172efda.css
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f7f2a430c859f14ea70e30074204bd0f40aadf9fee7252ceb0215920566cb0b
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
FavTR44P.5P6rxH3BPd.nXjPPNVVXNBT
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
RK22DS0FB0JPQMBR
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767097_29_284767_28_0_-";dur=1
content-length
9110
x-amz-id-2
MSDUBUopshIgPHFRtMSXHgDmzace0IgsI5RAr+zWk3E7j6Y2EbDThZjlbc2PLJTH9gGciczkEJs=
last-modified
Tue, 13 Jun 2023 08:23:20 GMT
server
AmazonS3
etag
"8d850f0200e2fe2874a67535210bf1af"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
5afd50a4ed3ad204.css
nodeassets.nbcnews.com/_next/static/css/
95 KB
15 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/5afd50a4ed3ad204.css
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b92a69381acf860bb7d6f9d3e35a15a167d82b53817e018a949d3e59b9e86b4
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
qCUyO4c8S2VLut7fUKXAWjW0p4078R9Y
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
TCVGKNMBR3BMD8FP
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767100_31_285390_28_0_-";dur=1
content-length
14908
x-amz-id-2
zV5MWYsWlAZPB93MnPWQQdSNo4JGXL3OlgnTtGS9OpaRYgJW9jmEUumPZlWPn9craUHTcKto8+8=
last-modified
Tue, 13 Jun 2023 19:12:28 GMT
server
AmazonS3
etag
"dfd8e011f48bd9c38b3540adb2ea3533"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
62f082b2d476432f.css
nodeassets.nbcnews.com/_next/static/css/
189 KB
25 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/62f082b2d476432f.css
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
134d77fad65ee4d680f791b11649e4ceaf8e2dccbe1ff121df476594d059869f
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
ITkvIWcRqYg5ojTn0yZi_t4Rkz9lkGBk
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
75NSWDC00ZFRBGM4
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767099_28_285355_28_0_-";dur=1
content-length
25348
x-amz-id-2
7fkHXT/4hXkedT6aaEXsvKzeNJj1Ggx51F/mdsfjmeyE4AWb/N3EiLAOKp4titaqnmmfYq8mvqc=
last-modified
Tue, 13 Jun 2023 16:53:48 GMT
server
AmazonS3
etag
"6a593fb3ab112d89f6bf26059fe76892"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
e437e5f72244393c.css
nodeassets.nbcnews.com/_next/static/css/
55 KB
8 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/e437e5f72244393c.css
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5ccfbf05b8c8491e788e4b3a00a0460cc327a4356dfea6e746e3c2abb6737bf
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
za8VrtrXrUC4mlcaVeXgmKvfTUdK2mCr
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
P20PJCXY9YGNMR1R
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767101_32_290806_28_0_-";dur=1
content-length
7895
x-amz-id-2
FdD4RECCFTBXsMAaMxqGI6zVs+ngTlECtiav7iAisZk8aoyk1SrTTasJ/p+uTRvV4F4LxsUGeQc=
last-modified
Tue, 13 Jun 2023 16:03:48 GMT
server
AmazonS3
etag
"f206d0f9282a5adeff26d1976d44ce5b"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
a5ffb2280e02bef5.css
nodeassets.nbcnews.com/_next/static/css/
83 KB
14 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/a5ffb2280e02bef5.css
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f739a718e7f47c768b59263bc2ca58cc2168febcb4c1bb2192f049a26fcbbbd
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
wnAHsrviXicvZRyjW807gLMCukhkSqTS
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
6BBYX250E4WTMJEP
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767098_27_285449_28_0_-";dur=1
content-length
14271
x-amz-id-2
7++iIZwcRpmOMxv4K7+awYF7UHdxybfCNvA2v0WrsqHuCnhYFtMGVPLbelmYMwcNts8YIEmQtkI=
last-modified
Tue, 13 Jun 2023 01:22:25 GMT
server
AmazonS3
etag
"68cdde1d271c35ea867c4c996f631545"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
ed77e604411ca866.css
nodeassets.nbcnews.com/_next/static/css/
20 KB
4 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/ed77e604411ca866.css
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90801b0832172b215b38d4b2c952931e81f2b13cd0f57a1b76b60333f4ed26e0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
DQV21fQ36CSx6BkuZuA7blZpHv5tFC4C
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
6BBXS6GCXF28B3Z8
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767093_40_310083_28_0_-";dur=1
content-length
3963
x-amz-id-2
kY8+euWCmIWIPnW5WhyDD3ySm1AlSCmD1v0/dab/Ab7g9crCaARprmJby2AXv/gC+1HToQ3jKnA=
last-modified
Tue, 13 Jun 2023 08:23:21 GMT
server
AmazonS3
etag
"75b511c25f1cac59843b0ec71d6b87f1"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
webpack-d3860ec19db1d7cf.js
nodeassets.nbcnews.com/_next/static/chunks/
9 KB
5 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/webpack-d3860ec19db1d7cf.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f5b426b56fb1144fed018baf77df503500937a3ab60f8d7ad1f962116ebe6a4
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
T4rA7OmhE9K.ysIthOII3p1TFNkjFM9j
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
K46EWX0F7TE1P0ZN
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767115_29_6507_28_0_-";dur=1
content-length
4145
x-amz-id-2
bu33nP8AZDHvDgvHMBUQSzaWxBAQTQPlttwzl/ZsBLWYuVwIQFN6sI9EJw5H6KL4rdtxpifAtJE=
last-modified
Tue, 13 Jun 2023 15:00:12 GMT
server
AmazonS3
etag
"1be1e9f4136a8fea7dcfa49b99726e86"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
framework-79bce4a3a540b080.js
nodeassets.nbcnews.com/_next/static/chunks/
127 KB
41 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/framework-79bce4a3a540b080.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
1iWUn.bUzGkr6RdN5RQtFaZG5A.Ef_92
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
HP9BM2AD6C03DJM3
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767116_35_6190_28_0_-";dur=1
content-length
40952
x-amz-id-2
P79qNuba5qHJ0iJW9hDGt/HIY8V+h7hzwfXXc/Cpm8shBg+VvtOYpNPaoNtS4Paa2r4eArXwfo0=
last-modified
Tue, 13 Jun 2023 11:45:41 GMT
server
AmazonS3
etag
"8ceac1a0789024027e37cca07bebaad2"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
main-3626adf95c8c50d2.js
nodeassets.nbcnews.com/_next/static/chunks/
99 KB
26 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/main-3626adf95c8c50d2.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68179b2afb435b07725952ee0ccbea4c87220b9cd756d4f584e2867f277a7c15
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
REl_hcOAwEyK1oSKuZe2vOD3GI2JAVSz
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
BCKJA2DXRQQ5DQS8
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767117_34_6212_28_0_-";dur=1
content-length
26004
x-amz-id-2
CANKNS2IrFiLs3NikRLvwoDLNcPMcNqqFOFDYpb2qyqKkd6y4a39+GzmFEEhoccKDRxbEeOJPc8=
last-modified
Tue, 13 Jun 2023 19:27:35 GMT
server
AmazonS3
etag
"7ff83a4e2b67ba147d0270dd1637714b"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
_app-44af452ed45b2f8a.js
nodeassets.nbcnews.com/_next/static/chunks/pages/
523 KB
147 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/pages/_app-44af452ed45b2f8a.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab2dea41da05776f38f0a9cc633aeee7c764c0c2c41c22d323bddee06c91e91b
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
pwDTp7CJAI9kLCA6iCZbDvQAl6FMDIgh
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
5GC25NVNATMQAHXD
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767118_42_6147_28_0_-";dur=1
content-length
149582
x-amz-id-2
xFuv7HqLcpxXn/6rnr9BMXk9X9GDEknxEMUeChylA0pxo3iSTu2/01sGaGGBEbwqTbNJYbQhW6s=
last-modified
Tue, 13 Jun 2023 18:29:07 GMT
server
AmazonS3
etag
"acecb68d0d9aae1a04626813210a453a"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
f3dea186-cb45794ed4085831.js
nodeassets.nbcnews.com/_next/static/chunks/
906 KB
31 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/f3dea186-cb45794ed4085831.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dba8842a30a0214ed2532bc6d5be0c667506050e386c56a11be5dc80d34cbb2b
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
CvWRf8wT2Qac4qRvbkkJXLWmghFyPs__
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
MAZP76CW8AEQX29T
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767119_33_6211_28_0_-";dur=1
content-length
31025
x-amz-id-2
VwYtBHmfFqs5h7mVZ/xTwUxzORLuuGePrb+B12KT2QAVUtA1cL1FWZUP8NIQqauJb259TJ31lN8=
last-modified
Tue, 13 Jun 2023 17:43:27 GMT
server
AmazonS3
etag
"66651eb4a8b0b5346cb7f5d29ce5a183"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
2974-eed357adcd1a70ce.js
nodeassets.nbcnews.com/_next/static/chunks/
157 KB
37 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/2974-eed357adcd1a70ce.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16be7368c4db8f156aef05f1885b0ee2162a9e9b8b7ff16bd1579a4483ef9daf
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
YhRTA91g2SX_5BjxxwCKdo9ENkFRENaC
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
QQ4KE4FSFV33SEQF
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767120_770_5336_28_0_-";dur=1
content-length
37057
x-amz-id-2
im1IappaPGqlJxLe17vW+l+t307nuUfKzfzhJKvAviMkwLOlzQkHpFu8TH7h+nGfWFa3TFVsz0A=
last-modified
Tue, 13 Jun 2023 07:07:11 GMT
server
AmazonS3
etag
"da8ca8f164dfe48cfd180f5e44a99f5f"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
8254-5f7fe7bf75a6c88e.js
nodeassets.nbcnews.com/_next/static/chunks/
28 KB
9 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/8254-5f7fe7bf75a6c88e.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f9187f094239de8b9cfd32162b64e9e8ceb17cc55d68a1eac2b0bc85ef12e2f
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
BCSHeoo4CY34eoTf68tryDMCxxN8GXeq
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
8294C66DSS9HA395
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767121_30_6133_28_0_-";dur=1
content-length
8800
x-amz-id-2
+0ZeKkS364jTDBSaQa44xvs0dxKGjCYxaTTkK/5/HPJDHSzmPzLalEuRcwRlVWlHattheohJdOo=
last-modified
Tue, 13 Jun 2023 07:07:12 GMT
server
AmazonS3
etag
"4292093418df3f2865099ccdfab78114"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
5650-c6ef0b3581bee828.js
nodeassets.nbcnews.com/_next/static/chunks/
16 KB
6 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/5650-c6ef0b3581bee828.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6c4a2b216f22c74974d0a58a2bcb46b3450843358e30e6542bb91b84f67244d
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
eMAR0VbPy2se8IBXWNFKFhzy4cWTzdZV
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
PP9JCY7C2YVFR970
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767122_26_6165_28_0_-";dur=1
content-length
5642
x-amz-id-2
ZTPjI68VaI6oHbOjgq8NNkiZ/KlgxybqTuBe1dWHWdxcByiUKpJ5P1FCcOcM9P+4vmMaHsik7Ns=
last-modified
Tue, 13 Jun 2023 19:56:50 GMT
server
AmazonS3
etag
"7834b463e996a138b9168b684fe5d338"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
8530-de3ebe774ac73f5b.js
nodeassets.nbcnews.com/_next/static/chunks/
16 KB
6 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/8530-de3ebe774ac73f5b.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b78ab16b972a289c3f833bb02edc358e3315ee48ccb618b57bd6e3c8a230c164
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
EpVydVzIUqQD78es2mRlWdIlS.yySynC
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
68QZENXZ4PM858KZ
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767123_29_6389_28_0_-";dur=1
content-length
5459
x-amz-id-2
JQwqIsfDsYhBtpd+ubaCQ2QnOtwU9LLqy/IhdQ9arMM0FhaLDTotkWiEmlYjkQPC3Y6/KtE3IH0=
last-modified
Tue, 13 Jun 2023 19:27:35 GMT
server
AmazonS3
etag
"b9a538671c59c2b1a9d4494e9efdb6cf"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
6205-6a3f04e96a8435d6.js
nodeassets.nbcnews.com/_next/static/chunks/
218 KB
65 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/6205-6a3f04e96a8435d6.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7bce4354208897cefdc172e0023efb5070f1a6ca0058a6a0ba2142c8ed8ab03
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
5vMhwmcOmU33Lyv6Jujx_IUFqvnS0f1G
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
763PJVCBBPQQ1F6Y
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767124_33_6106_28_0_-";dur=1
content-length
65718
x-amz-id-2
w5ZxGeg4o8AbD+0M7s6PHksfWaldf3ggmVAMVFBQ8rU8WS6aHS3rRfLa8Ads11AuC7qZNBgraTU=
last-modified
Tue, 13 Jun 2023 01:42:52 GMT
server
AmazonS3
etag
"b4e0c88b883ff9a0d1fc19e456f1b4e5"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
2466-0fae49dcf17d7fbf.js
nodeassets.nbcnews.com/_next/static/chunks/
25 KB
10 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/2466-0fae49dcf17d7fbf.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fadd70a3b68e5b50db0a1a8e8b20ee77c76ae8400a7c1df193a50822fb0fba1
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
QdAQeuAHh6KvUUvSzhML0Osan5awEdoR
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
MRHNNHRQ92A7PPM2
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767127_57_9817_28_0_-";dur=1
content-length
9368
x-amz-id-2
zdZRV2RA5VGBRh2/7oPzLHK/cY8OFfcACDWxy3bCFm//Lp4FLD9b34eQ5Wr+rJKhVQuRqWJfc1g=
last-modified
Tue, 13 Jun 2023 07:07:11 GMT
server
AmazonS3
etag
"be350b8e19c45136e5056ce31a5dec71"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
4396-ae3ad75d207b97fe.js
nodeassets.nbcnews.com/_next/static/chunks/
49 KB
14 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/4396-ae3ad75d207b97fe.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f3ec2677a95b8639ecf5f7e2033b0e00c08848a9fcd778a491b7388ef602d00
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
40cNoxHN9BNx7JbxVIvlXxW95bqKQ3Pd
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
C4C9MDC4C9CP9YH5
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767128_64_9699_28_0_-";dur=1
content-length
14195
x-amz-id-2
o+CC4KHv5G7XiqMv1t21emGog0Kf5xD/iZOJisZj3QyzGexZcXv1w4NHkWTEIciDRscfWPlX7qg=
last-modified
Tue, 13 Jun 2023 11:45:41 GMT
server
AmazonS3
etag
"2404905f8264b3e135235953e23919e4"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
5519-96eccbc08f7f2023.js
nodeassets.nbcnews.com/_next/static/chunks/
15 KB
5 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/5519-96eccbc08f7f2023.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
541b5504975cab60ee778063f29f6f9320ef309ddb0dc9ca2781f9328c90575e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
DlMcKYITnqKo61aXS4OrX2_8PvY9wE7A
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
E3X4GRRD3KEEDJNS
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767129_63_9759_28_0_-";dur=1
content-length
4733
x-amz-id-2
Je88OPDSlPnE9iGVVECX6stn8DT93fc6a6zyGbFDA6q76Aq+zXHZTquyVfE5ajRMh7cx11KHd3o=
last-modified
Tue, 13 Jun 2023 16:53:47 GMT
server
AmazonS3
etag
"6bac913d27108c1c4752300395ae2863"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
7962-348011ad40f33228.js
nodeassets.nbcnews.com/_next/static/chunks/
7 KB
3 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/7962-348011ad40f33228.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c195f1010befeec3435742c61a708069889f6abf705cad734c7423f883a0ab94
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
tL1ILHp4evXbNibvKR7ktNbrL72Uiei6
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
9G916B1H63X9SCAR
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767130_66_9705_28_0_-";dur=1
content-length
2473
x-amz-id-2
oHR0OnUiGgHLeIyPVKhEMcjdjQvhsSEBhUGD9T2TO0lTWqDbZxX9MAeyPGE+GaNFIg9Ho98U4oU=
last-modified
Tue, 13 Jun 2023 11:45:41 GMT
server
AmazonS3
etag
"38e9032d274c8581bb589ad9810b3940"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
3872-7cb9eaf65d75294a.js
nodeassets.nbcnews.com/_next/static/chunks/
47 KB
11 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/3872-7cb9eaf65d75294a.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f92f360dcd54479ca1f495c37a0a2a32b5eaf1d1028aa3cd79b4fb3977cc1fc
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
dPefDhfNWwWDTCsm0IyFjHz.T_dI2ZW4
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
85ZKNSWWNB4YPCCN
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767131_57_9759_28_0_-";dur=1
content-length
11132
x-amz-id-2
2twnySs0ZuO0GqJhJNKSUvETYdgx8fLTlADb2GfWmwOkBjDfc2/rEaQ32idqOw4C9RQR1DgHT7Y=
last-modified
Tue, 13 Jun 2023 01:42:52 GMT
server
AmazonS3
etag
"e592d9d6a281271d7577216397748488"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
9294-92025fafaaad2e02.js
nodeassets.nbcnews.com/_next/static/chunks/
28 KB
12 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/9294-92025fafaaad2e02.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
837d2f960a4a5ca4b0fa92f295bb6dda0dc551274f45bda82679091e24e3ba38
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
ZN7u_vLtCG54K_qv3lNQ8jI1BK5d4PgY
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
M91GQ7NP8YFYJN93
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767132_62_9724_28_0_-";dur=1
content-length
11302
x-amz-id-2
6imq2XWD0dDWvcWPsaD/zHVEU3daxFX1dhEa16L6/j1tAmxnj4L+G3lTuTKWgsenY68qrWSV6MQ=
last-modified
Tue, 13 Jun 2023 06:13:28 GMT
server
AmazonS3
etag
"c8133f17696df42413cd297941683103"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
7711-6bf531e620ede30a.js
nodeassets.nbcnews.com/_next/static/chunks/
11 KB
4 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/7711-6bf531e620ede30a.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f34ebc564ab6471bb209da166c05e6667d1f10a298e3e613f34d58402e8c689
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
vVjnq1P1HwBiZLFlShJF.i5YrM2cJXY_
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
804PXWDFRMN09NGA
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767133_68_9594_28_0_-";dur=1
content-length
3915
x-amz-id-2
c5dIvdyxG/xMPgGJDDL4UCuLDNK1C5T5sExhHj6FDUvsv1YhZVADfm7uWmNgZQG9VIA/el+m5A8=
last-modified
Tue, 13 Jun 2023 09:52:11 GMT
server
AmazonS3
etag
"b059587bc789c99569795014932faeb7"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
4869-a9cec1cdb48e0c11.js
nodeassets.nbcnews.com/_next/static/chunks/
25 KB
8 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/4869-a9cec1cdb48e0c11.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db767aa95b0dcca039d97646b1f6c0980bb444233d6131e0f7aadb9bdf91a327
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
B8bnaxFYq7GRuzeW4ETOFJC6H3sq.etu
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
HBHV6ZF296ZKE0RZ
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767134_80_9542_28_0_-";dur=1
content-length
7274
x-amz-id-2
DTJAL1gjs0Ov29hA+1RXrlTNVaIjWMsyv5mcR+qrsBj1buzYR9PM78AMvgGLPm4GzBD/pJ0sxrg=
last-modified
Tue, 13 Jun 2023 17:43:26 GMT
server
AmazonS3
etag
"5648fc1148411413c78f25784791d35c"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
8620-70fe543071e83cde.js
nodeassets.nbcnews.com/_next/static/chunks/
41 KB
11 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/8620-70fe543071e83cde.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66801ce0eabd0304d15f9d73c68cfdeff8f776496f2ff404ad0875d9cb9ee2f7
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
K6RXgCaNIGBg2YKjVHAqRHgEGzh_GiU2
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
TCVN0YG0K2DTXE7K
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767135_72_9553_28_0_-";dur=1
content-length
10946
x-amz-id-2
tFtESHsiX7owbvZx6CiYVlVwW/HJ2iXk3XwN3qelvcRsPMcASBAHf9BRIZLqwLmGpxCI2ZWdZ7E=
last-modified
Tue, 13 Jun 2023 19:12:26 GMT
server
AmazonS3
etag
"c2867ab339aaf4ac55af4cfdefacf2bb"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
6098-311d0b7d448238e4.js
nodeassets.nbcnews.com/_next/static/chunks/
153 KB
43 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/6098-311d0b7d448238e4.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb68bb6edb6092ef35166b520b028f2a851c6bf95d670b95a82002b96efd310c
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
IsTgmSHiv0E1vTeuYDewbM_3_RtwqxNZ
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
K46FCMW0146S90FG
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767136_76_9520_28_0_-";dur=1
content-length
43571
x-amz-id-2
LmglbuzQx4fUSDoViwfjTpL4FDnsZem8GO5zqgvTS7slQKC6anEV+vlMv06v2XVlHxsJFsdwaqo=
last-modified
Tue, 13 Jun 2023 19:12:26 GMT
server
AmazonS3
etag
"f309efb09e9806ebaf2b1a4ae19cf872"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
7778-585a00713e08c2e4.js
nodeassets.nbcnews.com/_next/static/chunks/
41 KB
11 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/7778-585a00713e08c2e4.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da78917a3f29442350ba0f822d402167808e4ada35300d18bc2aca74625fd472
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
7_7W_t_7Gg2.JPf6H09XiK914Kxc4gPz
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
G3F4W5R53SKMZ87E
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767137_74_9553_28_0_-";dur=1
content-length
10388
x-amz-id-2
b/LBDOkp2ql2nWItQVNsyZaN0Bz2Hg665W3wHBbjbqMBM0llRM0mzlSWUllAuCoglRKqNkBK14s=
last-modified
Tue, 13 Jun 2023 08:23:19 GMT
server
AmazonS3
etag
"397356ccc901a51e58484894c85a3288"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
5279-ddfe58c93ed027cf.js
nodeassets.nbcnews.com/_next/static/chunks/
11 KB
4 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/5279-ddfe58c93ed027cf.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57acd6cb713256b25bc5bf8fd5495e893a895fcf83deaf4307d87d25e7011297
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
hSvCoWI5q0EWlLF2HNW2D1KxH69Izbvw
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
HXBP3ADD15AG46TN
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767138_69_9546_28_0_-";dur=1
content-length
4002
x-amz-id-2
QFlXX8l2MuiUGMtJf5Olqi7PTyuJNuiI1NhE4Ph6vxrFgy0Kp8QaGrcWQTg/pczQRAWSCMmG2Sc=
last-modified
Tue, 13 Jun 2023 08:23:19 GMT
server
AmazonS3
etag
"51910ba9a04d7d6dfef2a383470c8d5c"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
7444-ca1aa3581a919845.js
nodeassets.nbcnews.com/_next/static/chunks/
12 KB
5 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/7444-ca1aa3581a919845.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a92b3c5d84464637175bb55b802da9f9f68b713fcb83139e60a7ec8b0b39bffa
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
SA2kDbQtjN6homKiNMCOlu9ZljkGGuxG
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
KYPYM9PB7C93YXJ8
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767139_114_9169_28_0_-";dur=1
content-length
4358
x-amz-id-2
wRVa6/qq8SFGopYvI/BK/C3txmG9oU2lKExkgWv9Vp4eyNRXoCg2QjJHeAXmCUM00l6i1vTXCoY=
last-modified
Tue, 13 Jun 2023 06:52:06 GMT
server
AmazonS3
etag
"35faf6353924c2be5a03fbde728dee6a"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
5585-80bc85b864fec7a9.js
nodeassets.nbcnews.com/_next/static/chunks/
14 KB
6 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/5585-80bc85b864fec7a9.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7944d38923056e3bc08f8d5215f8c660c6ede2a1b5df368905b583d4069be83c
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
5OIpZ2K3pDrHyUukjDzt0MXalBHiEODW
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
ZCYZCCGZA15AEMNF
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767140_79_9421_28_0_-";dur=1
content-length
5176
x-amz-id-2
zJp31kiEPwxGy5fmB3fdUxGrGYpaFZnYFGtXJAmEo4g/E+H2v9rONkccLJVV/iSbNPDhl6Cjg38=
last-modified
Tue, 13 Jun 2023 19:27:35 GMT
server
AmazonS3
etag
"abd1423c79b239c62e46413a25839bdb"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
9738-728bb3fa17b2a09f.js
nodeassets.nbcnews.com/_next/static/chunks/
57 KB
15 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/9738-728bb3fa17b2a09f.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
442a306ff077bf74bd3e0a1740c2d3944211795d9d109d24d365b2fe93a5fd68
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
rDexkKWkx66gtftzo62Gg36ouuI2X42A
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
G3FEX0Z809SEZ5W5
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767141_80_9400_28_0_-";dur=1
content-length
15277
x-amz-id-2
Nyr3ro/m+oOZLhxXHQ7Mbc4EclGGvoVUcvvPWa4M5DDDA7FK+g6USKO+MXJJv+i6f/WhXPJ36Ec=
last-modified
Tue, 13 Jun 2023 08:23:19 GMT
server
AmazonS3
etag
"6d81526ae273ed1ca170ff964917d81d"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
3690-1d8e5a6f12a26b10.js
nodeassets.nbcnews.com/_next/static/chunks/
56 KB
15 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/3690-1d8e5a6f12a26b10.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba4b7053275ac06eed29e50c928483296ba8a1ba7cc8815ad92bb5695cb7fc3a
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
FGnF.uSh6yqt3bXvCPQuDlWwQHWCR5SY
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
7M5K0FXJXCX8E9VD
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767142_81_9382_28_0_-";dur=1
content-length
14770
x-amz-id-2
HnhgrV2FMNDxH17dEh8/7e8oBkivADuFJQ5btwgy38ytBQeYQpI4dhgvth5KRXsq9TjQvjYW/C8=
last-modified
Tue, 13 Jun 2023 19:12:26 GMT
server
AmazonS3
etag
"e519b4aa456a65f52993b3a64c1e249a"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
2617-c80ace4e39e00ee5.js
nodeassets.nbcnews.com/_next/static/chunks/
28 KB
7 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/2617-c80ace4e39e00ee5.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33e9c5ff7588a3dad40bd014a8a5037acd59c0a8693603dbee83ee6b2acf6652
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
SkyjcgdNNT4SEQMhiysMt94J6LamHP68
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
APZMBRVKXWT5G3A6
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767143_1183_7323_27_0_-";dur=1
content-length
7079
x-amz-id-2
zHSWZ85nacM1wmiorsFb6LZZ3dT51JjP15HTe392Bv0cWmPgkHVpR4kX2NRqWwd2NKQxfHYBFEE=
last-modified
Tue, 13 Jun 2023 06:52:06 GMT
server
AmazonS3
etag
"58c6b16e3646cc4f5049b9c2bd6ce8c3"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
4166-fbee5fadde6b6bdf.js
nodeassets.nbcnews.com/_next/static/chunks/
116 KB
29 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/4166-fbee5fadde6b6bdf.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14b306e09b6566907bbc7a69613b5492a58bb3c5f44ef6880c13b2c07076d6cf
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
VWV5JI3odv3JrrcEHOtBBwFgNurTrdTI
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
37ZRGZ0K2R4TBKJ4
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767144_1181_7190_27_0_-";dur=1
content-length
28846
x-amz-id-2
ocRvIQsKdcb6m5qtLKGk6/6LHqGxupPW6+P/1GHlWv5RkH1N8RvxCgICrKlcVJgTvClgq/w9iJo=
last-modified
Tue, 13 Jun 2023 18:48:01 GMT
server
AmazonS3
etag
"a808bb40a495bf80e7311209bc8210ca"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
6188-f6e792b5f0b3605e.js
nodeassets.nbcnews.com/_next/static/chunks/
133 KB
29 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/6188-f6e792b5f0b3605e.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e73863ac8525691f3a608c59ee9cd2520cb5f1958805f873d989ad308836208
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
Vn5_x2QPolCKokSgdQrvRCi8f3aKjcET
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
YA4XRB6YNS3Q2SZM
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767145_1183_7201_27_0_-";dur=1
content-length
29675
x-amz-id-2
AWo1j66ewvtdgcdAtpFKXtxNIg4BHOuRnyz2jSY39z+dYVJUylkf1PdyFn9nE5RqeF4c67L/szI=
last-modified
Tue, 13 Jun 2023 01:22:23 GMT
server
AmazonS3
etag
"c5abd96f7c81360e3c11b9899eecd328"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
9590-086c7d5f1fa70cf9.js
nodeassets.nbcnews.com/_next/static/chunks/
36 KB
7 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/9590-086c7d5f1fa70cf9.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ad64f24b40f75be6a32ecd0f04a0eeeea6daf377b804488d0c2d0e7410309ca
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
RyoJySNDTOnTR1ClSVtQ7Va2KjbIGCwA
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
A79WFHCZBSFKA3RG
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767146_1182_7221_27_0_-";dur=1
content-length
6920
x-amz-id-2
ODtXo7/RgLC3a8aKo8JnvMmx4L4tiE7sPk+FqWXxpfcpVEC1vgMkzUVbFLNP5FLV7+9AYT90mtE=
last-modified
Tue, 13 Jun 2023 08:23:19 GMT
server
AmazonS3
etag
"e8d71b3f88b1bc2484d75a52c968eb72"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
3088-cca77866302cf1e3.js
nodeassets.nbcnews.com/_next/static/chunks/
54 KB
19 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/3088-cca77866302cf1e3.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ed26f11600a78d24d62ff6ae8450fa5781dca22f1ab14266eb066f22f134320
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
3CmLB_ZiZNuEEv06cQPOlTBpmlz3UzdZ
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
BGT66VNH4WQJ1J9W
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767147_1179_7278_27_0_-";dur=1
content-length
18873
x-amz-id-2
5N/Zz3jR0xT4QlYBXwkpe2iRVESBrw0CMl4QtcMZt4pu870VS34a7aP30qJwIEGRfAnjgEinDig=
last-modified
Tue, 13 Jun 2023 18:48:01 GMT
server
AmazonS3
etag
"52c643b36794cdce33ca885a336ec500"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
6297-f58526404eeca0b8.js
nodeassets.nbcnews.com/_next/static/chunks/
36 KB
10 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/6297-f58526404eeca0b8.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
51eb8b292d153e861623c0ed30776800e6865a614145be19023e9d7f2a894e4e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
Ud3G85QkNTuM0S4wMRr4UckMSJlgCU7n
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
CPSTFAXDJ5Q85ZTT
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767148_1181_5780_28_0_-";dur=1
content-length
9732
x-amz-id-2
P1+f7TcfX61xedemrdT9MW7xxbJZuKvtV0Up9AsUkwgdoLHzB4JAMsY9h87Gvx7h6MvTjL//R0Y=
last-modified
Tue, 13 Jun 2023 01:42:52 GMT
server
AmazonS3
etag
"b42da7b6f380fd7e99c7619f72dd4455"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
8436-84fd48d03e4bd2f5.js
nodeassets.nbcnews.com/_next/static/chunks/
65 KB
17 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/8436-84fd48d03e4bd2f5.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fdc20d1f7912efd1299fe14fd37d9906decda19435a36912107865525dade286
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
VHnoxpe6ng4LrjP5RKv.bsh7bDvfh4qM
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
BGT97XP4C6RN6YGP
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767149_1178_5799_28_0_-";dur=1
content-length
16805
x-amz-id-2
YVO7F9Z/4L9OeX+4cDP8qSz94J97itpqsfdv+wnlFw2MvSVQK5J9oQALjRw0e6/J/TxyTjQIEvI=
last-modified
Mon, 12 Jun 2023 21:53:58 GMT
server
AmazonS3
etag
"43c4c7ecde4448f6a592702d4c30328d"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
9643-42f2026e3f17b53c.js
nodeassets.nbcnews.com/_next/static/chunks/
33 KB
12 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/9643-42f2026e3f17b53c.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b6f3d2037d4e7107eb0ee1b10cb5ef954d042c8921957945e40d24c4a90ae1f
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
UMR5Jv6nc8Tdt1fMM39tuqjt4xnai70L
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
GK43M2VQ2PY92WKT
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767150_1179_5780_28_0_-";dur=1
content-length
11959
x-amz-id-2
8QhnqtMOGD/u6+rX4c+DbaokqScz8YD+iXd9kCSjIcIrRxc1C9MS4ewALBo4zZ8zxipDczZW+zs=
last-modified
Tue, 13 Jun 2023 19:12:26 GMT
server
AmazonS3
etag
"beaad3e2ea55a59dbdb868d27d976d11"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
article-42d3b9b6290a02f6.js
nodeassets.nbcnews.com/_next/static/chunks/pages/
22 KB
8 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/pages/article-42d3b9b6290a02f6.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81115ede15bc291348152c4021e46c1214a17f7b0d28e2cae1eb30677b2cb523
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
85vpGdzd.H2fVg5xBoUIafEaUCBW53w2
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
BGT9XTWX51P8W61Z
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767151_1173_7537_27_0_-";dur=1
content-length
7679
x-amz-id-2
emicOYPJV2bBziSvIl0ci0dJzfrc78xY6qSHLkPKzj63DJiZyWyeVW1VY5Ljic25p2XQK/+14LQ=
last-modified
Tue, 13 Jun 2023 18:29:07 GMT
server
AmazonS3
etag
"426fbb3f1a3600d727dbcad230dca744"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
_buildManifest.js
nodeassets.nbcnews.com/_next/static/533f186cbc5aa3c52b4f4d0baa566a4104a64052/
26 KB
6 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/533f186cbc5aa3c52b4f4d0baa566a4104a64052/_buildManifest.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3e8433a8e96fbf95d297095792e696d48b5b172456602a5b93d66f217d71a65
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
wsWiVKhmu2EPJ9zOF8F52QVySXuhlPS1
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
06PCWHPG147YNCBY
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767152_1175_7165_27_0_-";dur=1
content-length
6082
x-amz-id-2
fYeQgy7nK+qH/lg+ZY/6IXX65bdxXBJyhLvYOW7sWsK0dMqMXu2/FpBDLy37UHZpPTIySgx2n48=
last-modified
Mon, 12 Jun 2023 20:19:37 GMT
server
AmazonS3
etag
"52419fd024550cf51aeb6a596b153f18"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
_ssgManifest.js
nodeassets.nbcnews.com/_next/static/533f186cbc5aa3c52b4f4d0baa566a4104a64052/
77 B
561 B
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/533f186cbc5aa3c52b4f4d0baa566a4104a64052/_ssgManifest.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
o.Vu_tKJrvo.fMoCeEV.isJjGAQWxXtR
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
06PEA3E6MMY2VXER
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767153_1172_7210_27_0_-";dur=1
content-length
51
x-amz-id-2
xaVfTnEnU1rMgquAn1m0YGH9+XAutvCbePdoxaHBa9x5boMkzYc/nMLkAnGkQUjnBQEa0Xuutec=
last-modified
Mon, 12 Jun 2023 20:19:38 GMT
server
AmazonS3
etag
"b6652df95db52feb4daf4eca35380933"
content-type
application/javascript
cache-control
private, max-age=86400
expires
Thu, 15 Jun 2023 02:08:13 GMT
_middlewareManifest.js
nodeassets.nbcnews.com/_next/static/533f186cbc5aa3c52b4f4d0baa566a4104a64052/
92 B
564 B
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/533f186cbc5aa3c52b4f4d0baa566a4104a64052/_middlewareManifest.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
WF.cXrNugkHZ4wdDECY4MfrepRoS1AUy
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
06PCT3RJE48HMA1Z
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767154_1170_7232_27_0_-";dur=1
content-length
56
x-amz-id-2
MhEXa/ZcK0f9CenXBAbTL2wNxLCrczParFhQy7IYhUSSFrl8tcDCb1NVIdN8AbowPY82sw4atq0=
last-modified
Mon, 12 Jun 2023 20:19:37 GMT
server
AmazonS3
etag
"7c3f7e060745668041278118c0bb3d6d"
content-type
application/javascript
cache-control
private, max-age=86400
expires
Thu, 15 Jun 2023 02:08:13 GMT
launch-EN03682f66064449c8b87d78eae3e2fc57.min.js
assets.adobedtm.com/
795 KB
199 KB
Script
General
Full URL
https://assets.adobedtm.com/launch-EN03682f66064449c8b87d78eae3e2fc57.min.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:980::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f73e7cc41d39326ef7ce32e652e21085d1ff60ab05f9a0f85138b59d8f59e6b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:12 GMT
content-encoding
gzip
last-modified
Wed, 14 Jun 2023 01:42:08 GMT
server
AkamaiNetStorage
etag
"3369fbb9193ff339530df53351ce1664:1686706928.303776"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.nbcnews.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
203073
expires
Wed, 14 Jun 2023 03:08:12 GMT
ads.b1f2c549.js
nodeassets.nbcnews.com/_next/static/chunks/
37 KB
10 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/ads.b1f2c549.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6e635a7e1ab8ea1671505d940b05de3652d8fc5fa4aca94da773152deff70c4
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
U7d.XT2sIfMYH6o5OyJ13MnchaLeuzfg
content-encoding
br
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
DCPMHKH65A60YHGY
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767155_1179_7183_27_0_-";dur=1
content-length
9802
x-amz-id-2
C1N1Jl9yltjyRyO1MH3kzEJwlbX51M64BzigLHtb29664DEg+si42EITWWfPLpo4F4lm9yIjg54=
last-modified
Tue, 13 Jun 2023 08:23:19 GMT
server
AmazonS3
etag
"65a76c3601b468306d2dd5e40e23eed5"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
truncated
/
758 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
781e5d64e355ea883008a5a84253f2193e16eeee976577427b5d9008180bdede

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/svg+xml
FoundersGroteskCondensedWeb-Semibold.6797c94d7e9d7972e1dda6ed5248e1f4.woff2
nodeassets.nbcnews.com/assets/fonts/shared/
39 KB
40 KB
Font
General
Full URL
https://nodeassets.nbcnews.com/assets/fonts/shared/FoundersGroteskCondensedWeb-Semibold.6797c94d7e9d7972e1dda6ed5248e1f4.woff2
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1eaf39da4a7bc521968553ccb045aaae4c3609d0f714197db1855e4b47bf31d4
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

Referer
https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Origin
https://www.nbcnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
UvqxF5yqAakw56cN4C1xb.YQdPhVCBLy
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
PD5C0R1M31H0HK2X
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767163_26_5945_28_0_-";dur=1
content-length
40106
x-amz-id-2
XPFUqA3B32vqAA7cPNjFiJBHCPt034UMRxYL8w4bum4RO++d4LQmmq7BAa+RZI1/SSAOT1tjeHI=
last-modified
Thu, 11 Jul 2019 19:07:44 GMT
server
AmazonS3
etag
"6797c94d7e9d7972e1dda6ed5248e1f4"
access-control-max-age
3000
access-control-allow-methods
GET,POST,PUT
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jun 2024 02:08:13 GMT
FoundersGroteskMonoWeb-Regular.861757adb72039160d3707fc6508e252.woff2
nodeassets.nbcnews.com/assets/fonts/shared/
29 KB
30 KB
Font
General
Full URL
https://nodeassets.nbcnews.com/assets/fonts/shared/FoundersGroteskMonoWeb-Regular.861757adb72039160d3707fc6508e252.woff2
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
547bfe45786020d5e9de262b053fecc7e9031cac23695f136d411b67e604c90e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

Referer
https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Origin
https://www.nbcnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
smxq6MLYc1aZNAPU82awTXjGoqcFeVuG
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
YBH2QZWFFFENFFR6
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767166_31_5874_28_0_-";dur=1
content-length
30163
x-amz-id-2
qqQJwm6iH5IisA25C2Lyd6OBcAsz71Q+ZtSL3Pp7R4MGGE0ctcIRBbrkHcgy+a7hacDYbdBy6sU=
last-modified
Tue, 11 Oct 2022 22:23:57 GMT
server
AmazonS3
etag
"861757adb72039160d3707fc6508e252"
access-control-max-age
3000
access-control-allow-methods
GET,POST,PUT
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jun 2024 02:08:13 GMT
PublicoText-Roman-Web.752edd6cce510289581b5e8ecea31abd.woff2
nodeassets.nbcnews.com/assets/fonts/shared/
51 KB
52 KB
Font
General
Full URL
https://nodeassets.nbcnews.com/assets/fonts/shared/PublicoText-Roman-Web.752edd6cce510289581b5e8ecea31abd.woff2
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83340911733e4ae3c55fc3763d089fa38e427248ac4833ee3209c5c5f7f385dd
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

Referer
https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Origin
https://www.nbcnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
2MTzNwxTqVPRbYrJTYk1GvQbxM9fvhUo
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
TCG7MFPC7J33PJ9V
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767165_30_5886_28_0_-";dur=1
content-length
52393
x-amz-id-2
ytXxPjdRFzZw3P/z/VND1O6FGguPyCDlvjK0Kx3DD3UWpUe5g3JL2BPkP85hseBnOAbcrJNP5w0=
last-modified
Tue, 11 Oct 2022 19:53:40 GMT
server
AmazonS3
etag
"752edd6cce510289581b5e8ecea31abd"
access-control-max-age
3000
access-control-allow-methods
GET,POST,PUT
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jun 2024 02:08:13 GMT
iconfont.ca9b721675.woff2
nodeassets.nbcnews.com/_next/static/assets/fonts/
14 KB
14 KB
Font
General
Full URL
https://nodeassets.nbcnews.com/_next/static/assets/fonts/iconfont.ca9b721675.woff2
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db2356b5f18b55a9cebb2c282b7e88e59d4a8f94abceddb20fadc7c33d8c27ee
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

Referer
https://www.nbcnews.com/
Origin
https://www.nbcnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
6ho41xMbEtgaCdS8Gu6gPxtvhZqoR4iX
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
P4AXK46JZBKNWP0M
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767164_32_5878_28_0_-";dur=1
content-length
13896
x-amz-id-2
KLUiOg8WwKK3XxnxPxswzPK2yNsc/9t2z5qhrnfrKJnJr5RsSSUlkk7ORSEzQdXBw14UfLUAzB8=
last-modified
Tue, 13 Jun 2023 10:44:07 GMT
server
AmazonS3
etag
"493cd34ad63c34dd32ac5e4d5ea97165"
access-control-max-age
3000
access-control-allow-methods
GET,POST,PUT
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:13 GMT
nc_pkg_kxas_dallas_ransomware_230504-cs29qz.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-860x484,f_auto,q_auto:best/mpx/2704722219/2023_05/
72 KB
72 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-860x484,f_auto,q_auto:best/mpx/2704722219/2023_05/nc_pkg_kxas_dallas_ransomware_230504-cs29qz.jpg
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3100:794::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
eb99b621d5fd18516177cb4c881ad8a1f8b0c96c402bcf21e73c0015d44c4044
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-cache-hits
1
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
392362063688444730166459279018394820711,214677783314802856843520142156836606120,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="nc_pkg_kxas_dallas_ransomware_230504-cs29qz.webp"
content-length
73230
x-served-by
cache-iad-kiad7000168-IAD
last-modified
Thu, 04 May 2023 14:47:06 GMT
server
cloudinary
x-timer
S1686583907.866845,VS0,VE1
etag
"e29911ba270777b03f1371cfdbfeb18b"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31432934
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Tue, 11 Jun 2024 21:30:27 GMT
otSDKStub.js
cdn.cookielaw.org/consent/bf1dbc48-bdff-47f8-8677-c0917978a891/
17 KB
6 KB
Script
General
Full URL
https://cdn.cookielaw.org/consent/bf1dbc48-bdff-47f8-8677-c0917978a891/otSDKStub.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f5566a98c2a7d3aad7e6c7518c206d3065713e22c98583c9f686e48e9e7f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nbcnews.com/
Origin
https://www.nbcnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Jun 2023 02:08:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Zq5CSd3MANpmGmojoJnzWA==
age
74332
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
5815
x-ms-lease-status
unlocked
last-modified
Wed, 22 Feb 2023 21:45:34 GMT
server
cloudflare
etag
0x8DB151E20DF1D13
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
65a0d015-401e-0073-54e1-5aa825000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7d6f06360f59bb49-FRA
expires
Thu, 15 Jun 2023 02:08:13 GMT
otCCPAiab.js
cdn.cookielaw.org/opt-out/
22 KB
6 KB
Script
General
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Jun 2023 02:08:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ERttG9+iQk1LCPjR495NRw==
age
76293
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
84ed10d5-601e-00ec-3ce1-5ad09f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7d6f06361cd8bbc7-FRA
id
dpm.demdex.net/
988 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A8AB776A5245B4220A490D44%40AdobeOrg&d_nsid=0&ts=1686708493698
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.142.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-142-64.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
eb9f4d08fef18c9899547ca19d914e0659038a69218bb08742959b1997226d1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v048-0db55a5d6.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
Xr+/9YnFR80=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.nbcnews.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
554
Expires
Thu, 01 Jan 1970 00:00:00 UTC
609617.js
dev.visualwebsiteoptimizer.com/lib/
258 KB
65 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/lib/609617.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
32ba119e29f7dbb5be3fdfb85157bd3ea1739e4f3255553ce3ffd382dc791cf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-computed
true
date
Wed, 14 Jun 2023 02:08:13 GMT
content-encoding
gzip
via
1.1 google
server
gams1
etag
W/"1686687541"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
no-cache,max-age=0, public, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ptime
0.0054999999993015
mparticle.js
jssdkcdns.mparticle.com/js/v2/65ea0b28a73c4c4abd08599774d30799/
181 KB
47 KB
Script
General
Full URL
https://jssdkcdns.mparticle.com/js/v2/65ea0b28a73c4c4abd08599774d30799/mparticle.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
dd648a2ddfe9defe08c3bfa61d2acd731e02dabd0ceb26ca263f0da77a45b53c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by
cache-iad-kiad7000109-IAD, cache-fra-eddf8230075-FRA
date
Wed, 14 Jun 2023 02:08:13 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
92
x-timer
S1686708494.802804,VS0,VE2
x-origin-name
fastlyshield--shield_ssl_cache_iad_kiad7000109_IAD
x-cache
HIT, HIT
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
47885
x-cache-hits
169, 1
lightbox_speed.js
www.lightboxcdn.com/vendor/cfbf6814-ef53-427e-b99a-f3ba72e8a366/
3 KB
1 KB
Script
General
Full URL
https://www.lightboxcdn.com/vendor/cfbf6814-ef53-427e-b99a-f3ba72e8a366/lightbox_speed.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c208d48e93b6abb4c5e81b3c72164f41257a9a625dab9ca3a4a01b9b4c46b043

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Jun 2023 02:08:13 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
7/GW74kkvbTvqDUPV7mBAQ==
age
11
cf-polished
origSize=4971
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Tue, 13 Jun 2023 18:36:44 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
4d80cc99-c01e-005b-3426-9e1f4c000000
cache-control
public, max-age=60
x-ms-version
2009-09-19
cf-ray
7d6f06363f121a6d-FRA
expires
Wed, 14 Jun 2023 02:09:13 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/
930 B
1 KB
Script
General
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-165.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 15:50:42 GMT
Via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P3
Age
37051
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
DJWXDp9WC5fNd9GXEztNkqIUX2krKlNIQhb3TDX9w3LmYfJ9K2xEHg==
Expires
Wed, 14 Jun 2023 15:50:42 GMT
hotjar-309218.js
static.hotjar.com/c/
9 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-309218.js?sv=6
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-49.fra56.r.cloudfront.net
Software
/
Resource Hash
164e9ff720c6620efa1a016cbd4de12ea7387e7b62db6cb2ce43648b39b66d93
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Wed, 14 Jun 2023 02:08:08 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
24
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/94d65dcebdf6d1df813cba415a68f1a9
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
JLCGG0C_A3Z0ZTZJ6lG-mvNmBDh3i7jS_ld5Mj-OMUMWZGGPGVaOBg==
spm.v1.min.js
ak.sail-horizon.com/spm/
98 KB
33 KB
Script
General
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-45.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc5f18223b1a8a5c768d7e1a6e61e1f6c724d385921f6353ba01ff9ef19d59e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:00:22 GMT
content-encoding
gzip
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 16:08:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
472
x-amz-server-side-encryption
AES256
etag
W/"be0aea74754407f0a826a84e140dd5ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
Mvz4I-Dt6doDQ-pj7KSqebE-CQFDMJf5YseKkuzivQa7J1TEJ5F9ng==
js
www.googletagmanager.com/gtag/
129 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8168974
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c8eed1f1077496ddb74d7bb60e7ff25914badb4c5861a2a434ab7b9b418f6777
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51081
x-xss-protection
0
last-modified
Wed, 14 Jun 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Jun 2023 02:08:13 GMT
beacon
tag.researchnow.com/t/
42 B
444 B
Image
General
Full URL
https://tag.researchnow.com/t/beacon?adn=13&pl=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&pr=284801&si=NBCNEWS
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-105.fra60.r.cloudfront.net
Software
Apache/2.4.57 () / PHP/7.2.34
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Jun 2023 01:18:26 GMT
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
server
Apache/2.4.57 ()
x-amz-cf-pop
FRA60-P4
age
2987
x-powered-by
PHP/7.2.34
x-cache
Hit from cloudfront
content-type
image/gif
p3p
CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
42
x-amz-cf-id
GKNKctaAjlb8DkMr-aVaeYtRqIGHv-k7XuBB6W9_JRJsGkDdeHwERw==
expires
0
P35C41790-24D9-4BCD-9873-48B547719D85.js
cdn-gl.imrworldwide.com/conf/
41 KB
8 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/conf/P35C41790-24D9-4BCD-9873-48B547719D85.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:d000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fa6562e4ad686fb98d042103b4ef70a3ce133d74544dfd2c56efe02e7b6df5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
AELn_huu6ouJOE7MRY1PrU5sbTMxQ0xF
content-encoding
gzip
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
date
Wed, 14 Jun 2023 01:55:34 GMT
last-modified
Tue, 13 Jun 2023 17:16:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
760
x-amz-server-side-encryption
AES256
etag
W/"ae9f5e3a8e72431547b90bad2f15df71"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
p_iScTADVJ78gg2Anp00W3p7y9aGKdD8Ffd-FmbUuQefQ7PMPv8kIA==
branch-latest.min.js
cdn.branch.io/
73 KB
22 KB
Script
General
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-81.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cdc2bb26fe76a79d54a6f197edf1188e4829093003f26707eed349267a8a96d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
RcGafUhyGoCBAIKL0sPQaqgYc5MW5qY6
content-encoding
gzip
via
1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
date
Wed, 14 Jun 2023 02:07:46 GMT
last-modified
Tue, 04 Apr 2023 19:50:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
28
etag
"ce82fd24f9c8aae0ff0fa6e15c400c97"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=300
content-length
22498
x-amz-cf-id
ywPyHYcB9nTEo2oPo5qv2Mv0mTY2bqNYhA3DGhkXSzUfnzZU7tyA5g==
/
geo.cnbc.com/info/
130 B
292 B
Fetch
General
Full URL
https://geo.cnbc.com/info/
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9ab::d25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/7.0.33 / PHP/7.0.33
Resource Hash
88defba3329daa634bdb508fd1dc40231c0b219e120bc7d65c367b2deddf6ed1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 14 Jun 2023 02:08:13 GMT
server
Apache/2.4.6 (CentOS) PHP/7.0.33
x-powered-by
PHP/7.0.33
content-length
130
x-aicache-os
xxx.xx.14.132:80
content-type
application/json
v2qusgr7btBRRO-emBbA5sWkxcsQu-_-U-QHahIG_Xx3zkKDa6rxAGEW90kNpubn_3Q
nondescriptnote.com/
67 KB
24 KB
Script
General
Full URL
https://nondescriptnote.com/v2qusgr7btBRRO-emBbA5sWkxcsQu-_-U-QHahIG_Xx3zkKDa6rxAGEW90kNpubn_3Q
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e6c2f5a364bbe47c07cec5a9ac3543d436adad35e03df919864f329bbc9ed1a0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Wed, 14 Jun 2023 02:08:13 GMT
x-datacenter
gce-europe-west1
etag
"ca900988a64d54612cb96471cf8c24da5105a02c003167177d01e71942bc8b4b"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-1dhj
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
892946322
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
nbcuniversal.js
tru.am/scripts/custom/
870 B
1 KB
Script
General
Full URL
https://tru.am/scripts/custom/nbcuniversal.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:374 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d9bb0b641b2cc279716a4e26f032389929383c284c4cfe88c9cb40558e62317

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1369114
x-guploader-uploadid
ADPycdu46B_WwVH1t_Fnl01jr8jsbiFs3VSj1--6EOksVLCRMoFXwneZvXScaTyP0U9V3yJi2xzISXQdeYN1DhCUoOqLWA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 20 Apr 2023 22:34:07 GMT
server
cloudflare
etag
W/"07a4174097c2df03c5fada13441ecd7a"
vary
Accept-Encoding
x-goog-hash
crc32c=96UPxA==, md5=B6QXQJfC3wPF+toTRB7Neg==
x-goog-generation
1682030047756921
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1FI20uujiBdeoNsv2e%2FabGsuEtf5cD5FaLg%2F6%2Bbq6E8IYT8NQEnf9mWFqz3RAuBJu%2Fpy%2F04KCKbEq5NdBaDUrxY1WT1XcMzpoD5XIAA1WEajmvyPYofJxzoSLZfsGD0obd3jw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-goog-stored-content-length
870
cf-ray
7d6f06371cb8bb37-FRA
expires
Tue, 28 May 2024 05:49:39 GMT
dpm_pixel_min.js
c.tvpixel.com/js/current/
103 KB
32 KB
Script
General
Full URL
https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=nbcu-3dcc5105-25e1-45bf-9fba-c85842909d0d
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8c00:1d:bf0a:0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
content-encoding
gzip
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
date
Tue, 13 Jun 2023 22:35:07 GMT
last-modified
Thu, 16 Sep 2021 18:14:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
80197
etag
W/"08e770c8a17bf087d50cec01af0892c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
9VF6iQj8bJ8i4RAH2440hWgTSEQu0zvMuG4aD9Jxh7kVHoFAmv-nzg==
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 05:05:22 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
75772
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
cpf6J3YF95KeY7oN-51othet2tWsQ8LkgvE-wPa4C3YgV7LLj80ScA==
hfs-header.js
nodeassets.nbcnews.com/assets/header-footer/1.136.0/
24 KB
8 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/assets/header-footer/1.136.0/hfs-header.js
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/_next/static/chunks/pages/_app-44af452ed45b2f8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10a67938d1e9362996a176bf44d98295cc313e98f074c14289ab82a3f88d0032
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
YclKQixLX1KbHf69y51IMmITQ7d.iEL9
content-encoding
br
date
Wed, 14 Jun 2023 02:08:14 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
DJGWHNK3G4J25QQT
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767192_18_5905_33_0_-";dur=1
content-length
7248
x-amz-id-2
jhl5dChVACIeMbq9LX91lbFhpcyO2nhYOB8kbKnDFOLALLxZvJqxeTI/oXvFDdKFD5rP7n0F+Dk=
last-modified
Wed, 07 Jun 2023 19:57:02 GMT
server
AmazonS3
etag
"46c49b60f05947e5c909a0d62c80a5ba"
content-type
text/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Thu, 15 Jun 2023 02:08:14 GMT
ndp-hls.js
media1.s-nbcnews.com/i/videoassets/ndp/latest/
582 KB
154 KB
Script
General
Full URL
https://media1.s-nbcnews.com/i/videoassets/ndp/latest/ndp-hls.js
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/_next/static/chunks/pages/_app-44af452ed45b2f8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3100:794::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef4bd2366fe9f01a0cef765ac8f0a77d2805e64ba0168a24e1777e4d583a53e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

unused62
8096267
date
Wed, 14 Jun 2023 02:08:14 GMT
content-encoding
gzip
last-modified
Thu, 27 Feb 2020 18:18:48 GMT
server
AmazonS3
x-amz-request-id
5E42F68EE951DA59
etag
"dc39b12c7e04fd3161eb2956d7e3a8a4"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
156860
x-amz-id-2
MsB4na8MZj9mD3udtYAFz4x6o4Cm1jS3+E516kin/R6c7Jy9yt3nFIWVeZE82+vsFsWaiOyLwZA=
newsletter
www.nbcnews.com/services/
7 KB
2 KB
Fetch
General
Full URL
https://www.nbcnews.com/services/newsletter
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/_next/static/chunks/pages/_app-44af452ed45b2f8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:996::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / Express
Resource Hash
142b61225fe59daaf9aa37d10aa34f617907b830c72da64da095ce0dbcacadaa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2628000 ; preload

Request headers

Referer
https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
x-original-correlation-id
undefined
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:14 GMT
content-encoding
br
strict-transport-security
max-age=2628000 ; preload
server
nginx
content-security-policy
upgrade-insecure-requests;
x-powered-by
Express
etag
W/"1dfc-BZNlvv+d0kV/cTGcNLaFuS1/c9s"
content-type
application/json; charset=utf-8
content-language
en
x-backend-server
blue-ramen2-647b9dd7fb-n49pb
content-length
1889
PublicoHeadline-Light-Web.558b657c534cf850fc1e341ff9df48b9.woff2
nodeassets.nbcnews.com/assets/fonts/shared/
43 KB
44 KB
Font
General
Full URL
https://nodeassets.nbcnews.com/assets/fonts/shared/PublicoHeadline-Light-Web.558b657c534cf850fc1e341ff9df48b9.woff2
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:a85::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e9b3dc41928550a6a5f2294cb7bb92ba7e4ae20198486ce269415ee43543420
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

Referer
https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Origin
https://www.nbcnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
ul1EPurdSowB7PVZime6PQkFWexC7YJJ
date
Wed, 14 Jun 2023 02:08:14 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
QVEAT619RDQBFW2S
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468530_388391815_271767193_20_5448_29_0_-";dur=1
content-length
44305
x-amz-id-2
BXk8tUnIeY6UD2pbbJ7PLjGYQfGO86E/fwy8fkdlFQXJfMnvj2KbZ3M764o4vsTaFc4a/wqeJas=
last-modified
Thu, 11 Jul 2019 19:07:44 GMT
server
AmazonS3
etag
"558b657c534cf850fc1e341ff9df48b9"
access-control-max-age
3000
access-control-allow-methods
GET,POST,PUT
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jun 2024 02:08:14 GMT
commerceRecommended
www.nbcnews.com/bentoapi/
2 KB
1 KB
Fetch
General
Full URL
https://www.nbcnews.com/bentoapi/commerceRecommended?query=type:article%20AND%20NOT%20id:rcna85983%20AND%20autoCuration:true%20AND%20(taxonomy:%20nbcnews/section/tech)&page=1&size=2&sort=datePublished:desc
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/_next/static/chunks/6188-f6e792b5f0b3605e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:996::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / Express
Resource Hash
7c7bdae40617a9189c43594f9b15797971598df319d16fb2b922fae2b6b74a2e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:14 GMT
content-encoding
br
strict-transport-security
max-age=2628000 ; preload
server
nginx
content-security-policy
upgrade-insecure-requests;
x-powered-by
Express
etag
W/"6d1-VEbVQvoSaErl0bU3f31ESAUI9CQ"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-language
en
cache-control
max-age=15
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-backend-server
blue-ramen2-7f4bc5dfdf-j5hcp
content-length
657
commerceRecommended
www.nbcnews.com/bentoapi/
2 KB
1 KB
Fetch
General
Full URL
https://www.nbcnews.com/bentoapi/commerceRecommended?query=type:article%20AND%20NOT%20id:rcna85983%20AND%20autoCuration:true%20AND%20(taxonomy:%20nbcnews/section/tech)&page=1&size=2&sort=datePublished:desc
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/_next/static/chunks/6188-f6e792b5f0b3605e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:996::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / Express
Resource Hash
cb66ecf37a4556d0da2b1e72ce6576f06e8d5f80650a72c302e2d4b23a14330d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:14 GMT
content-encoding
br
strict-transport-security
max-age=2628000 ; preload
server
nginx
content-security-policy
upgrade-insecure-requests;
x-powered-by
Express
etag
W/"6d0-/i4+SV7SkSO+lSek3mamNkkq0+c"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-language
en
cache-control
max-age=60
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-backend-server
blue-ramen2-647b9dd7fb-d7w46
content-length
655
dest5.html
nbcuni.demdex.net/ Frame 1E3B
7 KB
3 KB
Document
General
Full URL
https://nbcuni.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.166.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-166-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.nbcnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v048-0fa823568.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
+zRYsdsyQqk=
content-encoding
gzip
date
Wed, 14 Jun 2023 02:08:14 GMT
last-modified
Wed, 10 May 2023 10:46:53 GMT
transfer-encoding
chunked
vary
accept-encoding
id
aamt.nbcnews.com/
89 B
608 B
XHR
General
Full URL
https://aamt.nbcnews.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=A8AB776A5245B4220A490D44%40AdobeOrg&mid=16753349417385536861968768375831693813&ts=1686708494116
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.160 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-160.data.adobedc.net
Software
jag /
Resource Hash
f7de59d52f36779aaf5fc6ce1f3231f62cddc6bb3571697c3c394f7a8eb68219
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 14 Jun 2023 02:08:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.nbcnews.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
89
x-xss-protection
1; mode=block
bf1dbc48-bdff-47f8-8677-c0917978a891.json
cdn.cookielaw.org/consent/bf1dbc48-bdff-47f8-8677-c0917978a891/
4 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/bf1dbc48-bdff-47f8-8677-c0917978a891/bf1dbc48-bdff-47f8-8677-c0917978a891.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/bf1dbc48-bdff-47f8-8677-c0917978a891/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9c07824d0967d30b5ca738d650cd92f1dc38082939be19f4507d9f7c9bee5e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Jun 2023 02:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
CzYtEdbgC6xtQYCpmvh2QA==
age
73643
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1530
x-ms-lease-status
unlocked
last-modified
Wed, 22 Feb 2023 21:45:33 GMT
server
cloudflare
etag
0x8DB151E1FE578A7
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8fbd418b-001e-00b3-53e1-5a2261000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7d6f063868a4bb49-FRA
expires
Thu, 15 Jun 2023 02:08:14 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/
68 B
235 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d0182c8f505267cbc9a34cd4db566b0d56beabd041a912d8636f0b1cbadf0cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
7d6f0638ef3435e6-FRA
vary
Accept-Encoding
content-type
text/javascript
digibox.gif
www.lightboxcdn.com/z9g/
35 B
296 B
Image
General
Full URL
https://www.lightboxcdn.com/z9g/digibox.gif?c=1686708494141&h=www.nbcnews.com&e=p&u=44095
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Jun 2023 02:08:14 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
30769
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Fri, 02 Dec 2022 00:02:02 GMT
content-length
35
x-ms-lease-status
unlocked
cf-bgj
imgq:85,h2pri
last-modified
Fri, 02 Dec 2022 00:02:38 GMT
server
cloudflare
etag
0x8DAD3F8864E2F29
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
d94aa70f-501e-005e-14ac-3ceb33000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7d6f0638786c1a6d-FRA
p.js
cdn.parsely.com/keys/nbcnews.com/
73 KB
26 KB
Script
General
Full URL
https://cdn.parsely.com/keys/nbcnews.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
fedca269c46d16ef7bbb050acc9bbb9fe51a8bb77a3a8d31627d82fce4ce124a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jun 2023 13:44:10 GMT
content-encoding
gzip
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 14:02:18 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
44644
etag
W/"646b75ea-122c6"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
9oQOnCk1Mz_AKw7ZxKbSN4WQNhoZr8fl-GdtIlPnEXPms5D3zX--fA==
expires
Wed, 14 Jun 2023 13:44:10 GMT
modules.a83b652ad427a97a480b.js
script.hotjar.com/
269 KB
69 KB
Script
General
Full URL
https://script.hotjar.com/modules.a83b652ad427a97a480b.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-309218.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-63.fra56.r.cloudfront.net
Software
/
Resource Hash
424389db7a9ba935cfd48de3ca2c7b828743858d1e0804a7d29d243a8d44bfb1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 09:29:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
59947
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
70044
last-modified
Tue, 13 Jun 2023 09:28:54 GMT
etag
"08eb2b9d276222a1c8b1a76a2c0a8e33"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
NVQn5IjZCuSk5ZxSGcTyf_A3c1yplEzLgvAn8aOCRlYdLb0D_EKvvA==
_r
app.link/
91 B
632 B
Script
General
Full URL
https://app.link/_r?sdk=web2.74.0&branch_key=key_live_bmS4ym2cDBm2ge4BjKwILcjeCvnyQ3v3&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:200:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
1d35326164cbde1bf71c6dd1a3c41fdab42ee58e923f13497adcd6c454fbc491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
server
openresty
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
x-amz-cf-pop
FRA6-C1
etag
W/"5b-1qR1S6MHQZI0WsjiPxLWLeM8v/0"
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
content-length
91
x-amz-cf-id
qt-2YRRgJK5bRuRVs-nXwv_CVKW5OHBjCwmv96G_roPjIWVbWJ6g1g==
identify
identity.mparticle.com/v1/ Frame
0
0
Preflight
General
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://www.nbcnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
1640
date
Wed, 14 Jun 2023 02:08:14 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
148
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230029-FRA
x-timer
S1686708494.294720,VS0,VE0
identify
identity.mparticle.com/v1/
177 B
328 B
XHR
General
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/65ea0b28a73c4c4abd08599774d30799/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
251f2bbd9d16da900d2c936551524e37d0e6f933921202e2e4450282ec2eb2fe
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
65ea0b28a73c4c4abd08599774d30799
Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Wed, 14 Jun 2023 02:08:14 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1686708494.423509,VS0,VE103
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-mp-rate-limit-percentage-used
7.5
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
gv.gif
dev.visualwebsiteoptimizer.com/
783 B
598 B
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/gv.gif?a=609617&u=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/609617.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
02c02163daeac24c5a7d0b803f6c25a6049fb168f86194e40b9b5b79d4c102ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:13 GMT
content-encoding
gzip
via
1.1 google
server
gams1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/javascript; charset=UTF-8
dyn
dev.visualwebsiteoptimizer.com/
270 B
272 B
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/dyn
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/609617.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
45e5d32e0ec15cbdbb2e79a1e8db1453f3cafe31edb9af9bdca27c3f1f7000f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:13 GMT
content-encoding
gzip
via
1.1 google
server
gams1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/javascript; charset=UTF-8
ta-pagesocial-sdk.js
tru.am/scripts/
27 KB
11 KB
Script
General
Full URL
https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by
Host: tru.am
URL: https://tru.am/scripts/custom/nbcuniversal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:374 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1370341
x-guploader-uploadid
ADPycdtfv7GJX_5lpUPtBaEawW9W-K70RxWQ-WawJqB4brq85Z_awLPwRbdcDZmO4YgC55aaX4CjNRAGlXLb0oxtTpMdBw
x-goog-storage-class
REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Jul 2022 07:45:14 GMT
server
cloudflare
etag
W/"2925c8da90d1d29f7899fa52629fe37d"
vary
Accept-Encoding
x-goog-hash
crc32c=TsbXyg==, md5=KSXI2pDR0p94mfpSYp/jfQ==
x-goog-generation
1658389514760491
content-type
text/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71HeTCiEC%2B2GWt7wMZj82Lc9%2FesbiWPzQXZd%2BF9NWLlnh4zcCxSuwlAk0jqWOGD5Z6R3Ysk8SBsYyBEFArywlme%2BSEAzqNaNktDKOhMFtvsqj2Ged8K0PkW490pv146PUcBTQg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2678400
x-goog-stored-content-length
27860
cf-ray
7d6f0638fd8dbb37-FRA
expires
Mon, 29 May 2023 05:29:23 GMT
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/
199 KB
56 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P35C41790-24D9-4BCD-9873-48B547719D85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:d000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
767a456e2a3d977102a5a4224d43f77ca39d3e196d21ba98e3849eb5061d1e5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
qAuMC_cBXhFjiyzLuhpEoecYbuPbFf_p
content-encoding
gzip
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
date
Wed, 14 Jun 2023 01:09:52 GMT
last-modified
Mon, 12 Jun 2023 14:05:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
3503
x-amz-server-side-encryption
AES256
etag
W/"f43d226b4110956140ab2e00da92026d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
d3pHjdCz_h3G_O15QeYBn4nH_XKohp5uVlOagXiotYIuOK9mI54T3w==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035083&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686708494221&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-link...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035083&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686708494221&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-lin...
0
225 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035083&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686708494221&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&c8=An%20Illinois%20hospital%20links%20closure%20to%20ransomware%20attack&c9=
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Server
13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-21.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:14 GMT
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
4yCb76Dk0MT9kfMs6qwXDBfDpFgp4UfBi8LS-wXI3s6RCMM1hASn1w==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 14 Jun 2023 02:08:14 GMT
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6035083&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686708494221&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&c8=An%20Illinois%20hospital%20links%20closure%20to%20ransomware%20attack&c9=
content-length
0
x-amz-cf-id
SKSevC2ggCzFHsq3aP_SGapHVsHCXJdkil5ioKML5u0lZOghmJHUZg==
skeleton.gif
static.adsafeprotected.com/
43 B
482 B
Image
General
Full URL
https://static.adsafeprotected.com/skeleton.gif?adunitid=uizqxn&adnum=1581632
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:fc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 14:52:58 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
30539716
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
C3SQAK5cNfg_gg7n9cFI_jf-B0QjS_I-1-1p-HJtpTofIDcPCet_ZA==
tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame
0
0
Preflight
General
Full URL
https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.191.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-191-187.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.nbcnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.nbcnews.com
access-control-max-age
600
content-length
0
date
Wed, 14 Jun 2023 02:08:14 GMT
server
nginx
tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/
2 B
328 B
XHR
General
Full URL
https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: c.tvpixel.com
URL: https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=nbcu-3dcc5105-25e1-45bf-9fba-c85842909d0d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.191.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-191-187.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.nbcnews.com
date
Wed, 14 Jun 2023 02:08:14 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
settings.js
dev.visualwebsiteoptimizer.com/
3 KB
1 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=609617&settings_type=2&vn=7.0&u=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&exc=191|192|201|203|204|217|218|223|224|225|226|227|228|229|230|231|286|325|326|338|378
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/609617.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
04378ffa414930f64040bd1d89dba0239fcb49252f90272b3b1e7d6f02962169

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:14 GMT
content-encoding
gzip
via
1.1 google
server
gams1
etag
W/"1686687541"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
activityi;dc_pre=CM3YneXWwf8CFYjjuwgdf-kAsg;src=8168974;type=nbcvi0;cat=nbcne0;ord=4662676505686;gtm=45fe36c0;auiddc=1547124173.1686708494;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%...
8168974.fls.doubleclick.net/ Frame BA60
Redirect Chain
  • https://8168974.fls.doubleclick.net/activityi;src=8168974;type=nbcvi0;cat=nbcne0;ord=4662676505686;gtm=45fe36c0;auiddc=1547124173.1686708494;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=http...
  • https://8168974.fls.doubleclick.net/activityi;dc_pre=CM3YneXWwf8CFYjjuwgdf-kAsg;src=8168974;type=nbcvi0;cat=nbcne0;ord=4662676505686;gtm=45fe36c0;auiddc=1547124173.1686708494;uaa=;uab=;uafvl=;uam=;...
605 B
505 B
Document
General
Full URL
https://8168974.fls.doubleclick.net/activityi;dc_pre=CM3YneXWwf8CFYjjuwgdf-kAsg;src=8168974;type=nbcvi0;cat=nbcne0;ord=4662676505686;gtm=45fe36c0;auiddc=1547124173.1686708494;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8168974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
7f8fcca1aaef49beced7fc4d165a41992d06293327012d7281a1909c930ff661
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nbcnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
329
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Jun 2023 02:08:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Jun 2023 02:08:14 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8168974.fls.doubleclick.net/activityi;dc_pre=CM3YneXWwf8CFYjjuwgdf-kAsg;src=8168974;type=nbcvi0;cat=nbcne0;ord=4662676505686;gtm=45fe36c0;auiddc=1547124173.1686708494;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
59 B
304 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/bf1dbc48-bdff-47f8-8677-c0917978a891/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0d734d7b8016f22e077bc1e2d5929c74d5f992e72e28c54daa63f1e9a9ac84b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7d6f0639b99303b8-FRA
access-control-allow-headers
Content-Type
news
www.nbcnews.com/services/miniPlayerTease/
825 B
874 B
Fetch
General
Full URL
https://www.nbcnews.com/services/miniPlayerTease/news
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/_next/static/chunks/pages/_app-44af452ed45b2f8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:996::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / Express
Resource Hash
524b1af431d3bf3a31f0265469433c60f971f0e83d0fab4e2a19c9f040ae7e0e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2628000 ; preload

Request headers

Referer
https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
x-original-correlation-id
undefined
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:14 GMT
content-encoding
gzip
strict-transport-security
max-age=2628000 ; preload
server
nginx
content-security-policy
upgrade-insecure-requests;
x-powered-by
Express
etag
W/"339-JCBn5GSRX4IqgAIipylBEmnzUqo"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
content-language
en
x-backend-server
blue-ramen2-7f4bc5dfdf-xd8vx
content-length
509
/
p1.parsely.com/px/
43 B
229 B
Image
General
Full URL
https://p1.parsely.com/px/?rand=1686708494315&plid=16079ab1-3fc7-4fc4-99ac-de09a75c9866&idsite=nbcnews.com&url=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&sref=&sts=1686708494310&slts=0&title=An+Illinois+hospital+links+closure+to+ransomware+attack&date=Wed+Jun+14+2023+02%3A08%3A14+GMT%2B0000+(GMT)&action=pageview&pvid=071abfeb-f3a3-4af6-9001-c6ef36b8062b&u=pid%3Da02f229d-9215-4a12-9d77-84fa4b16dc55
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 02:08:14 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
v.gif
dev.visualwebsiteoptimizer.com/
35 B
52 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=609617&d=nbcnews.com&u=DEE27E0997F98964F90E87E9091764F75&h=029ed652ffd4e6972af2a71d1e6b9826&r=0.8925603427130531
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:08:14 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
230613-white-house-exterior-mn-1010-09a03c.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-06/
1 KB
2 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-06/230613-white-house-exterior-mn-1010-09a03c.jpg
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3100:794::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
94be672abb91b7d3f4e8c764f1c8c4f89e470c34912a5dd08b678bad5096057b
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-cache-hits
1
date
Wed, 14 Jun 2023 02:08:14 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
346420879626592909032188519779078608593,380829963117896786254718282598345919481,7831a46e631c715519da9d0ce0a38b6b
status
200 OK
content-disposition
inline; filename="230613-white-house-exterior-mn-1010-09a03c.webp"
content-length
1144
x-request-id
9b3d3b8c63158c1f036ddda7ebf1b26a
x-served-by
cache-iad-kiad7000034-IAD
last-modified
Tue, 13 Jun 2023 17:32:59 GMT
server
cloudinary
x-timer
S1686677585.655447,VS0,VE5
etag
"0eb6a01e858004cb63cd7343cdaf609b"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31526796
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Wed, 12 Jun 2024 23:34:50 GMT
230613-beatles-mb-1236-e85107.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-06/
6 KB
7 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-06/230613-beatles-mb-1236-e85107.jpg
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3100:794::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
0543da092ee791391737a24209f01f74ab9cb377d1ed9dc315348ae3ed6c24ca
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-cache-hits
1
date
Wed, 14 Jun 2023 02:08:14 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
222473770281670528808058722836408084857,380829963117896786254718282598345919481,7831a46e631c715519da9d0ce0a38b6b
status
200 OK
content-disposition
inline; filename="230613-beatles-mb-1236-e85107.webp"
content-length
6298
x-request-id
68210f5981ce4a2c146a90fc36d070f4
x-served-by
cache-lga21933-LGA
last-modified
Tue, 13 Jun 2023 12:12:11 GMT
server
cloudinary
x-timer
S1686658394.133687,VS0,VE6
etag
"64e9f045f7b423ffb8eddf38b20cc4fd"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31507505
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Wed, 12 Jun 2024 18:13:19 GMT
beacon
beacon.tru.am/
0
0
Fetch
General
Full URL
https://beacon.tru.am/beacon
Requested by
Host: tru.am
URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:374 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:08:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
surrogate-control
no-store
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G09nON1PMinSJ1SHZ8tCljjrtmLIXNOLSErI6sAf8C%2FPcoI33Czi8cXde0QqbgwKTuZe6G3XIJqyBcrkqD96yhn1TYY%2F2ynitK%2Fj92ciFxr8yWkhC0ylt8w56dCVVBc2MNkIXfd%2B6idNqOU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray
7d6f063a6b9f6969-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 UTC
tag-9dc27e4a9fdc0ddb31a7007b14d6aac0.js
dev.visualwebsiteoptimizer.com/web/djIkdHI6Ny4w/
13 KB
4 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdHI6Ny4w/tag-9dc27e4a9fdc0ddb31a7007b14d6aac0.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/609617.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
34ca1420db98a605ac63d3d80927f8064ec897a7b490a5db7e781778bd42f505

Request headers

Referer
https://www.nbcnews.com/
Origin
https://www.nbcnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:14 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 13 Jun 2023 20:18:35 GMT
server
gams1
etag
"6488cf1b-fdd"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4061
tag-9b8a412d6cbff4bf519609f6b2d7546c.js
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnk=/
98 KB
25 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnk=/tag-9b8a412d6cbff4bf519609f6b2d7546c.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/609617.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
b0116221e4756b96a5f514db2694266e6d1722e20cf5a6aa8718f7d131bb6c11

Request headers

Referer
https://www.nbcnews.com/
Origin
https://www.nbcnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:13 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 13 Jun 2023 20:18:35 GMT
server
gams1
etag
"6488cf1b-61e3"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25059
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame A327
12 KB
4 KB
Document
General
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:d000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.nbcnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1717
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Wed, 14 Jun 2023 01:39:38 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Mon, 12 Jun 2023 14:05:39 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
x-amz-cf-id
_FRUscUpYm_hoRZcs7bhqjhzELHlgIHfFECbMw6uKUH28J-U4AMn1Q==
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
UYGZ3Pa9bEh3fzu3nt5h25aUF1xMbqst
x-cache
Hit from cloudfront
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.17.0/
377 KB
84 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/bf1dbc48-bdff-47f8-8677-c0917978a891/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nbcnews.com/
Origin
https://www.nbcnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Jun 2023 02:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
66Z8bY5FXXAAikIS37tpYA==
age
73627
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
85833
x-ms-lease-status
unlocked
last-modified
Thu, 29 Apr 2021 01:57:14 GMT
server
cloudflare
etag
0x8D90AB21C520644
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c0290052-f01e-012a-2ae1-5aebf6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7d6f063a199dbb49-FRA
id
dpm.demdex.net/
988 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=A8AB776A5245B4220A490D44%40AdobeOrg&d_nsid=0&d_mid=16753349417385536861968768375831693813&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=AVID%013244908765649B3D-6000195A662E27F6&ts=1686708494447
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.142.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-142-64.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fd8f0a76c0a73b0ca3edd6e77abde3614b15ec08b140031ed017bb7cb071c120
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v048-0472ecef9.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
4oTwWqeHQRg=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.nbcnews.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
554
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ibs:dpid=771&dpuuid=CAESEIW1dMKoYXSu7dR0ESAhlcA&google_cver=1
dpm.demdex.net/ Frame 1E3B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTY4NTQyNzkyOTQwMjQ1OTI4NDE5NDk1ODc5Njc1MjcyNjMyODc=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTY4NTQyNzkyOTQwMjQ1OTI4NDE5NDk1ODc5Njc1MjcyNjMyODc=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIW1dMKoYXSu7dR0ESAhlcA&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIW1dMKoYXSu7dR0ESAhlcA&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
HTTP/1.1
Server
34.254.142.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-142-64.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nbcuni.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v048-01b683c59.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
KL19QxgARX8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:08:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIW1dMKoYXSu7dR0ESAhlcA&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame A327
44 B
720 B
Image
General
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P35C41790-24D9-4BCD-9873-48B547719D85&sessionId=uhi1rpbiteztsr0brykpv8kaoazed1686708494&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.663&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-226-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:08:15 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
uhi1rpbiteztsr0brykpv8kaoazed1686708494.nuid.imrworldwide.com/ Frame A327
35 B
351 B
Image
General
Full URL
https://uhi1rpbiteztsr0brykpv8kaoazed1686708494.nuid.imrworldwide.com/
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b600:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 04:59:28 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
76128
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
Vm0SOTnEMV4dpz5o8oYMc-JAo75PKEBQV7oPX3x5xadLorijvSD1qQ==
worker.js
dev.visualwebsiteoptimizer.com/analysis/
47 KB
13 KB
XHR
General
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/worker.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/609617.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:13 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 13 Jun 2023 20:18:30 GMT
server
gams1
etag
"6488cf16-351f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13599
en.json
cdn.cookielaw.org/consent/bf1dbc48-bdff-47f8-8677-c0917978a891/13505bbe-b4dc-4c67-9740-215884852bd7/
175 KB
34 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/bf1dbc48-bdff-47f8-8677-c0917978a891/13505bbe-b4dc-4c67-9740-215884852bd7/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be5ddda8e669c59313302ddb6cb53e56c0d33c30fb6d288779723b81cfa9221b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Jun 2023 02:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
c97vEfDRYOzjXGUnDT46bg==
age
72622
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
34876
x-ms-lease-status
unlocked
last-modified
Wed, 22 Feb 2023 21:45:42 GMT
server
cloudflare
etag
0x8DB151E252FF99B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e841c01d-b01e-00aa-03e1-5a0e09000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7d6f063aa9e6bb49-FRA
expires
Thu, 15 Jun 2023 02:08:14 GMT
s69632902733367
aamt.nbcnews.com/b/ss/msnbcnbcnewscomprod/1/JS-2.17.0/
43 B
415 B
XHR
General
Full URL
https://aamt.nbcnews.com/b/ss/msnbcnbcnewscomprod/1/JS-2.17.0/s69632902733367
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.160 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-160.data.adobedc.net
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Jun 2023 02:08:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 15 Jun 2023 02:08:14 GMT
server
jag
etag
3622178911508791296-4619771115687782674
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
https://www.nbcnews.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Tue, 13 Jun 2023 02:08:14 GMT
event
nbcu.demdex.net/
3 KB
2 KB
XHR
General
Full URL
https://nbcu.demdex.net/event?d_dil_ver=9.3&_ts=1686708494511
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.136.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-136-163.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ca2f5761b612d2a08c4bcd793ad78f9c0ae5da9fe1d6d38070b70eb7130fbb32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v048-0f9a9001c.edge-irl1.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
ftsLQBCCQwA=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.nbcnews.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
973
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
cookiesync.mparticle.com/v1/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=130884&dpuuid=-2032154493243489053&redir=https%3A%2F%2Fcookiesync.mparticle.com%2Fv1%2Fsync%3Fesid%3D37590%26MPID%3D-2032154493243489053%26ID%3D%24%7BDD_UUID%7D%26Ke...
  • https://cookiesync.mparticle.com/v1/sync?esid=37590&MPID=-2032154493243489053&ID=16854279294024592841949587967527263287&Key=65ea0b28a73c4c4abd08599774d30799&env=2
0
191 B
Image
General
Full URL
https://cookiesync.mparticle.com/v1/sync?esid=37590&MPID=-2032154493243489053&ID=16854279294024592841949587967527263287&Key=65ea0b28a73c4c4abd08599774d30799&env=2
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 14 Jun 2023 02:08:15 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1686708495.248705,VS0,VE355
x-origin-name
6pOFtq5qpnIJ0Pt8WbH5c2--F_us1_origin
x-cache
MISS
accept-ranges
bytes
x-served-by
cache-fra-eddf8230105-FRA

Redirect headers

DCS
dcs-prod-irl1-1-v048-0b9a1c6ee.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
UbrhgYWsSkw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://cookiesync.mparticle.com/v1/sync?esid=37590&MPID=-2032154493243489053&ID=16854279294024592841949587967527263287&Key=65ea0b28a73c4c4abd08599774d30799&env=2
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
cookiesync.mparticle.com/v1/sync/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm&MPID=-2032154493243489053&esid=37591&Key=65ea0b28a73c4c4abd08599774d30799&env=2
  • https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm=&MPID=-2032154493243489053&esid=37591&Key=65ea0b28a73c4c4abd08599774d30799&env=2&google_tc=
  • https://cookiesync.mparticle.com/v1/sync/?id=CAESEFE5tewj6NG_PjAtsFuJWyM&MPID=-2032154493243489053&esid=37591&Key=65ea0b28a73c4c4abd08599774d30799&env=2&google_cver=1
0
51 B
Image
General
Full URL
https://cookiesync.mparticle.com/v1/sync/?id=CAESEFE5tewj6NG_PjAtsFuJWyM&MPID=-2032154493243489053&esid=37591&Key=65ea0b28a73c4c4abd08599774d30799&env=2&google_cver=1
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 14 Jun 2023 02:08:15 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1686708495.386379,VS0,VE375
x-origin-name
6pOFtq5qpnIJ0Pt8WbH5c2--F_us1_origin
x-cache
MISS
accept-ranges
bytes
x-served-by
cache-fra-eddf8230105-FRA

Redirect headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:08:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cookiesync.mparticle.com/v1/sync/?id=CAESEFE5tewj6NG_PjAtsFuJWyM&MPID=-2032154493243489053&esid=37591&Key=65ea0b28a73c4c4abd08599774d30799&env=2&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
383
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cms
ups.analytics.yahoo.com/ups/58782/ Frame 1E3B
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=16854279294024592841949587967527263287&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=16854279294024592841949587967527263287&gdpr=0&gdpr_consent=
0
125 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=16854279294024592841949587967527263287&gdpr=0&gdpr_consent=
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nbcuni.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date
Wed, 14 Jun 2023 02:08:15 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0105.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
content-language
en
location
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=16854279294024592841949587967527263287&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
no-store
content-length
415
otFlat.json
cdn.cookielaw.org/scripttemplates/6.17.0/assets/
12 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.17.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Jun 2023 02:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
iBHq0PTHfG30UZUmEXHGnw==
age
69015
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2938
x-ms-lease-status
unlocked
last-modified
Thu, 29 Apr 2021 01:57:06 GMT
server
cloudflare
etag
0x8D90AB2173E15E6
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6c2c2626-801e-00c4-0ce1-5aa720000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7d6f063b5a49bb49-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.17.0/assets/v2/
47 KB
11 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.17.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eec660e2b3b122746049afba74759e1d3012e9757e4d93063212a770eb150b31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Jun 2023 02:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
QWpbT1Wg29aBRjQ2r7+nDQ==
age
73009
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11495
x-ms-lease-status
unlocked
last-modified
Thu, 29 Apr 2021 01:57:08 GMT
server
cloudflare
etag
0x8D90AB218BD0ED7
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
09a86463-c01e-0166-16e1-5a2ce9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7d6f063b5a4cbb49-FRA
82e4309b84e6f3fd70a0de840b1ff42b5ae0e3
nondescriptnote.com/0/019ae2e1c20e14/
206 B
233 B
Fetch
General
Full URL
https://nondescriptnote.com/0/019ae2e1c20e14/82e4309b84e6f3fd70a0de840b1ff42b5ae0e3
Requested by
Host: nondescriptnote.com
URL: https://nondescriptnote.com/v2qusgr7btBRRO-emBbA5sWkxcsQu-_-U-QHahIG_Xx3zkKDa6rxAGEW90kNpubn_3Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d21f452108e5df6b74501a8f2f9d583006f6ad328d1278d69356dfa714f1a2ec
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Wed, 14 Jun 2023 02:08:14 GMT
via
1.1 google
x-buildnumber
892946322
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nbcnews.com
x-hostname
fen-hoothoot-europe-west1-spot-1dhj
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Wed, 14 Jun 2023 02:08:13 GMT
open
api2.branch.io/v1/
273 B
648 B
XHR
General
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:5600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
679db733df25335c9bd97d3d2afc81237c140a75f983473fdb6506db1832ee57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 14 Jun 2023 02:08:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
x-branch-request-id
e87a716c-7fbe-44f9-9670-34f4946b40a2-2023061402
content-length
273
x-amz-cf-id
6BQkkS0Rs30Wg-UNOsBeij4f4ScFu3Ai7hBrvWtiYEuYfd3RYY5hWQ==
adb-ext.gif
ds.reson8.com/ Frame 1E3B
0
96 B
Image
General
Full URL
https://ds.reson8.com/adb-ext.gif?puid=16854279294024592841949587967527263287
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nbcuni.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:15 GMT
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
7d6f063f4c7f1c8b-FRA
vary
Accept-Encoding
simple
api.sail-personalize.com/v1/personalize/
288 B
497 B
Fetch
General
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
4e072ebf49cc23b8c95293e00263eefc93b040d6bc1b6421ba3376b8d20e9437

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer a839e8824b3cdd864a9ba3052205d70b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://www.nbcnews.com/
x-referring-url
https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983

Response headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:08:15 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
196
expires
-1
sv.js
nbcu.track.securedvisit.com/js/
59 KB
24 KB
Script
General
Full URL
https://nbcu.track.securedvisit.com/js/sv.js?sv_cid=5998_04679&sv_origin=nbcnews.com
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.40.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-40-7.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
f9df1da2e337cc44e3d87a5dc93f8271933b5ee914c7046ef02e281014b6cda0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:08:15 GMT
content-encoding
gzip
last-modified
Wed, 14 Jun 2023 02:08:15 GMT
server
nginx/1.22.0
etag
W/"273cf9801333aefc61a4f311b0692f6a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, private
expires
Wed, 14 Jun 2023 02:08:15 GMT
restricted
mid.rkdms.com/ Frame 1E3B
Redirect Chain
  • https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=16854279294024592841949587967527263287&_ct=img
  • https://mid.rkdms.com/restricted
0
0
Image
General
Full URL
https://mid.rkdms.com/restricted
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Server
54.208.26.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-26-70.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nbcuni.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:08:15 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
server
nginx
location
/restricted
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
simple
api.sail-personalize.com/v1/personalize/ Frame
0
0
Preflight
General
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://www.nbcnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://www.nbcnews.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Wed, 14 Jun 2023 02:08:15 GMT
277535753d1f3fa6369c7de36d4f515bcde10cc70039efd9ce9a
nondescriptnote.com/
1 KB
800 B
Fetch
General
Full URL
https://nondescriptnote.com/277535753d1f3fa6369c7de36d4f515bcde10cc70039efd9ce9a
Requested by
Host: nondescriptnote.com
URL: https://nondescriptnote.com/v2qusgr7btBRRO-emBbA5sWkxcsQu-_-U-QHahIG_Xx3zkKDa6rxAGEW90kNpubn_3Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6287040de78c84d2f1d8b44b012772e9cfa2f9da74fbe4a466d6851b225610a7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Wed, 14 Jun 2023 02:08:15 GMT
x-buildnumber
892946322
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
774
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nbcnews.com
x-hostname
fen-hoothoot-europe-west1-spot-1dhj
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
dc_pre=CM3YneXWwf8CFYjjuwgdf-kAsg;src=8168974;type=nbcvi0;cat=nbcne0;ord=4662676505686;gtm=45fe36c0;auiddc=1547124173.1686708494;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fww...
adservice.google.com/ddm/fls/i/ Frame D3A4
604 B
703 B
Document
General
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CM3YneXWwf8CFYjjuwgdf-kAsg;src=8168974;type=nbcvi0;cat=nbcne0;ord=4662676505686;gtm=45fe36c0;auiddc=1547124173.1686708494;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983
Requested by
Host: 8168974.fls.doubleclick.net
URL: https://8168974.fls.doubleclick.net/activityi;dc_pre=CM3YneXWwf8CFYjjuwgdf-kAsg;src=8168974;type=nbcvi0;cat=nbcne0;ord=4662676505686;gtm=45fe36c0;auiddc=1547124173.1686708494;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8554b343a0d5ff024cc028249147fc9193de45e99880520d1d4cb77cd7c0fb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8168974.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
328
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Jun 2023 02:08:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pageview
api2.branch.io/v1/
28 B
433 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:5600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 14 Jun 2023 02:08:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
5063cc6b96914157ae426bf691afbca4-2023061402
content-length
28
x-amz-cf-id
ZMqZr0m7pfsacVbesWZQrrOFS3iQGpA91dAn26XpKOERKJOolgx7lA==
dc_pre=CM3YneXWwf8CFYjjuwgdf-kAsg;src=8168974;type=nbcvi0;cat=nbcne0;ord=4662676505686;gtm=45fe36c0;auiddc=1547124173.1686708494;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fww...
adservice.google.se/ddm/fls/i/ Frame 6A5F
194 B
515 B
Document
General
Full URL
https://adservice.google.se/ddm/fls/i/dc_pre=CM3YneXWwf8CFYjjuwgdf-kAsg;src=8168974;type=nbcvi0;cat=nbcne0;ord=4662676505686;gtm=45fe36c0;auiddc=1547124173.1686708494;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CM3YneXWwf8CFYjjuwgdf-kAsg;src=8168974;type=nbcvi0;cat=nbcne0;ord=4662676505686;gtm=45fe36c0;auiddc=1547124173.1686708494;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Jun 2023 02:08:15 GMT
expires
Wed, 14 Jun 2023 02:08:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
mps.nbcuni.com/request/page/json/params/
43 KB
12 KB
XHR
General
Full URL
https://mps.nbcuni.com/request/page/json/params/?CALLBACK=mpsCallback&cat=tech&cag%5Bplatform%5D=ramen&cag%5Btargeting%5D=news%7Cusnews%7Chealthcare&adunit=%2F2620%2Fnbcnews%2Ftech&type=bentoarticle&content_id=rcna85983&site=nbcnews-bento&path=%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&cag%5Badunit1%5D=2620&cag%5Badunit2%5D=nbcnews&cag%5Badunit3%5D=tech&title=An%20Illinois%20hospital%20links%20closure%20to%20ransomware%20attack&ismobile=false&NOLOAD=mpstools&USE_OVERLAY=0&IRSOURCE=false&ASYNC=1
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.120.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-37.deploy.static.akamaitechnologies.com
Software
Apache/2.4.38 (Debian) / PHP/7.1.33
Resource Hash
86d3fcbf2390c357cc893847dd60e850d8b47eeb1c68f065a942dc78b9abbf8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jun 2023 02:08:15 GMT
Content-Encoding
gzip
Server
Apache/2.4.38 (Debian)
X-Powered-By
PHP/7.1.33
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
11623
Expires
Wed, 14 Jun 2023 02:08:15 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
76 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee045310752103c13867daddad5b359cf114c359813a98333d1910b6dd017d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25373
x-xss-protection
0
server
cafe
etag
286 / 19522 / m202306080101 / config-hash: 6824178500822003401
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 14 Jun 2023 02:08:15 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/
404 KB
125 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bbbc366133eebc269aa0b4c9893140db2b61666a03417b07923f8201846ed8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 17:58:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
29393
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127525
x-xss-protection
0
server
cafe
etag
1285551304932764827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 12 Jun 2024 17:58:22 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
103 B
92 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nbcnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20e117c72f68819de65a85a1128945102564b41014576c0c07b1e86e75b4f9dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Wed, 14 Jun 2023 02:08:16 GMT
moatheader.js
z.moatads.com/nbcuyieldheader7581548001/
225 KB
80 KB
Script
General
Full URL
https://z.moatads.com/nbcuyieldheader7581548001/moatheader.js
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9dc24ec453c18362c80967492ada0f6a069610610e49d6ce7663313f4f4c3463

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:16 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 18:23:00 GMT
server
AmazonS3
x-amz-request-id
52AYK5P6D23HRVKJ
etag
"02f3f23ec47b3a91dbe6af44160efbad"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=10626
accept-ranges
bytes
content-length
81261
x-amz-id-2
c/doMx2UVqFfRqBKtubrLUd+OZizr3gi/iIksjmhUB9J8VYBDVtK3mHUsNTN1ykq3ZCkDCnggHQ=
apstag.js
c.amazon-adsystem.com/aax2/
235 KB
57 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b17f4c082b272213f4da075af5c73893db6c70f060c8441ff6e70f7251324ff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 01:44:55 GMT
content-encoding
gzip
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
last-modified
Thu, 08 Jun 2023 19:47:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
1402
x-amz-server-side-encryption
AES256
etag
W/"22e740da4e2336def33bbd74ea6796a6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
EUKHfDwd1fHI_Ga2RVs99HKfFVZzn_I6_h2fnU2qLS0KDTHIAsoO-g==
service
usasync01.admantx.com/admantx/
1 KB
703 B
Script
General
Full URL
https://usasync01.admantx.com/admantx/service?request=%7B%22decorator%22%3A%22template.nbc_template%22%2C%22key%22%3A%2262263fff3cc1d07f85c7f8261a0c8f7dc096b35f59c82a713f20a9db8d562ff2%22%2C%22method%22%3A%22descriptor%22%2C%22filter%22%3A%22default%22%2C%22mode%22%3A%22async%22%2C%22type%22%3A%22URL%22%2C%22body%22%3A%22https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983%22%7D
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.155.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-155-36.compute-1.amazonaws.com
Software
nginx /
Resource Hash
200951182addbca20fc4038527bda74941d8d9d9be38f0fe84dba7259b64f709
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 14 Jun 2023 02:08:16 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
content-type
text/plain; charset=UTF-8
ats.js
ats.rlcdn.com/
236 KB
73 KB
Script
General
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
L2Uqg18UIi_4fqt_LD1.VZwHoDyvOGyd
content-encoding
br
via
1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
date
Tue, 13 Jun 2023 08:56:35 GMT
last-modified
Thu, 08 Jun 2023 08:56:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
73207
x-amz-server-side-encryption
AES256
etag
W/"a23e5e8674928ef24c6825d63b8d2927"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
dygOFU-bOb2XTITTDYT06m095e9Lh-JWmkXljuMKBxEovSv2tidWfQ==
config
c.amazon-adsystem.com/cdn/prod/
0
311 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3219&u=https%3A%2F%2Fwww.nbcnews.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 20:52:59 GMT
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
18916
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.nbcnews.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
fkkJmJ3kLI07UXYHcJXiackczkGT1O3QhybV2cKdRM2OgTWoJLiEKg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding
gzip
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
date
Tue, 13 Jun 2023 04:53:54 GMT
x-amz-cf-pop
FRA56-P3
age
76463
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 26 May 2023 01:35:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
9Y5jey7F-34d1fj0_XGaN5jqkVEZI2THKXhFEL7Wuhpc1LjzF1LWKw==
24610.js
micro.rubiconproject.com/prebid/dynamic/
430 KB
122 KB
Script
General
Full URL
https://micro.rubiconproject.com/prebid/dynamic/24610.js
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4cfa9ba8755ba47b6e98690fbced19cf911d3351e2daa7c75f0e84f5f229d33d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:16 GMT
content-encoding
gzip
last-modified
Fri, 09 Jun 2023 16:51:39 GMT
server
Apache
etag
"24610_NBCNewsRule_4Fri__09_Jun_2023_16:51:39_GMT"
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-24610_NBCNews.js
content-type
text/javascript
cache-control
public, must-revalidate, max-age=14400
content-length
125050
expires
Wed, 14 Jun 2023 02:08:16 GMT
bid
aax.amazon-adsystem.com/e/dtb/
23 B
463 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3219&u=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&pid=9FhziK5L8jZJ5&cb=0&ws=1600x1200&v=23.605.2213&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-topbanner-2064235121%22%2C%22s%22%3A%5B%22970x90%22%2C%22970x250%22%2C%22970x66%22%2C%22728x90%22%2C%221400x600%22%5D%2C%22sn%22%3A%22topbanner%22%7D%2C%7B%22sd%22%3A%22div-gpt-boxrail-2064235121%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22boxrail%22%7D%2C%7B%22sd%22%3A%22div-gpt-boxflex-2064235121%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22boxflex%22%7D%5D&pj=%7B%22si_section%22%3A%22nbcnews-bento%7Ctech%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:16 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
RBS4VK6MABG7AC60FY4C
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nbcnews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
qeNUOupYXh0ns9rLFEevGrkc-NGNwRIL3QC4kcf7-QBh6Nl1hXCltQ==
/
geo.privacymanager.io/
29 B
616 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-59.fra60.r.cloudfront.net
Software
/
Resource Hash
3e6c968cfdeeef38bc472e7fe33a5af9239c94ed8d9085e3d99fb6ccd5d3bed8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:02:12 GMT
via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront), 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
364
x-amzn-requestid
74ec5a2b-dae2-4cc7-92f4-51bd2bf5224d
x-amzn-trace-id
Root=1-64891fa4-5cc83d5332c100fb17b8eea7;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
GfHhtE-vjoEFhtg=
content-length
29
x-amz-cf-id
WRr9vTHzcliQQSpvqj8-JgecBenkknOx8kl6pG8DjR62s1537e1OtQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
v2
mb.moatads.com/yi/
731 B
905 B
Script
General
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MB2z%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvSxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-hrBp6wlWe0wLgg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRKBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&pcode=nbcuyieldheader7581548001&rx=616788612126&callback=MoatNadoAllJsonpRequest_53809691
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/nbcuyieldheader7581548001/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.8.189 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-8-189.eu-west-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
51bdc283c3b3f7a51636e68f2c40714c2a9e7b5ad4a0703d3cfbb65660d9b65c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:16 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"768325b7c9ccaf8fe85b901911fb6e72e39a1dfe"
content-length
731
content-type
text/html; charset=UTF-8
prebid
ib.adnxs.com/ut/v3/
53 B
861 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 14 Jun 2023 02:08:16 GMT
AN-X-Request-Uuid
f5437d52-129d-4297-86d8-a8581dd0b736
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.nbcnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
193.32.248.229; 193.32.248.229; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/
23 B
239 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.146.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-146-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
055513a95c0e8461ed38a3848267bf6a2b6a75a1f8242631cc4cba54821ed021

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nbcnews.com
date
Wed, 14 Jun 2023 02:08:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
48
content-type
application/json
auction
tlx.3lift.com/header/
19 B
542 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.50.0&referrer=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&tmax=1500&us_privacy=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.242.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-242-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:08:16 GMT
accept-ch
sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch
x-auction-status
5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nbcnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
krk2.kargo.com/api/v1/
0
499 B
XHR
General
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.184.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-184-25.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:08:16 GMT
content-encoding
gzip
x-accel-expires
0
accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr
508
vary
Accept-Encoding
access-control-allow-origin
https://www.nbcnews.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
krk-no-bid-reason
consent
expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/
0
194 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.50.0&cb=78895486611&lsavail=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nbcnews.com
date
Wed, 14 Jun 2023 02:08:16 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/
37 B
549 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=849202
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd51b749b1e8eee6e362b9a6928ea32e82ca9af8e6dc082de772062fdf2d73a3

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:08:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4B21D6qR4gSLL0Zo6esKpkO%2B6IJ3IHj1%2FRoNk2A511yFlGdGlZiHdE3%2B%2Bm2Ef%2BwinzUxOTfibiJ0gi3k5ZaOUn9TfqYYSuZVogbk77LBrwMXC9hriDmqjxTUUmTz447MrgTNork"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.nbcnews.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7d6f06489b341915-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
550 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24610&site_id=426440&zone_id=2423144&size_id=2&alt_size_ids=57&p_pos=atf&us_privacy=1---&rf=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&tg_i.domain=nbcnews.com&tg_i.page=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&tg_i.aupname=nbcnews%2Ftech%26div-gpt-topbanner&tg_i.pbadslot=%2F2620%2Fnbcnews%2Ftech%23div-gpt-topbanner-2064235121&tk_flint=dmpbjs_v7.50.0&x_source.tid=eeb6c8f0-e538-4b5c-ab36-85ce446f897f&l_pb_bid_id=14000c118895367&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=eeb6c8f0-e538-4b5c-ab36-85ce446f897f&rp_maxbids=1&p_gpid=%2F2620%2Fnbcnews%2Ftech%23div-gpt-topbanner-2064235121&slots=1&rand=0.2556451772481101
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1de88f620d361902bc5f779d67554c6f550a07b5b253b7b7d6c635cd6abc5f6e

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:08:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nbcnews.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
550
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/
0
113 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.nbcnews.com
date
Wed, 14 Jun 2023 02:08:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
integrator.js
adservice.google.com/adsid/
107 B
317 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nbcnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
777 B
449 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3205451484371761&correlator=3307047610618173&eid=44782499&output=ldjh&gdfp_req=1&vrg=202306080101&ptt=17&impl=fif&us_privacy=1---&npa=1&iu_parts=2620%2Cnbcnews%2Ctech&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=88x31&ifi=1&adks=2779095132&didk=4202559581&sfv=1-0-40&prev_scp=nohb%3Da9%26pageid%3Drcna85983%26cont%3Dbentoarticle%26sect%3Dtech%26brand%3Dnbcnews%26tag%3Dramen%26targeting%3Dhealthcare%2Cnews%2Cusnews%26vertical%3Dtech%26pos%3Dsponsorlogo_bentoarticle_bento%26slot%3Dsponsorlogo%26loadset%3D0%26tile%3D3%26sz%3D88x31%26cat%3Dtech%26cag%255Bplatform%255D%3Dramen%26cag%255Btargeting%255D%3Dnews%257Cusnews%257Chealthcare%26adunit%3D%252F2620%252Fnbcnews%252Ftech%26type%3Dbentoarticle%26content_id%3Drcna85983%26site%3Dnbcnews-bento%26path%3D%252Ftech%252Fsecurity%252Fillinois-hospital-links-closure-ransomware-attack-rcna85983%26cag%255Badunit1%255D%3D2620%26cag%255Badunit2%255D%3Dnbcnews%26cag%255Badunit3%255D%3Dtech%26title%3DAn%2520Illinois%2520hospital%2520links%2520closure%2520to%2520ransomware%2520attack%26ismobile%3Dfalse%26NOLOAD%3Dmpstools%26USE_OVERLAY%3D0%26IRSOURCE%3Dfalse%26ASYNC%3D1%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26excl_cat%3Dtech%2Cheaderbid&eri=1&cust_params=pm%3D1%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26adg%3DApple_NBC%252CS_10391%252CS_10392%252CS_10609%252CS_10618%252CS_10713%252CS_11084%252CS_11098%252CS_11182%252CS_11232%252CS_11296%252CS_11650%252CS_1373%252CS_1379%252CS_1384%252CS_1416%252CS_1436%252CS_1441%252CS_1450%252CS_1452%252CS_1458%252CS_1488%252CS_1499%252CS_1510%252CS_1519%252CS_1522%252CS_1527%252CS_1531%252CS_1549%252CS_1555%252CS_1559%252CS_1562%252CS_1580%252CS_1582%252CS_1589%252CS_1592%252CS_1596%252CS_1607%252CS_1610%252CS_1614%252CS_1617%252CS_1641%252CS_1644%252CS_1645%252CS_1646%252CS_1647%252CS_1649%252CS_1660%252CS_1673%252CS_1678%252CS_1682%252CS_1693%252CS_1695%252CS_1709%252CS_1713%252CS_1719%252CS_1721%252CS_1750%252CS_1755%252CS_1758%252CS_1762%252CS_1768%252CS_1774%252CS_1776%252CS_1786%252CS_1789%252CS_1800%252CS_1801%252CS_1810%252CS_1811%252CS_1822%252CS_1825%252CS_1837%252CS_1838%252CS_1839%252CS_1847%252CS_1859%252CS_1869%252CS_1872%252CS_1876%252CS_1877%252CS_1893%252CS_1933%252CS_1938%252CS_1944%252CS_1948%252CS_2446%252CS_2473%252CS_2478%252CS_2484%252CS_2485%252CS_2489%252CS_2490%252CS_2512%252CS_2552%252CS_2569%252CS_2911%252CS_3101%252CS_3102%252CS_3105%252CS_3124%252CS_3126%252CS_3128%252CS_3131%252CS_3149%252CS_3150%252CS_3181%252CS_3188%252CS_3191%252CS_3206%252CS_3213%252CS_3280%252CS_3283%252CS_3362%252CS_3363%252CS_3364%252CS_3369%252CS_3375%252CS_3377%252CS_3482%252CS_3977%252CS_4091%252CS_4111%252CS_4122%252CS_4140%252CS_4141%252CS_4321%252CS_4485%252CS_4819%252CS_5958%252CS_5960%252CS_6214%252CS_6463%252CS_6552%252CS_6720%252CS_6734%252CS_6785%252CS_6934%252CS_7037%252CS_7417%252CS_7541%252CS_7542%252CS_7553%252CS_7555%252CS_7680%252CS_7683%252CS_7770%252CS_7897%252CS_8362%252CS_8463%252CS_8692%252CS_8757%252CS_8856%252CS_9086%252CS_9098%252CS_9099%252CS_9165%252CS_9228%252CS_9295%252CS_9330%252CS_9401&sc=1&cookie_enabled=1&abxe=1&dt=1686708496723&lmt=1686708496&dlt=1686708492754&idt=3327&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&frm=20&vis=1&psz=0x0&msz=0x0&fws=644&ohw=1600&ga_vid=2143471988.1686708497&ga_sid=1686708497&ga_hid=1408572053&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
023e0acbf6db4daa67e60e37220526c9729d93356541df03eeaf07df1aef074c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
420
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nbcnews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306080101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9161ca570ef24f563a946462b712f9cbbb059c7afd85aa979488523ed977342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11012
x-xss-protection
0
container.html
97590d9bd7c8ffaa58ff60c8f61be8ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9941
6 KB
3 KB
Document
General
Full URL
https://97590d9bd7c8ffaa58ff60c8f61be8ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nbcnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Jun 2023 02:08:16 GMT
expires
Thu, 13 Jun 2024 02:08:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Jun 2023 02:08:17 GMT
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nbcnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
37 KB
14 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3205451484371761&correlator=4394942353485194&eid=44782499%2C44714449&output=ldjh&gdfp_req=1&vrg=202306080101&ptt=17&impl=fif&us_privacy=1---&npa=1&iu_parts=2620%2Cnbcnews%2Ctech&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C970x250%7C970x66%7C728x90%7C1400x600&ifi=2&adks=93924919&didk=151496962&sfv=1-0-40&prev_scp=pageid%3Drcna85983%26cont%3Dbentoarticle%26sect%3Dtech%26brand%3Dnbcnews%26tag%3Dramen%26targeting%3Dhealthcare%2Cnews%2Cusnews%26vertical%3Dtech%26pos%3Dtopbanner_bentoarticle_bento%26slot%3Dtopbanner%26loadset%3D0%26amznbid%3D2%26amznp%3D2%26tile%3D1%26sz%3D970x90%252C970x250%252C970x66%252C728x90%252C320x50%252C300x50%26cat%3Dtech%26cag%255Bplatform%255D%3Dramen%26cag%255Btargeting%255D%3Dnews%257Cusnews%257Chealthcare%26adunit%3D%252F2620%252Fnbcnews%252Ftech%26type%3Dbentoarticle%26content_id%3Drcna85983%26site%3Dnbcnews-bento%26path%3D%252Ftech%252Fsecurity%252Fillinois-hospital-links-closure-ransomware-attack-rcna85983%26cag%255Badunit1%255D%3D2620%26cag%255Badunit2%255D%3Dnbcnews%26cag%255Badunit3%255D%3Dtech%26title%3DAn%2520Illinois%2520hospital%2520links%2520closure%2520to%2520ransomware%2520attack%26ismobile%3Dfalse%26NOLOAD%3Dmpstools%26USE_OVERLAY%3D0%26IRSOURCE%3Dfalse%26ASYNC%3D1%26m_gv%3D90%2C80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D90%2C80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26excl_cat%3Dtech&eri=1&cust_params=pm%3D1%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26adg%3DApple_NBC%252CS_10391%252CS_10392%252CS_10609%252CS_10618%252CS_10713%252CS_11084%252CS_11098%252CS_11182%252CS_11232%252CS_11296%252CS_11650%252CS_1373%252CS_1379%252CS_1384%252CS_1416%252CS_1436%252CS_1441%252CS_1450%252CS_1452%252CS_1458%252CS_1488%252CS_1499%252CS_1510%252CS_1519%252CS_1522%252CS_1527%252CS_1531%252CS_1549%252CS_1555%252CS_1559%252CS_1562%252CS_1580%252CS_1582%252CS_1589%252CS_1592%252CS_1596%252CS_1607%252CS_1610%252CS_1614%252CS_1617%252CS_1641%252CS_1644%252CS_1645%252CS_1646%252CS_1647%252CS_1649%252CS_1660%252CS_1673%252CS_1678%252CS_1682%252CS_1693%252CS_1695%252CS_1709%252CS_1713%252CS_1719%252CS_1721%252CS_1750%252CS_1755%252CS_1758%252CS_1762%252CS_1768%252CS_1774%252CS_1776%252CS_1786%252CS_1789%252CS_1800%252CS_1801%252CS_1810%252CS_1811%252CS_1822%252CS_1825%252CS_1837%252CS_1838%252CS_1839%252CS_1847%252CS_1859%252CS_1869%252CS_1872%252CS_1876%252CS_1877%252CS_1893%252CS_1933%252CS_1938%252CS_1944%252CS_1948%252CS_2446%252CS_2473%252CS_2478%252CS_2484%252CS_2485%252CS_2489%252CS_2490%252CS_2512%252CS_2552%252CS_2569%252CS_2911%252CS_3101%252CS_3102%252CS_3105%252CS_3124%252CS_3126%252CS_3128%252CS_3131%252CS_3149%252CS_3150%252CS_3181%252CS_3188%252CS_3191%252CS_3206%252CS_3213%252CS_3280%252CS_3283%252CS_3362%252CS_3363%252CS_3364%252CS_3369%252CS_3375%252CS_3377%252CS_3482%252CS_3977%252CS_4091%252CS_4111%252CS_4122%252CS_4140%252CS_4141%252CS_4321%252CS_4485%252CS_4819%252CS_5958%252CS_5960%252CS_6214%252CS_6463%252CS_6552%252CS_6720%252CS_6734%252CS_6785%252CS_6934%252CS_7037%252CS_7417%252CS_7541%252CS_7542%252CS_7553%252CS_7555%252CS_7680%252CS_7683%252CS_7770%252CS_7897%252CS_8362%252CS_8463%252CS_8692%252CS_8757%252CS_8856%252CS_9086%252CS_9098%252CS_9099%252CS_9165%252CS_9228%252CS_9295%252CS_9330%252CS_9401&sc=1&cookie=ID%3D162be8ebac803448%3AT%3D1686708496%3ART%3D1686708496%3AS%3DALNI_MapiNCnQGJ_IoSwHULXWHAmS_i9vw&gpic=UID%3D00000c2f798637db%3AT%3D1686708496%3ART%3D1686708496%3AS%3DALNI_MYpAZmXAwRL3hA-ionljw4lTkPLGw&abxe=1&dt=1686708497002&lmt=1686708497&dlt=1686708492754&idt=3327&adxs=315&adys=141&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&frm=20&vis=1&psz=0x0&msz=970x0&fws=644&ohw=1600&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=2143471988.1686708497&ga_sid=1686708497&ga_hid=1408572053&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
609f46111cf40f51daf41234cdd905a8c8abc6379a3509ff0314e18bc5304f3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14785
x-xss-protection
0
google-lineitem-id
4860685866
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138250187918
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nbcnews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7D62
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss03qvqfTA4yBt0qJDfoU2AxG_ZXMbqQyDvaFOLwIJzYMTDD349e8WjT5sp-BcA7z2EoNPScSzj87gcY-sxBQaJ9Vwkg4fHYL0-l3t9PycV2JIgag0zX4WhvAl0Ub6c_qjjb-36b6MdqPfZ3bnuWpdjWj_DWsB724ZNsl0BY2G7kjeIv2KtUI4nWNxecQPCuPH6BgqacvxcH4v6LeRAnFyaKtIZ6v-pijKquSu9iKDmy_2HHTXqy5q-bLjYFf6TmnN4tiQoT7fqACHni2cPvErnrENARcXAtHCqM3rvfg6HoWaCKrLeUy5K0rKzcCE80BC2&sai=AMfl-YT2wAhDsTyVsweRh6NS4GGQtZ0oQPYuYocowo20cfihft-tmfb40i8jcGV2ooSgQClGiHnj4iJsezq0FcI6l3N1Mdplsq2BY0wkpc4C0gl5Md3k3TrLyGO-Ht4vaw&sig=Cg0ArKJSzJVjN3eDSkNcEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.nbcnews.com
URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230612/r20110914/client/ Frame 7D62
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230612/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 20:57:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
18661
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Jun 2023 20:57:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7D62
176 KB
55 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b1e1bef92ba957c4648c2118de4eece20ffb8e58eedbb33bce5c2227b46e9ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56133
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686570138914868"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 02:08:17 GMT
moatad.js
z.moatads.com/nbcuniversal134024534264/ Frame 7D62
336 KB
115 KB
Script
General
Full URL
https://z.moatads.com/nbcuniversal134024534264/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c0cb5c309c631917e30894b41e74cedb6911fcb9b2fa3bcefb252f23d6aba318

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:17 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 18:23:00 GMT
server
AmazonS3
x-amz-request-id
XDFE7ATHQWZ4JZMM
etag
"27a8cb91834f329f548f0a5d93eef1c5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=18759
accept-ranges
bytes
content-length
116815
x-amz-id-2
yRClwnuMXPhMuxLDD872fZk/my/Xc0TCcmvq36m+pUHi3gJfHXdBa4eSVqoq+rw569kYsJG3xSE=
15087753483871036520
tpc.googlesyndication.com/simgad/ Frame 7D62
10 KB
11 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15087753483871036520
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
821ba81ecabc05217edb8f1253f0f02b7cde320eec2e21858afae0ecabbf6664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:33:20 GMT
x-content-type-options
nosniff
age
290097
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10627
x-xss-protection
0
last-modified
Tue, 13 Nov 2018 17:33:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 09 Jun 2024 17:33:20 GMT
l
www.google.com/ads/measurement/ Frame 7D62
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSEN9iyUt8RrSGonJgRaySl3TUJszi8m_y5uEA_p_rLJWjAcQqbpqxsBo-EIUW6CADMiqzE
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

truncated
/ Frame 7D62
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35d3a9968a2d6bbe0060a5c03f1d1fdcb1461bf4469e72ce8cc7be01883df9ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EF35
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nbcnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
18633
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Jun 2023 20:57:44 GMT
expires
Wed, 12 Jun 2024 20:57:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 923C
783 B
1003 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a3320166f3d157c66aa0fcb69c26d847230932bcbdc52a4078780f77df365452
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Kle3hWfKXlqXyT6S-PNLVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nbcnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-Kle3hWfKXlqXyT6S-PNLVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 14 Jun 2023 02:08:17 GMT
expires
Wed, 14 Jun 2023 02:08:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
pagead2.googlesyndication.com/bg/ Frame EF35
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 08:16:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
323537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14492
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Jun 2024 08:16:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 923C
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306080101&jk=3205451484371761&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

n.js
geo.moatads.com/
96 B
268 B
Script
General
Full URL
https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MB2z%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvSxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-hrBp6wlWe0wLgg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRKBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=NBCUV2&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=13&cm=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1686708497473&de=344558826880&m=0&ar=fde231f50fe-clean&iw=a32b238&q=3&cb=0&ym=0&cu=1686708497473&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4650777348%3A2428627361%3A4860685866%3A138250187918&zGSRC=1&zMoatPS=topbanner_bentoarticle_bento&zMoatST=nbcnews-bento&zMoatDomain=nbcnews.com&zMoatSubdomain=nbcnews.com&zMoatSc=-&zMoatVp=-&zMoatRawVp=-&zMoatJS=-&zMoatDR=-&zMoatMMV_MAX=90&zMoatMSafety=unsafe&zMoatMGV_MAX=90&zMoatMMV=90%2C80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMGV=90%2C80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatTag=ramen&zMoatSZ=1x1&zMoatCURL=nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&zMoatDev=Desktop&zGSRS=1&gu=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&id=1&ii=4&bo=57191058&bd=80633658&zMoatOrigSlicer1=57191058&zMoatOrigSlicer2=80633658&gw=nbcuniversal134024534264&fd=1&it=500&ti=0&ih=2&pe=1%3A1471%3A1471%3A4402%3A1608&tz=topbanner_bentoarticle_bento&iq=90&tt=90&tu=1&tp=unsafe&jk=-1&jm=-1&fs=203695&na=1815541384&cs=0&ord=1686708497473&jv=1664997085&callback=DOMlessLLDcallback_55575650
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.8.189 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-8-189.eu-west-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
e527a03c94c8c76a74325eba48d06da423c9038583d8d118d654fa1e87d9b83d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:17 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"d80282df813b360326c17b1815a3975e0cbbe70a"
content-length
96
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=NBCUV2&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=13&cm=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1686708497473&de=344558826880&m=0&ar=fde231f50fe-clean&iw=a32b238&q=4&cb=0&ym=0&cu=1686708497473&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4650777348%3A2428627361%3A4860685866%3A138250187918&zGSRC=1&zMoatPS=topbanner_bentoarticle_bento&zMoatST=nbcnews-bento&zMoatDomain=nbcnews.com&zMoatSubdomain=nbcnews.com&zMoatSc=-&zMoatVp=-&zMoatRawVp=-&zMoatJS=-&zMoatDR=-&zMoatMMV_MAX=90&zMoatMSafety=unsafe&zMoatMGV_MAX=90&zMoatMMV=90%2C80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMGV=90%2C80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatTag=ramen&zMoatSZ=1x1&zMoatCURL=nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&zMoatDev=Desktop&zGSRS=1&gu=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&id=1&ii=4&bo=57191058&bd=80633658&zMoatOrigSlicer1=57191058&zMoatOrigSlicer2=80633658&gw=nbcuniversal134024534264&fd=1&it=500&ti=0&ih=2&pe=1%3A1471%3A1471%3A4402%3A1608&tz=topbanner_bentoarticle_bento&iq=90&tt=90&tu=1&tp=unsafe&jk=-1&jm=-1&fs=203695&na=1679824056&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:08:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 14 Jun 2023 02:08:17 GMT
event.gif
beacon.krxd.net/
0
455 B
Image
General
Full URL
https://beacon.krxd.net/event.gif?event_id=JnqJS_Pa&event_type=rtg&ord=1686708497473
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.71.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-71-191.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by
beacon-n024-dub-prod.krxd.net
date
Wed, 14 Jun 2023 02:08:17 GMT
cache-control
private, no-cache, no-store
x-request-time
D=49 t=1686708497
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
view
securepubads.g.doubleclick.net/pcs/ Frame 7D62
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueDl2H8tOXoYj9Enev_GwTNmoRPfzjd05rvpoJaaT5gM5OPX5Vgp7QKhVgHrfN0okqQnZ14WP7Z6pf-m4DHYBdifDr0569YaNmp_e6SRvHk9pqO-ybkbIQ5kz21ihqfxC81-xIXSBMNUCdDuD_agKu9DixTU2u4QYkLvyA-sHwYVz7EGBAk5PYx9tKcAmz7uOnAByTHLxMWxgXFxRTJaioajNNIY4fzqbuBdN7nBwxWaLIbVdac896wm5EspSwuwLPkRCt_evXRTr_iPhKgyqQFCOHZDOXTc9CCYaAPMvdYx42pkZ3FezRRAajnUfsV4WWY_M&sai=AMfl-YQXkeH0-s8Yqu-vvF6jS2_Oor0p60VlhDOAK5s4-4-DglmDBc-UXr0646y6vSZvDoAD4xvFEccDiPTb6kxwGY6jLO3mpJw2dgangjkP8cDrOXTfQ--arzLKgV1ZzA&sig=Cg0ArKJSzDOoGf43fNZeEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 14 Jun 2023 02:08:17 GMT
pixel.gif
nbcudisplay.s.moatpixel.com/
43 B
251 B
Image
General
Full URL
https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=8&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=nbcnews.com&L1id=4650777348&L2id=2428627361&L3id=4860685866&L4id=138250187918&S1id=57191058&S2id=80633658&ord=1686708497473&r=344558826880&t=meas&os=0&fi2=0&div1=0&ait=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:08:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 14 Jun 2023 02:08:17 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=13&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F15087753483871036520&i=NBCUV2&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MB2z%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvSxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-hrBp6wlWe0wLgg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRKBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=5&w=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&id=1&ii=4&cm=9&f=0&j=&t=1686708497473&de=344558826880&cu=1686708497473&m=1686708497156&ar=fde231f50fe-clean&iw=a32b238&cb=0&ym=0&zMoatSc=1600x1200&zMoatVp=1600x1200&zMoatRawVp=1600x1200&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5217&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=20&vx=20%3A-%3A-&pe=1%3A1471%3A1471%3A4402%3A1608&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=0&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=0&oz=1&bu=8&cd=0&ah=8&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4650777348%3A2428627361%3A4860685866%3A138250187918&bo=57191058&bd=80633658&gw=nbcuniversal134024534264&zMoatOrigSlicer1=57191058&zMoatOrigSlicer2=80633658&zMoatDomain=nbcnews.com&zMoatSubdomain=nbcnews.com&zMoatPS=topbanner_bentoarticle_bento&zMoatST=nbcnews-bento&zMoatJS=3%3A-&zMoatDR=-&zMoatMMV_MAX=90&zMoatMSafety=unsafe&zMoatMGV_MAX=90&zMoatMMV=90%2C80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMGV=90%2C80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&zMoatMData=1&zMoatTag=ramen&zMoatSZ=1x1&zMoatCURL=nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&zMoatDev=Desktop&hv=DOMSEARCH&ab=3&fd=1&kt=strict&it=500&oq=0&ot=0&ti=0&ih=2&jk=-1&jm=1&tz=topbanner_bentoarticle_bento&iq=90&tt=90&tu=1&tp=unsafe&tc=0&fs=203695&na=503236455&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:08:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 14 Jun 2023 02:08:17 GMT
generate_204
tpc.googlesyndication.com/ Frame EF35
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?T4DZqA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:17 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
event
prebid-a.rubiconproject.com/ Frame
0
0
Preflight
General
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.124.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-124-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.nbcnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 14 Jun 2023 02:08:17 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/
0
125 B
XHR
General
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.124.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-124-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 14 Jun 2023 02:08:17 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
pixel.gif
nbcudisplay.s.moatpixel.com/
43 B
251 B
Image
General
Full URL
https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=191&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=nbcnews.com&L1id=4650777348&L2id=2428627361&L3id=4860685866&L4id=138250187918&S1id=57191058&S2id=80633658&ord=1686708497473&r=344558826880&t=nht&os=0&fi2=0&div1=0&ait=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:08:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 14 Jun 2023 02:08:17 GMT
event.gif
beacon.krxd.net/
0
336 B
Image
General
Full URL
https://beacon.krxd.net/event.gif?event_id=KnpkLvA_&event_type=rtg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.71.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-71-191.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by
beacon-n006-dub-prod.krxd.net
date
Wed, 14 Jun 2023 02:08:17 GMT
cache-control
private, no-cache, no-store
x-request-time
D=49 t=1686708497
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306080101&jk=3205451484371761&bg=!iYqlit7NAAaGYqkwpmI7ADkAdvg8WjiZntu_p4-h4wK_QeQoVhRzUFAie6MiMjrnT9p8bdw7kig0ti3ZzTG8wzrrUMus9vUuYt0CAAAAo1IAAAALaAEHCgAwmSepKhipKqbijbmcV24cejVI_eGVv7z3ILlQBAKWDI4jjF12Pi24fJw3mnwHgc2BmQLlVtqqSCmzbSkmajTo4upxExe-EcY0ZMUMSnLaXtp92K9QxlPhCbPlxBrvYJyQ4L3RzknTrJd7m3-hqXxLt0O5uRLHvr43KOztJ5R7CRYkSHZqKKfbMxI-zAdOVwMOMIFTBNrBqlJDNk7GvvqLFbc1XIjQ8qA55R43CKcnljlv_q6XYZqvSS4tuqBhVmFQMm1ccAkrrqKi_H3j7iD6R3oEzNEbsmSpKCmgtPZhWUZesKVgoC3IBQFGeMAb6STueaVIv4NTA5VOybmrbBYAnPN5Q5FmlMtZJPaN6hCqEH1MlXVKB1DM26K9RLvvwJbCVvcRi9a3UvZ-GOvfzrTFFt1-bMxgL_Pbj8mIan1SlbTakCSXZ7xvLBGASByeAb3Q2ATphyp-4gCqu5aRnmTllsPHHCASt87NKYo2shVu__LPIhxcjcMpI0GNE9ImIiZO03e80ocPppfAR1f-Ku_ibLiwptQftk9MeQNfc4mCDBGIw_b6kheFdWGtwLypgPbkhyD9l-W82G8kYqp8K-qsQXlp-Rm6yYF1WPu1RHQ8Gv9qqOhVJLv__kceWfI16mMEq-wE4h9IsFtv-YeE5j8MvQ2JJKtzHFVY9YEvz2eboPjAwKyXuqTRInsChW1IHmpKnCRMxFArXXeOVMKC7A-TqQhnvJLN0oKdXs-zpjI9CGRuzbiICtfSiSGJ2REkxlNj0yKzYqb1HvFHoGTE-QKYx5BDyJY6MZejgSLObjP4wAHnFXe_LpP-8q2Lfc7V7YJZfliCSa2bGbIRo6lSiHWwxiJnLOSQVlKsfb4mhYxOSyyAlIhloCfBdW5gmFK-jDXmN2hgJrtr0duq7s2yrFXcZMZDTSBKTJFZqYvB3vtYomy67z8CBWpagcEDvIIVn6zUaBBKg2U4WgeUjdpXVhJMdKqb76srz5YiTRkl1VJKAHRlupSZxhYKSazgpsJvCkixTWbCREgPefc7DGquruFvTeEVLTaeIMaC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

publishertag.prebid.135.js
static.criteo.net/js/ld/
89 KB
29 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 15 Jun 2023 02:08:18 GMT
syncframe
gum.criteo.com/ Frame 9AEF
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.nbcnews.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.nbcnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 14 Jun 2023 02:08:18 GMT
server
Kestrel
server-processing-duration-in-ticks
308377
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/
94 KB
30 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nbcnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 31 May 2023 13:09:50 GMT
server
nginx
etag
W/"6477471e-176eb"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 15 Jun 2023 02:08:18 GMT
sid
mug.criteo.com/ Frame 9AEF
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nbcnews.com&sn=ChromeSyncframe&so=0&topUrl=www.nbcnews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=9kwUxHxrbStvemdGMS8rbUJoeVhOWkwwYTZiZzRmMkV0bDJDZGZhSHNHSmhKaTY2ZVhlYlEwS0lZTmtQY2FaamVvT0Rta1JiZXJ1YXdyaDZUNnI2ZG1Rek1ndzEvbGd3czJhMTVuYjZ1UFZ1czI0ZlU3eVNkdS9Yc3lQYT...
441 B
671 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=9kwUxHxrbStvemdGMS8rbUJoeVhOWkwwYTZiZzRmMkV0bDJDZGZhSHNHSmhKaTY2ZVhlYlEwS0lZTmtQY2FaamVvT0Rta1JiZXJ1YXdyaDZUNnI2ZG1Rek1ndzEvbGd3czJhMTVuYjZ1UFZ1czI0ZlU3eVNkdS9Yc3lQYTlhbk1Sa1E5dUxESCtHZUF2SnpUK2VTdjVFN0MyV2U3akpDKzlCMVhxVHF4azNEMDVZWkFBV2ROVVc1M01EVmtDOGVpQmtvMDRmZEhld3N3THU4UUVvRExEbVp1eWt3ZnVRWlJJL1ZtRzhoRHF1SWlhUURRN3RuNEFudVNjRk02TzZMMkNLOSs1TjRBYjNnNnoxUjVaM0VoZlVrZkpYQT09fA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aa5089ca38d14d73f04e10aab4ea9236e5f7c30804fd62350c397450337bc367
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:08:18 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1631087
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:08:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=9kwUxHxrbStvemdGMS8rbUJoeVhOWkwwYTZiZzRmMkV0bDJDZGZhSHNHSmhKaTY2ZVhlYlEwS0lZTmtQY2FaamVvT0Rta1JiZXJ1YXdyaDZUNnI2ZG1Rek1ndzEvbGd3czJhMTVuYjZ1UFZ1czI0ZlU3eVNkdS9Yc3lQYTlhbk1Sa1E5dUxESCtHZUF2SnpUK2VTdjVFN0MyV2U3akpDKzlCMVhxVHF4azNEMDVZWkFBV2ROVVc1M01EVmtDOGVpQmtvMDRmZEhld3N3THU4UUVvRExEbVp1eWt3ZnVRWlJJL1ZtRzhoRHF1SWlhUURRN3RuNEFudVNjRk02TzZMMkNLOSs1TjRBYjNnNnoxUjVaM0VoZlVrZkpYQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
256958
content-length
0
expires
0
events
jssdks.mparticle.com/v3/JS/65ea0b28a73c4c4abd08599774d30799/
42 B
290 B
Fetch
General
Full URL
https://jssdks.mparticle.com/v3/JS/65ea0b28a73c4c4abd08599774d30799/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/65ea0b28a73c4c4abd08599774d30799/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
90457ff87c8b374cbe7782c4e0cec7f48f0c436c55bc9a2b16a860e6389f78b4

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://www.nbcnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230091-FRA
date
Wed, 14 Jun 2023 02:08:19 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1686708500.681310,VS0,VE3
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
sync
eb2.3lift.com/ Frame A068
37 B
140 B
Document
General
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.nbcnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 14 Jun 2023 02:08:22 GMT
usync.html
eus.rubiconproject.com/ Frame F73E
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.211.47 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.nbcnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Jun 2023 02:08:22 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 3DA0
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.nbcnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
297
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7d6f066a3a9f049b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 14 Jun 2023 02:08:22 GMT
expires
Wed, 14 Jun 2023 06:08:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6F43
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162862&us_privacy=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.nbcnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=27572
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 14 Jun 2023 02:08:22 GMT
expires
Wed, 14 Jun 2023 09:47:54 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame F73E
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.211.47 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5b33fab00b3530a78060b91dcef89e11a1e93b457a615326bc1baae20813972c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 02:08:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Jun 2023 21:42:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70447
Connection
keep-alive
Content-Length
10113
Expires
Wed, 14 Jun 2023 21:42:29 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 6F43
3 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57574552&p=162862&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162862&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbaaa92ce97a1d9b8dd48857634c6a1661f68971e77347301a8faef27c8b5339

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 14 Jun 2023 02:08:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame D709
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.nbcnews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.nbcnews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.nbcnews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
662b7ef00bf32051821d47736cdc861b7f4457a043cbe0824b1d98f2e664fa20

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1916
Content-Type
text/html
Date
Wed, 14 Jun 2023 02:08:22 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Wed, 14 Jun 2023 02:08:22 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.nbcnews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
dcm
s.amazon-adsystem.com/ Frame F73E
0
0

vu8wP5K9uCxdH8dDYaUCgcn5EUdSAgOZEtemQ7w0kco
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame F73E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/vu8wP5K9uCxdH8dDYaUCgcn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
0
0

dcm
aax-eu.amazon-adsystem.com/s/ Frame F73E
0
0

pixel
cm.g.doubleclick.net/ Frame F73E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmIyZjFlOWExZmFhNWQ4NTZiMmI1ZDBmMmZjODQ5ODQyNWVkNzcxZg&us_privacy=1---
0
0

pixel
cm.g.doubleclick.net/ Frame F73E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElWMk9USzgtMVgtNEY0Mg==&us_privacy=1---
0
0

rubicon
match.adsrvr.org/track/cmf/ Frame F73E
0
0

setuid
px.ads.linkedin.com/ Frame F73E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIV2OTK8-1X-4F42&us_privacy=1---
0
0

tap.php
pixel.rubiconproject.com/ Frame F73E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ-L2UjQBeiKyiO7QTRLxtI&google_cver=1
0
0

img
sync.mathtag.com/sync/ Frame 9869
43 B
443 B
Document
General
Full URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162862&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 -, , ASN (),
Reverse DNS
Software
MT3 1031 59fd23a master zrh zrh-pixel-x14 config_version:"1524" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 14 Jun 2023 02:08:22 GMT
Expires
Wed, 14 Jun 2023 02:08:21 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1031 59fd23a master zrh zrh-pixel-x14 config_version:"1524"
cm
p.rfihub.com/ Frame 34F8
0
0

usersync.aspx
dis.criteo.com/dis/ Frame 8D3E
0
0

pubmatic
d5p.de17a.com/getuid/ Frame FC35
0
0

dcm
aax-eu.amazon-adsystem.com/s/ Frame 1FDB
0
0

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6F43
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=y3qdSyWIT0CG0-Ll5OcDkA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
4 KB
4 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.32.184.192 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:22 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=27572
accept-ranges
bytes
content-length
5554
expires
Wed, 14 Jun 2023 09:47:54 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Jun 2023 02:08:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 6F43
0
0

cr
cr.frontend.weborama.fr/ Frame 6F43
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2870608729
0
0

match
a.audrte.com/ Frame 6F43
0
0

Pug
image2.pubmatic.com/AdServer/ Frame 6F43
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0I3QTlENEItMjU4OC00RjQwLTg2RDMtRTJFNUU0RTcwMzkw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0

Pug
image2.pubmatic.com/AdServer/ Frame 6F43
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEPdDmv-clPJclkG5upagQo&google_cver=1
0
0

pubmatic
um.simpli.fi/ Frame 6F43
43 B
610 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 13 Jun 2023 02:08:22 GMT
match
c1.adform.net/serving/cookie/ Frame 6F43
0
0

generic
match.adsrvr.org/track/cmf/ Frame 6F43
0
0

dcm
s.amazon-adsystem.com/ Frame D709
0
0

rrum
dsum-sec.casalemedia.com/ Frame D709
0
0

casale
match.adsrvr.org/track/cmf/ Frame D709
0
0

pixel
cm.g.doubleclick.net/ Frame D709
0
0

bounce
ib.adnxs.com/ Frame D709
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID
0
0

sync
ssbsync.smartadserver.com/api/ Frame D709
0
0

img
sync.mathtag.com/sync/ Frame D709
0
0

sync
ups.analytics.yahoo.com/ups/55940/ Frame D709
0
38 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZIkhFlQ-pevyBisAaO73GQAAFCEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.nbcnews.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:08:22 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
cdn.indexww.com/ht/ Frame D709
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/rubicon/vu8wP5K9uCxdH8dDYaUCgcn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmIyZjFlOWExZmFhNWQ4NTZiMmI1ZDBmMmZjODQ5ODQyNWVkNzcxZg&us_privacy=1---
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElWMk9USzgtMVgtNEY0Mg==&us_privacy=1---
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIV2OTK8-1X-4F42&us_privacy=1---
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJ-L2UjQBeiKyiO7QTRLxtI&google_cver=1
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Domain
d5p.de17a.com
URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CB7A9D4B-2588-4F40-86D3-E2E5E4E70390&redir=true&gdpr=0&gdpr_consent=
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CB7A9D4B-2588-4F40-86D3-E2E5E4E70390&gdpr=0&gdpr_consent=
Domain
cr.frontend.weborama.fr
URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2870608729
Domain
a.audrte.com
URL
https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=CB7A9D4B-2588-4F40-86D3-E2E5E4E70390
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEPdDmv-clPJclkG5upagQo&google_cver=1
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIkhFlQ-pevyBisAaO73GQAAFCEAAAAB&gpp=&gpp_sid=
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/casale
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZIkhFlQ-pevyBisAaO73GQAAFCEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
Domain
cdn.indexww.com
URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZIkhFlQ.pevyBisAaO73GQAA%265153

Verdicts & Comments Add Verdict or Comment

253 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 boolean| credentialless object| onbeforetoggle object| onscrollend object| _satellite boolean| __satelliteLoaded function| $t function| parseJsonLd object| jsonLd function| OptanonWrapper function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq function| e object| FlashDetect function| DIL number| s_objectID number| s_giq object| adobe function| Visitor function| s_doPlugins object| s_c_il number| s_c_in object| s object| visitor object| ns_ object| BI object| mParticle object| NOLBUNDLE function| AppMeasurement_Module_DIL object| ADB function| hbCutomValues object| uniVideo function| hj object| _hjSettings object| dataLayer object| dtm_pageview object| branch function| admiral object| googletag object| _comscore object| __mpsconfig object| webpackChunk_N_E object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| _N_E function| _ object| DD_RUM function| __NEXT_PRELOADREADY object| __nbcnd__ object| HFSapi object| HFSconfig object| setModuleEvent object| $ndp object| _HFS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| __MIDDLEWARE_MANIFEST object| scrollMonitor string| OnetrustActiveGroups string| OptanonActiveGroups function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| DIGIOH_LOADER boolean| SENT_LIGHTBOX_PV object| PARSELY object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| Sailthru string| _vwo_cookieDomain function| pushBasedCommonWrapper function| commonWrapper string| _vwo_mt string| _vwo_tm object| VWO number| _vwo_acc_id object| _vwo_exp_ids object| _vwo_exp object| VWOOmni function| vwo_$ string| _vis_opt_file_name string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_t object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id object| google_tag_manager object| google_tag_data object| COMSCORE object| ns_p function| 4dm1r11545242527 object| dpmComscoreVars object| GlobalSnowplowNamespace function| dpm function| DPMSendConversionEvent function| DPMSendSingleTransactionEvent object| keys_processed object| Snowplow string| _vwo_ip object| _vwo_geo function| _typeof object| __otccpaooLocation object| TRUE_ANTHEM string| g object| vwo_iehack_queue undefined| vwo_e object| _vwo_pa object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents object| otStubData object| tv object| _fw_admanager function| Hls boolean| NDP_DEBUG function| NDPPlayer number| ___vwo object| __nls object| OneTrustStub object| s_i_msnbcnbcnewscomprod object| Optanon object| OneTrust object| _svq boolean| sv_DNT object| _svt object| mpsopts object| mpscall object| mps object| debugmode object| gpt string| mpsinstance function| mpsCallback object| cats string| lastcat number| $auc object| pbjs object| _mpshead object| _mpsstyles number| retval string| ret object| mpscall_original string| $dM string| sitepath object| sitepatharr string| cleanpath object| derived function| mpsGetAd string| mpsrequesturl object| ggeac object| google_js_reporting_queue function| htmlParser function| postscribe string| __nbcudigitaladops_dtparams object| __nbcudigitaladops_inject object| __nbcudigitaladops object| __nbcudigitaladops_header object| apstag number| randomOrd string| eTandomAd function| admantx_callback boolean| __qsparam undefined| detectviewport string| debugmsg string| warnmsg number| queuelen number| placementId object| atsScript string| host boolean| apstagLOADED object| _aps object| apscustom undefined| google_measure_js_timing string| avk string| sz object| _kv function| setImmediate function| clearImmediate object| ats undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_53809691 object| Moat#PML#26#1.2 boolean| Moat#EVA object| moatPrebidApi object| pbjsChunk object| _pbjsGlobals object| Criteo function| processGoogleToken object| googleToken object| googleIMState number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| DOMlessLLDcallback_55575650 object| google_image_requests object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135

62 Cookies

Domain/Path Name / Value
mps.nbcuni.com/fetch/ext Name: adEdition
Value: DE
mps.nbcuni.com/fetch/ext Name: geoEdition
Value: de
.nbcnews.com/ Name: nbcnews_geolocation
Value: non-us
.nbcnews.com/ Name: ng_geolocation
Value: DE
www.nbcnews.com/ Name: BI_UI_previousPage
Value: direct
www.nbcnews.com/ Name: BI_UI_referrer
Value: direct
.demdex.net/ Name: demdex
Value: 16854279294024592841949587967527263287
www.nbcnews.com/ Name: fw_vcid2
Value: 6f091da8-6712-46ca-b467-12b8e1abdfef
www.nbcnews.com/ Name: akaas_NBCNews
Value: 1687572494~rv=81~id=74cdfe4edb94c11d4be81f3241770aac~rn=
.nbcnews.com/ Name: AMCVS_A8AB776A5245B4220A490D44%40AdobeOrg
Value: 1
.nbcnews.com/ Name: _vis_opt_s
Value: 1%7C
.nbcnews.com/ Name: _vis_opt_test_cookie
Value: 1
.nbcnews.com/ Name: _vwo_uuid
Value: J2ACE4D195204449AB89F02517939A079
.nbcnews.com/ Name: _vwo_sn
Value: 0%3A1
.nbcnews.com/ Name: _dpm_ses.1b16
Value: *
.nbcnews.com/ Name: _dpm_id.1b16
Value: c100bce9-7958-495f-9cf7-b4f955520d17.1686708494.1.1686708494.1686708494.41185391-4dc5-441e-af33-1ea09e51be66
.scorecardresearch.com/ Name: UID
Value: 1BDc4ce3c244c7f10e3a99c1686708494
.nbcnews.com/ Name: _gcl_au
Value: 1.1.1547124173.1686708494
.nbcnews.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983%22%2C%22sref%22:%22%22%2C%22sts%22:1686708494310%2C%22slts%22:0}
.nbcnews.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=a02f229d-9215-4a12-9d77-84fa4b16dc55%22%2C%22session_count%22:1%2C%22last_session_ts%22:1686708494310}
www.nbcnews.com/ Name: usprivacy
Value: 1---
.nbcnews.com/ Name: _vwo_uuid_v2
Value: DEE27E0997F98964F90E87E9091764F75|029ed652ffd4e6972af2a71d1e6b9826
.nbcnews.com/ Name: _hjSessionUser_309218
Value: eyJpZCI6IjFiNzdhM2U1LTc2ZjgtNTYzNS1iMGJmLWYxNDVmY2VhNWEyNyIsImNyZWF0ZWQiOjE2ODY3MDg0OTQzNjIsImV4aXN0aW5nIjpmYWxzZX0=
.nbcnews.com/ Name: _hjFirstSeen
Value: 1
.nbcnews.com/ Name: _hjIncludedInSessionSample_309218
Value: 0
.nbcnews.com/ Name: _hjSession_309218
Value: eyJpZCI6ImQ1ZjM0ZDI5LTI0YmUtNGNlNi05ZmNmLTRhZGZlMmNiYTVmZSIsImNyZWF0ZWQiOjE2ODY3MDg0OTQzNzMsImluU2FtcGxlIjpmYWxzZX0=
.nbcnews.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.nbcnews.com/ Name: s_vi
Value: [CS]v1|3244908765649B3D-6000195A662E27F6[CE]
.nbcnews.com/ Name: s_ecid
Value: MCMID%7C16753349417385536861968768375831693813
.nbcnews.com/ Name: _vwo_ds
Value: 3%3At_0%2Ca_0%3A0%241686708494%3A67.64129212%3A%3A%3A6_0%2C1_0%3A0
.nbcnews.com/ Name: AMCV_A8AB776A5245B4220A490D44%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C19523%7CMCMID%7C16753349417385536861968768375831693813%7CMCAAMLH-1687313294%7C6%7CMCAAMB-1687313294%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1686715694s%7CNONE%7CMCAID%7C3244908765649B3D-6000195A662E27F6%7CvVersion%7C4.4.0
.nbcnews.com/ Name: prevVal_pn
Value: nbcnews%3Apost%3Aillinois-hospital-links-closure-ransomware-attack-rcna85983
.nbcnews.com/ Name: s_vnum
Value: 1689300494501%26vn%3D1
.nbcnews.com/ Name: s_invisit
Value: true
.nbcnews.com/ Name: s_cc
Value: true
.nbcnews.com/ Name: mprtcl-v4_0631346C
Value: {'gs':{'ie':1|'dt':'65ea0b28a73c4c4abd08599774d30799'|'cgid':'2d0268f7-80c8-49d9-63e6-80720fcd10b6'|'das':'8a7093c4-ecca-43a4-a7e7-3c609f74c1cd'|'csm':'WyItMjAzMjE1NDQ5MzI0MzQ4OTA1MyJd'|'sid':'3A1DF174-306B-41C0-1880-681C9A2285CA'|'les':1686708494181|'ssd':1686708494163}|'l':0|'-2032154493243489053':{'fst':1686708494550}|'cu':'-2032154493243489053'}
www.nbcnews.com/ Name: BI_UI_mpid
Value: -2032154493243489053
.app.link/ Name: _s
Value: 9mySjXoUhTBsXySujFloBNfGpPe7uC1tFc5jR7mYYK059IRtvjhtajBYMVq4GmeC
.dpm.demdex.net/ Name: dpm
Value: 16854279294024592841949587967527263287
www.nbcnews.com/ Name: sailthru_pageviews
Value: 1
.demdex.net/ Name: dextp
Value: 771-1-1686708494463|30646-1-1686708494577|57282-1-1686708494677|129099-1-1686708494778
.tvpixel.com/ Name: sp
Value: bc6cba46-2665-4933-adbb-41820ee45e47
.nbcnews.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Wed+Jun+14+2023+02%3A08%3A15+GMT%2B0000+(GMT)&version=6.17.0&hosts=&consentId=5864f448-b9bd-4b56-9675-cd9aa4de1851&interactionCount=0&landingPath=https%3A%2F%2Fwww.nbcnews.com%2Ftech%2Fsecurity%2Fillinois-hospital-links-closure-ransomware-attack-rcna85983&groups=1%3A1%2C9%3A1%2C12%3A1%2C11%3A1%2C13%3A1%2COOF%3A1%2Cdummy%3A1
.nbcnews.com/ Name: _awl
Value: 2.1686708494.5-5e21a0824773c63b8c268933d94ed94f-6763652d6575726f70652d7765737431-0
.imrworldwide.com/ Name: IMRID
Value: 527fc890-0a58-11ee-826b-ebaa21617cd2
.yahoo.com/ Name: A3
Value: d=AQABBA8hiWQCEOdjtMLAUc4cSfGJSlxnUgcFEv__AP8AAAAAAOAYyiMAAAAAgA&S=AQAAAlsMun-QPuf76QaX4lu_JaU
.nbcnews.com/ Name: _admrla
Value: 2.2-7d60020a308d581f-5282f20c-0a58-11ee-a53b-3bb36e07d512
.nbcnews.com/ Name: aam_uuid
Value: 17022405435430485252013697175996752366
.doubleclick.net/ Name: IDE
Value: AHWqTUkQioz_nkMNlum_kizvxxWvE4__vz0WC5S-xMsaL-grfpDkbc39Lvy42M1NpE0
www.nbcnews.com/ Name: sailthru_content
Value: 69cb5e3877ef63bbc1c634b0e7c61e3a
www.nbcnews.com/ Name: sailthru_visitor
Value: cc233dd5-ff31-4907-acfd-7506d3db6418
www.nbcnews.com/ Name: adops_master_kvs
Value:
www.nbcnews.com/ Name: _lr_geo_location
Value: SE
.kargo.com/ Name: ktcid
Value: 89ea947a-4869-050f-1d99-a2244887aaf7
.nbcnews.com/ Name: __gads
Value: ID=162be8ebac803448:T=1686708496:RT=1686708496:S=ALNI_MapiNCnQGJ_IoSwHULXWHAmS_i9vw
.nbcnews.com/ Name: __gpi
Value: UID=00000c2f798637db:T=1686708496:RT=1686708496:S=ALNI_MYpAZmXAwRL3hA-ionljw4lTkPLGw
.rubiconproject.com/ Name: khaos
Value: LIV2OTK8-1X-4F42
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qquj4aEZKbmmwmOsfVVM1TCDevM3UyPj6gGcxEYtj6WrEQ32aKoKuXc7eMgKZPaBGM+/UJ4kF6/1Ck5KOc6754OjWsNFZZZ5Gw=
.krxd.net/ Name: e_JnqJS_Pa^ord|1686708497473
Value: 1686708497
.krxd.net/ Name: _kuid_
Value: PnStm2Rz
.criteo.com/ Name: uid
Value: f09f146e-3111-4049-8304-8c5e3b0e9876
.nbcnews.com/ Name: cto_bundle
Value: Zvoh6F9XU0k3N2MzWHMwekpLJTJGMG9XR1pDN3I3T3NhOXVSJTJCJTJCU0U3VzIlMkY2NDNnOXI5WVpBVlZ2R2tlWU5uT01lb0VnWjQlMkJCOElOczFRTSUyRjBIWkZJbDMxUU9ZUWt1WnRNS1UlMkJ4Z1dmSTc5ZVNTa3JqaXIxRW1WWHMxUnhrczhENGdIZU1YOHY2enVTWk93TnAyTFFkSmtNQ2JpQSUzRCUzRA

2 Console Messages

Source Level URL
Text
other warning URL: https://www.nbcnews.com/tech/security/illinois-hospital-links-closure-ransomware-attack-rcna85983
Message:
<link rel=preload> has an invalid `href` value
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CB7A9D4B-2588-4F40-86D3-E2E5E4E70390&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2628000 ; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8168974.fls.doubleclick.net
97590d9bd7c8ffaa58ff60c8f61be8ec.safeframe.googlesyndication.com
a.audrte.com
aamt.nbcnews.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ads.pubmatic.com
adservice.google.com
adservice.google.se
ak.sail-horizon.com
api.sail-personalize.com
api2.branch.io
app.link
assets.adobedtm.com
ats.rlcdn.com
beacon.krxd.net
beacon.tru.am
bidder.criteo.com
c.amazon-adsystem.com
c.tvpixel.com
c1.adform.net
cdn-gl.imrworldwide.com
cdn.branch.io
cdn.cookielaw.org
cdn.indexww.com
cdn.parsely.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cookiesync.mparticle.com
cr.frontend.weborama.fr
d1z2jf7jlzjs58.cloudfront.net
d5p.de17a.com
dev.visualwebsiteoptimizer.com
dis.criteo.com
dpm.demdex.net
ds.reson8.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
geo.cnbc.com
geo.moatads.com
geo.privacymanager.io
geolocation.onetrust.com
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
identity.mparticle.com
image2.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
krk2.kargo.com
match.adsrvr.org
mb.moatads.com
media-cldnry.s-nbcnews.com
media1.s-nbcnews.com
micro.rubiconproject.com
mid.rkdms.com
mps.nbcuni.com
mug.criteo.com
nbcu.demdex.net
nbcu.track.securedvisit.com
nbcudisplay.s.moatpixel.com
nbcuni.demdex.net
nodeassets.nbcnews.com
nondescriptnote.com
p.rfihub.com
p.tvpixel.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
px.ads.linkedin.com
px.moatads.com
s.amazon-adsystem.com
sb.scorecardresearch.com
script.hotjar.com
secure-dcr.imrworldwide.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
static.hotjar.com
sync.crwdcntrl.net
sync.mathtag.com
tag.researchnow.com
tlx.3lift.com
tpc.googlesyndication.com
tru.am
uhi1rpbiteztsr0brykpv8kaoazed1686708494.nuid.imrworldwide.com
um.simpli.fi
ups.analytics.yahoo.com
usasync01.admantx.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lightboxcdn.com
www.nbcnews.com
z.moatads.com
a.audrte.com
aax-eu.amazon-adsystem.com
c1.adform.net
cdn.indexww.com
cm.g.doubleclick.net
cr.frontend.weborama.fr
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
match.adsrvr.org
p.rfihub.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
s.amazon-adsystem.com
ssbsync.smartadserver.com
sync.crwdcntrl.net
sync.mathtag.com
104.18.10.47
104.18.25.185
104.18.9.110
108.138.17.81
108.138.9.235
13.32.99.21
13.32.99.59
142.250.186.102
142.250.186.98
143.204.98.71
178.250.1.11
18.133.8.189
18.195.124.181
18.66.100.58
18.66.112.45
18.66.147.105
18.66.97.49
185.29.132.245
185.64.189.112
185.64.190.78
185.80.39.216
185.89.210.90
212.82.100.182
23.20.40.7
23.201.255.110
23.212.211.47
23.212.89.123
23.32.184.192
23.32.185.123
23.52.120.37
2600:1901:0:7416::1
2600:9000:2057:200:19:9934:6a80:93a1
2600:9000:223f:b600:1d:667e:2a40:93a1
2600:9000:223f:fc00:8:48e:53c0:93a1
2600:9000:2240:d000:2:42d9:3100:93a1
2600:9000:225e:8c00:1d:bf0a:0:93a1
2600:9000:2491:5600:11:f728:3040:93a1
2602:803:c003:200::21
2606:4700:20::681a:374
2606:4700::6812:1d26
2606:4700::6812:aa72
2606:4700::6813:d483
2a00:1450:4001:802::2004
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:827::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a02:2638:3::c
2a02:2638:d::2
2a02:2638:d::a
2a02:26f0:3100:794::a1d
2a02:26f0:480:980::1e80
2a02:26f0:480:996::2506
2a02:26f0:480:9ab::d25
2a02:26f0:480:a85::2506
2a04:4e42:200::645
2a04:4e42:600::645
2a04:4e42::645
3.123.184.25
3.123.242.222
3.211.191.187
3.68.146.172
3.75.62.37
34.254.142.64
34.96.102.137
35.204.74.118
52.21.155.36
52.213.166.38
52.214.226.234
52.222.208.154
52.222.236.63
52.222.250.165
52.30.71.191
54.155.18.159
54.208.26.70
54.76.136.163
63.140.62.160
76.223.111.18
99.83.154.140
023e0acbf6db4daa67e60e37220526c9729d93356541df03eeaf07df1aef074c
02c02163daeac24c5a7d0b803f6c25a6049fb168f86194e40b9b5b79d4c102ba
04378ffa414930f64040bd1d89dba0239fcb49252f90272b3b1e7d6f02962169
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0543da092ee791391737a24209f01f74ab9cb377d1ed9dc315348ae3ed6c24ca
055513a95c0e8461ed38a3848267bf6a2b6a75a1f8242631cc4cba54821ed021
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
10a67938d1e9362996a176bf44d98295cc313e98f074c14289ab82a3f88d0032
134d77fad65ee4d680f791b11649e4ceaf8e2dccbe1ff121df476594d059869f
142b61225fe59daaf9aa37d10aa34f617907b830c72da64da095ce0dbcacadaa
14b306e09b6566907bbc7a69613b5492a58bb3c5f44ef6880c13b2c07076d6cf
164e9ff720c6620efa1a016cbd4de12ea7387e7b62db6cb2ce43648b39b66d93
16be7368c4db8f156aef05f1885b0ee2162a9e9b8b7ff16bd1579a4483ef9daf
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1d35326164cbde1bf71c6dd1a3c41fdab42ee58e923f13497adcd6c454fbc491
1de88f620d361902bc5f779d67554c6f550a07b5b253b7b7d6c635cd6abc5f6e
1eaf39da4a7bc521968553ccb045aaae4c3609d0f714197db1855e4b47bf31d4
1f3ec2677a95b8639ecf5f7e2033b0e00c08848a9fcd778a491b7388ef602d00
1f9187f094239de8b9cfd32162b64e9e8ceb17cc55d68a1eac2b0bc85ef12e2f
200951182addbca20fc4038527bda74941d8d9d9be38f0fe84dba7259b64f709
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
20e117c72f68819de65a85a1128945102564b41014576c0c07b1e86e75b4f9dc
251f2bbd9d16da900d2c936551524e37d0e6f933921202e2e4450282ec2eb2fe
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3292bf84f2a19c113ed57e0e88988580e8862ce144828359601b141d951b3c96
32ba119e29f7dbb5be3fdfb85157bd3ea1739e4f3255553ce3ffd382dc791cf6
33e9c5ff7588a3dad40bd014a8a5037acd59c0a8693603dbee83ee6b2acf6652
3413b8b45b46d42539ff1142bb12eccdea03e29b1a40c7015c3acb8b9b314905
34ca1420db98a605ac63d3d80927f8064ec897a7b490a5db7e781778bd42f505
35d3a9968a2d6bbe0060a5c03f1d1fdcb1461bf4469e72ce8cc7be01883df9ea
39f5566a98c2a7d3aad7e6c7518c206d3065713e22c98583c9f686e48e9e7f16
3e6c968cfdeeef38bc472e7fe33a5af9239c94ed8d9085e3d99fb6ccd5d3bed8
3ed26f11600a78d24d62ff6ae8450fa5781dca22f1ab14266eb066f22f134320
3f7f2a430c859f14ea70e30074204bd0f40aadf9fee7252ceb0215920566cb0b
3f92f360dcd54479ca1f495c37a0a2a32b5eaf1d1028aa3cd79b4fb3977cc1fc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
424389db7a9ba935cfd48de3ca2c7b828743858d1e0804a7d29d243a8d44bfb1
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
442a306ff077bf74bd3e0a1740c2d3944211795d9d109d24d365b2fe93a5fd68
45e5d32e0ec15cbdbb2e79a1e8db1453f3cafe31edb9af9bdca27c3f1f7000f7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4ad64f24b40f75be6a32ecd0f04a0eeeea6daf377b804488d0c2d0e7410309ca
4b1e1bef92ba957c4648c2118de4eece20ffb8e58eedbb33bce5c2227b46e9ee
4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64
4cfa9ba8755ba47b6e98690fbced19cf911d3351e2daa7c75f0e84f5f229d33d
4e072ebf49cc23b8c95293e00263eefc93b040d6bc1b6421ba3376b8d20e9437
51bdc283c3b3f7a51636e68f2c40714c2a9e7b5ad4a0703d3cfbb65660d9b65c
51eb8b292d153e861623c0ed30776800e6865a614145be19023e9d7f2a894e4e
524b1af431d3bf3a31f0265469433c60f971f0e83d0fab4e2a19c9f040ae7e0e
541b5504975cab60ee778063f29f6f9320ef309ddb0dc9ca2781f9328c90575e
547bfe45786020d5e9de262b053fecc7e9031cac23695f136d411b67e604c90e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
57acd6cb713256b25bc5bf8fd5495e893a895fcf83deaf4307d87d25e7011297
5b33fab00b3530a78060b91dcef89e11a1e93b457a615326bc1baae20813972c
5b6f3d2037d4e7107eb0ee1b10cb5ef954d042c8921957945e40d24c4a90ae1f
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
609f46111cf40f51daf41234cdd905a8c8abc6379a3509ff0314e18bc5304f3e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
6287040de78c84d2f1d8b44b012772e9cfa2f9da74fbe4a466d6851b225610a7
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
662b7ef00bf32051821d47736cdc861b7f4457a043cbe0824b1d98f2e664fa20
66801ce0eabd0304d15f9d73c68cfdeff8f776496f2ff404ad0875d9cb9ee2f7
679db733df25335c9bd97d3d2afc81237c140a75f983473fdb6506db1832ee57
68179b2afb435b07725952ee0ccbea4c87220b9cd756d4f584e2867f277a7c15
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d0182c8f505267cbc9a34cd4db566b0d56beabd041a912d8636f0b1cbadf0cc
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6f739a718e7f47c768b59263bc2ca58cc2168febcb4c1bb2192f049a26fcbbbd
6fa6562e4ad686fb98d042103b4ef70a3ce133d74544dfd2c56efe02e7b6df5b
6fadd70a3b68e5b50db0a1a8e8b20ee77c76ae8400a7c1df193a50822fb0fba1
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
767a456e2a3d977102a5a4224d43f77ca39d3e196d21ba98e3849eb5061d1e5c
77014622bb2b3b959cef95b4e87520f3422d0344a366b0820580b9f9201d5b7f
781e5d64e355ea883008a5a84253f2193e16eeee976577427b5d9008180bdede
78b0d8f6d021cfcd896c6759c2eb639e49ff8af391fb6e7385607c2301a805f7
7944d38923056e3bc08f8d5215f8c660c6ede2a1b5df368905b583d4069be83c
7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c7bdae40617a9189c43594f9b15797971598df319d16fb2b922fae2b6b74a2e
7f5b426b56fb1144fed018baf77df503500937a3ab60f8d7ad1f962116ebe6a4
7f8fcca1aaef49beced7fc4d165a41992d06293327012d7281a1909c930ff661
81115ede15bc291348152c4021e46c1214a17f7b0d28e2cae1eb30677b2cb523
821ba81ecabc05217edb8f1253f0f02b7cde320eec2e21858afae0ecabbf6664
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83340911733e4ae3c55fc3763d089fa38e427248ac4833ee3209c5c5f7f385dd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837d2f960a4a5ca4b0fa92f295bb6dda0dc551274f45bda82679091e24e3ba38
86d3fcbf2390c357cc893847dd60e850d8b47eeb1c68f065a942dc78b9abbf8d
88b4d4627e1e206d18640d49737db3589b7a76c88bc34f671842f685a618492e
88defba3329daa634bdb508fd1dc40231c0b219e120bc7d65c367b2deddf6ed1
8b92a69381acf860bb7d6f9d3e35a15a167d82b53817e018a949d3e59b9e86b4
8bbbc366133eebc269aa0b4c9893140db2b61666a03417b07923f8201846ed8f
8d9bb0b641b2cc279716a4e26f032389929383c284c4cfe88c9cb40558e62317
8e9b3dc41928550a6a5f2294cb7bb92ba7e4ae20198486ce269415ee43543420
8f34ebc564ab6471bb209da166c05e6667d1f10a298e3e613f34d58402e8c689
90457ff87c8b374cbe7782c4e0cec7f48f0c436c55bc9a2b16a860e6389f78b4
90801b0832172b215b38d4b2c952931e81f2b13cd0f57a1b76b60333f4ed26e0
94be672abb91b7d3f4e8c764f1c8c4f89e470c34912a5dd08b678bad5096057b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cc784d74aae0ce2d405dd7026de5535e0cb3b87a3afa0fd6a2ca556d5ffec09
9dc24ec453c18362c80967492ada0f6a069610610e49d6ce7663313f4f4c3463
9e73863ac8525691f3a608c59ee9cd2520cb5f1958805f873d989ad308836208
a3320166f3d157c66aa0fcb69c26d847230932bcbdc52a4078780f77df365452
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a92b3c5d84464637175bb55b802da9f9f68b713fcb83139e60a7ec8b0b39bffa
aa5089ca38d14d73f04e10aab4ea9236e5f7c30804fd62350c397450337bc367
ab2dea41da05776f38f0a9cc633aeee7c764c0c2c41c22d323bddee06c91e91b
b0116221e4756b96a5f514db2694266e6d1722e20cf5a6aa8718f7d131bb6c11
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17f4c082b272213f4da075af5c73893db6c70f060c8441ff6e70f7251324ff9
b5ccfbf05b8c8491e788e4b3a00a0460cc327a4356dfea6e746e3c2abb6737bf
b6e635a7e1ab8ea1671505d940b05de3652d8fc5fa4aca94da773152deff70c4
b78ab16b972a289c3f833bb02edc358e3315ee48ccb618b57bd6e3c8a230c164
ba4b7053275ac06eed29e50c928483296ba8a1ba7cc8815ad92bb5695cb7fc3a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc02d77ac49d58b5aaf302bb58e4bfdb8ddbaf55db57a30d1941bfcc86374743
bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1
be5ddda8e669c59313302ddb6cb53e56c0d33c30fb6d288779723b81cfa9221b
c0cb5c309c631917e30894b41e74cedb6911fcb9b2fa3bcefb252f23d6aba318
c195f1010befeec3435742c61a708069889f6abf705cad734c7423f883a0ab94
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c208d48e93b6abb4c5e81b3c72164f41257a9a625dab9ca3a4a01b9b4c46b043
c3cb8a00600b5b4b40c0ab1dab3bcc85cb1d06c2fd80dd55f13b7766688250aa
c8eed1f1077496ddb74d7bb60e7ff25914badb4c5861a2a434ab7b9b418f6777
c9161ca570ef24f563a946462b712f9cbbb059c7afd85aa979488523ed977342
ca2f5761b612d2a08c4bcd793ad78f9c0ae5da9fe1d6d38070b70eb7130fbb32
cb66ecf37a4556d0da2b1e72ce6576f06e8d5f80650a72c302e2d4b23a14330d
cb68bb6edb6092ef35166b520b028f2a851c6bf95d670b95a82002b96efd310c
cd51b749b1e8eee6e362b9a6928ea32e82ca9af8e6dc082de772062fdf2d73a3
cdc2bb26fe76a79d54a6f197edf1188e4829093003f26707eed349267a8a96d3
cef4bd2366fe9f01a0cef765ac8f0a77d2805e64ba0168a24e1777e4d583a53e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d734d7b8016f22e077bc1e2d5929c74d5f992e72e28c54daa63f1e9a9ac84b
d21f452108e5df6b74501a8f2f9d583006f6ad328d1278d69356dfa714f1a2ec
d7bce4354208897cefdc172e0023efb5070f1a6ca0058a6a0ba2142c8ed8ab03
da78917a3f29442350ba0f822d402167808e4ada35300d18bc2aca74625fd472
db2356b5f18b55a9cebb2c282b7e88e59d4a8f94abceddb20fadc7c33d8c27ee
db767aa95b0dcca039d97646b1f6c0980bb444233d6131e0f7aadb9bdf91a327
dba8842a30a0214ed2532bc6d5be0c667506050e386c56a11be5dc80d34cbb2b
dbaaa92ce97a1d9b8dd48857634c6a1661f68971e77347301a8faef27c8b5339
dc5f18223b1a8a5c768d7e1a6e61e1f6c724d385921f6353ba01ff9ef19d59e5
dd648a2ddfe9defe08c3bfa61d2acd731e02dabd0ceb26ca263f0da77a45b53c
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e020712650fc6e07aed8ed755b2952943ff22111a6c4d4543ece1b31ef6a68bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e8433a8e96fbf95d297095792e696d48b5b172456602a5b93d66f217d71a65
e47f281010b99f7d4dd2bc45d579228e60076e5c5310c409cfec0069711032ce
e527a03c94c8c76a74325eba48d06da423c9038583d8d118d654fa1e87d9b83d
e6c2f5a364bbe47c07cec5a9ac3543d436adad35e03df919864f329bbc9ed1a0
e6c4a2b216f22c74974d0a58a2bcb46b3450843358e30e6542bb91b84f67244d
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874
e8554b343a0d5ff024cc028249147fc9193de45e99880520d1d4cb77cd7c0fb7
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e9c07824d0967d30b5ca738d650cd92f1dc38082939be19f4507d9f7c9bee5e0
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
eb99b621d5fd18516177cb4c881ad8a1f8b0c96c402bcf21e73c0015d44c4044
eb9f4d08fef18c9899547ca19d914e0659038a69218bb08742959b1997226d1d
ee045310752103c13867daddad5b359cf114c359813a98333d1910b6dd017d91
eec660e2b3b122746049afba74759e1d3012e9757e4d93063212a770eb150b31
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495
f73e7cc41d39326ef7ce32e652e21085d1ff60ab05f9a0f85138b59d8f59e6b9
f7de59d52f36779aaf5fc6ce1f3231f62cddc6bb3571697c3c394f7a8eb68219
f9df1da2e337cc44e3d87a5dc93f8271933b5ee914c7046ef02e281014b6cda0
fd8f0a76c0a73b0ca3edd6e77abde3614b15ec08b140031ed017bb7cb071c120
fdc20d1f7912efd1299fe14fd37d9906decda19435a36912107865525dade286
fedca269c46d16ef7bbb050acc9bbb9fe51a8bb77a3a8d31627d82fce4ce124a