www.beckershospitalreview.com Open in urlscan Pro
67.227.242.177 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/NG8RwvXsGV
Effective URL:
https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_m...
Submission: On February 03 via manual (February 3rd 2023, 9:38:05 pm UTC) from US — Scanned from DE

Summary HTTP 203 Redirects Links 67 Behaviour Indicators

Summary

This website contacted 62 IPs in 7 countries across 47 domains to perform 203 HTTP transactions. The main IP is 67.227.242.177, located in United States and belongs to LIQUIDWEB, US. The main domain is www.beckershospitalreview.com. The Cisco Umbrella rank of the primary domain is 80640.
TLS certificate: Issued by R3 on December 25th 2022. Valid for: 3 months.

This is the only time www.beckershospitalreview.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1 1	67.199.248.12 67.199.248.12	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 20	67.227.242.177 67.227.242.177	32244 (LIQUIDWEB) (LIQUIDWEB)
1	2606:4700::68... 2606:4700::6811:b649	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:400d:80d::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
7	209.59.186.75 209.59.186.75	32244 (LIQUIDWEB) (LIQUIDWEB)
8	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
3	2600:9000:234... 2600:9000:234e:2a00:1e:5cef:3780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	50.28.99.4 50.28.99.4	53824 (LIQUIDWEB) (LIQUIDWEB)
2	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1	34.231.207.29 34.231.207.29	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6810:5605	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:3eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	204.180.130.165 204.180.130.165	53866 (QTS-AS) (QTS-AS)
11	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
7	204.180.130.159 204.180.130.159	53866 (QTS-AS) (QTS-AS)
1 3	54.163.114.10 54.163.114.10	14618 (AMAZON-AES) (AMAZON-AES)
1	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
14	2600:9000:211... 2600:9000:211a:4200:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:400d:803::2001	15169 (GOOGLE) (GOOGLE)
2	34.233.16.172 34.233.16.172	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	2600:9000:225... 2600:9000:225e:3000:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:eccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:72b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12 15	2a05:d018:cc3... 2a05:d018:cc3:fe04:7036:b4fb:4707:a1df	16509 (AMAZON-02) (AMAZON-02)
1	34.242.35.28 34.242.35.28	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	52.29.36.14 52.29.36.14	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.201.194 142.250.201.194	15169 (GOOGLE) (GOOGLE)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	20.13.96.71 20.13.96.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:11a... 2a02:26f0:11a::217:9a4a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:230... 2600:9000:2304:c800:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	204.180.130.190 204.180.130.190	() ()
3	205.162.42.5 205.162.42.5	() ()
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	() ()
203	62

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.12 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: cname.bitly.com

buff.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 67.227.242.177 (United States) 1 redirects

ASN32244 (LIQUIDWEB, US)
PTR: web02.beckersasc.com

www.beckershospitalreview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b649 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 209.59.186.75 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: dev02.beckersasc.com

ads.asccommunications.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
processor.asccommunications.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:234e:2a00:1e:5cef:3780:93a1 (United States)

ASN16509 (AMAZON-02, US)

olytics.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.28.99.4 (United States) 1 redirects

ASN53824 (LIQUIDWEB, US)
PTR: host.beckersasc.com

my.beckershospitalreview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
processor2.asccommunications.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

beckershospitalreview.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.207.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-207-29.compute-1.amazonaws.com

srv-2023-02-03-21.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:3eb (United States)

ASN13335 (CLOUDFLARENET, US)

tags.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.180.130.165 (Rolling Meadows, United States)

ASN53866 (QTS-AS, US)

oqs.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 204.180.130.159 (Rolling Meadows, United States)

ASN53866 (QTS-AS, US)
PTR: my.omedastaging.com

cdp.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.163.114.10 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-114-10.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:211a:4200:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.0.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400d:803::2001 (Ireland)

ASN15169 (GOOGLE, US)

b3c3a27dd2f77fade3ed005759cd1474.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.233.16.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-16-172.compute-1.amazonaws.com

hemsync.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:225e:3000:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:72b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a05:d018:cc3:fe04:7036:b4fb:4707:a1df (Dublin, Ireland) 12 redirects

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.35.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-35-28.eu-west-1.compute.amazonaws.com

ipv4.d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.36.14 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-36-14.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.201.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.13.96.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.149 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::217:9a4a (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:c800:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 204.180.130.190 (None, )

ASN- ()

beckers.dragonforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.dragonforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.162.42.5 (None, )

ASN- ()

hostedcontent.dragonforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (None, )

ASN- ()

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 b3c3a27dd2f77fade3ed005759cd1474.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	448 KB
24	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	199 KB
22	adroll.com 13 redirects s.adroll.com — Cisco Umbrella Rank: 2416 d.adroll.com — Cisco Umbrella Rank: 1473 ipv4.d.adroll.com — Cisco Umbrella Rank: 11010	33 KB
22	beckershospitalreview.com 2 redirects www.beckershospitalreview.com — Cisco Umbrella Rank: 80640 my.beckershospitalreview.com — Cisco Umbrella Rank: 99499	238 KB
14	disquscdn.com c.disquscdn.com — Cisco Umbrella Rank: 4801	537 KB
13	omeda.com olytics.omeda.com — Cisco Umbrella Rank: 20509 oqs.omeda.com — Cisco Umbrella Rank: 22273 cdp.omeda.com — Cisco Umbrella Rank: 22054 cdn.omeda.com	157 KB
9	dragonforms.com beckers.dragonforms.com hostedcontent.dragonforms.com x.dragonforms.com	79 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	268 KB
8	asccommunications.com ads.asccommunications.com — Cisco Umbrella Rank: 142472 processor.asccommunications.com — Cisco Umbrella Rank: 91359 processor2.asccommunications.com — Cisco Umbrella Rank: 115739	7 KB
6	clickagy.com 1 redirects tags.clickagy.com — Cisco Umbrella Rank: 21238 aorta.clickagy.com — Cisco Umbrella Rank: 1813 hemsync.clickagy.com — Cisco Umbrella Rank: 19216	16 KB
6	disqus.com beckershospitalreview.disqus.com — Cisco Umbrella Rank: 147656 disqus.com — Cisco Umbrella Rank: 1211 referrer.disqus.com — Cisco Umbrella Rank: 6999	68 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	333 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	220 KB
5	gstatic.com fonts.gstatic.com	81 KB
5	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2152 api.hubspot.com — Cisco Umbrella Rank: 4596	3 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 353 www.linkedin.com — Cisco Umbrella Rank: 575 px4.ads.linkedin.com — Cisco Umbrella Rank: 6074	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21 region1.google-analytics.com — Cisco Umbrella Rank: 2456	40 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	257 B
3	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 3843 forms-na1.hsforms.com — Cisco Umbrella Rank: 6017	3 KB
3	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4504	3 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	2 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	870 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2620 srv-2023-02-03-21.pixel.parsely.com	18 KB
1	jquery.com code.jquery.com	29 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 814	369 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 707	5 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3237	917 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 329	140 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 919	90 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 274	125 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 872	494 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 720
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 417	273 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 308	239 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2011	63 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 2974	3 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4498	21 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	1 KB
1	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 7705	899 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8741	531 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 601	191 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2004	21 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 5772	159 KB
1	buff.ly 1 redirects buff.ly — Cisco Umbrella Rank: 61247	371 B
1	t.co t.co — Cisco Umbrella Rank: 531	546 B
203	47

	Domain	Requested by
23	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net t.co
20	www.beckershospitalreview.com	1 redirects t.co www.beckershospitalreview.com
15	d.adroll.com	12 redirects s.adroll.com
14	c.disquscdn.com	beckershospitalreview.disqus.com disqus.com c.disquscdn.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
11	pagead2.googlesyndication.com	olytics.omeda.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	www.googletagservices.com	www.beckershospitalreview.com olytics.omeda.com securepubads.g.doubleclick.net
7	cdp.omeda.com	olytics.omeda.com
6	s.adroll.com	1 redirects www.beckershospitalreview.com s.adroll.com
6	processor.asccommunications.com	www.beckershospitalreview.com
6	www.googletagmanager.com	www.beckershospitalreview.com www.googletagmanager.com beckers.dragonforms.com
5	connect.facebook.net	d.adroll.com connect.facebook.net
5	fonts.gstatic.com	fonts.googleapis.com
4	beckers.dragonforms.com	olytics.omeda.com beckers.dragonforms.com code.jquery.com
4	disqus.com	beckershospitalreview.disqus.com c.disquscdn.com
3	x.dragonforms.com	beckers.dragonforms.com
3	www.facebook.com
3	track.hubspot.com
3	aorta.clickagy.com	1 redirects tags.clickagy.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	ws.zoominfo.com	www.beckershospitalreview.com ws.zoominfo.com
3	olytics.omeda.com	www.beckershospitalreview.com beckers.dragonforms.com
2	hostedcontent.dragonforms.com	beckers.dragonforms.com
2	px.ads.linkedin.com	2 redirects
2	ib.adnxs.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	x.bidswitch.net	1 redirects
2	api.hubspot.com	js.usemessages.com
2	hemsync.clickagy.com	tags.clickagy.com
2	oqs.omeda.com	olytics.omeda.com
2	forms.hsforms.com	js.hsforms.net www.beckershospitalreview.com
2	my.beckershospitalreview.com	1 redirects www.beckershospitalreview.com
1	cdn.omeda.com	beckers.dragonforms.com
1	code.jquery.com	beckers.dragonforms.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	snap.licdn.com	js.hsadspixel.net
1	api.hubapi.com	js.hsadspixel.net
1	eb2.3lift.com
1	sync.taboola.com
1	ups.analytics.yahoo.com
1	image2.pubmatic.com
1	sync.outbrain.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	cm.g.doubleclick.net	1 redirects
1	ipv4.d.adroll.com
1	www.google.com	tpc.googlesyndication.com
1	js.hs-banner.com	js-na1.hs-scripts.com
1	js.hsadspixel.net	js-na1.hs-scripts.com
1	js.usemessages.com	js-na1.hs-scripts.com
1	referrer.disqus.com
1	fonts.googleapis.com	client
1	js-na1.hs-scripts.com	js.hs-analytics.net
1	b3c3a27dd2f77fade3ed005759cd1474.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	processor2.asccommunications.com	www.beckershospitalreview.com
1	pixel-sync.sitescout.com	www.beckershospitalreview.com
1	forms-na1.hsforms.com	www.beckershospitalreview.com
1	tags.clickagy.com	ws.zoominfo.com
1	region1.google-analytics.com	www.googletagmanager.com
1	srv-2023-02-03-21.pixel.parsely.com	www.beckershospitalreview.com
1	beckershospitalreview.disqus.com	www.beckershospitalreview.com
1	js.hs-analytics.net	www.beckershospitalreview.com
1	ads.asccommunications.com	www.beckershospitalreview.com
1	cdn.parsely.com	www.beckershospitalreview.com
1	js.hsforms.net	www.beckershospitalreview.com
1	buff.ly	1 redirects
1	t.co
203	71

This site contains links to these domains. Also see Links.

Domain
www.beckersasc.com
www.beckersspine.com
www.beckersdental.com
www.beckerspayer.com
www.beckerspodcasts.com
www.beckersbehavioralhealth.com
www.beckersphysicianleadership.com
beckers.dragonforms.com
beckerspayer.com
events.beckershospitalreview.com
view.ceros.com
careers.beckershospitalreview.com
www.facebook.com
twitter.com
www.linkedin.com
www.scmagazine.com
go.beckershospitalreview.com
www.youtube.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.beckershospitalreview.com R3	`2022-12-25` - `2023-03-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
ads.asccommunications.com R3	`2022-12-29` - `2023-03-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.omeda.com SSL.com RSA SSL subCA	`2022-06-24` - `2023-06-24`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-04-21` - `2023-04-21`	a year	crt.sh
processor.asccommunications.com R3	`2023-01-03` - `2023-04-03`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-20`	a year	crt.sh
*.pixel.parsely.com R3	`2023-01-18` - `2023-04-18`	3 months	crt.sh
*.clickagy.com Amazon	`2023-01-10` - `2024-02-07`	a year	crt.sh
a.disquscdn.com Amazon	`2022-09-30` - `2023-10-29`	a year	crt.sh
processor2.asccommunications.com cPanel, Inc. Certification Authority	`2022-11-30` - `2023-02-28`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-13` - `2023-02-11`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
Frame ID: 1454BE87835D624BC561251C14188802
Requests: 134 HTTP requests in this frame

Frame: https://b3c3a27dd2f77fade3ed005759cd1474.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 59BF09C7B2E004256547288730296B18
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=218085&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html&t_d=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&t_t=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&s_o=default
Frame ID: 97E17538AF5EC00AE7AD4E6E7608920B
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviIM03bKUq5j7D5jgW1_WWisMMu-ntTqmnxnVfvqDow2dturyzhlENVqhOgrxeRSFNCHcAGjBr7UfmdmH8oRY7lwtlmNeUYBdxIFtm_-FhjJOayvXQlvcitfdCd5ws9M841khkOl5Kk4IhcfR-RJZQXKJUoGStFX8ZBxlpfAvWJ2Ja67wROx23F4MpTC63QwJcyrwqP1_2pGFWbFUF-J4nqxsoLUvmBmGP6NDshcdaCc61DsErE2OoVVrruzvjHWYbKjwmq2lgGiFeybH7mlnydxQEb8fBxVNgKsCaUKIlImL8K5u6-MJsKFLleb6-VIJTN85D60OB8S81rUE31fWcppEJYpTQFXc&sai=AMfl-YR5sCCnGiVh0Oqm7Jk8ajoJm2FqmP5YhptG2W-UlWi1d6FYFXicybihjcT3Yb5HU4HM2h5BQtqSA8TXmeOWFil20VqFq39sGXYPdklI32v5PMI9yQOKwSD55KueT-65ImpgQD5MzC4R7zeqfo4&sig=Cg0ArKJSzGPo6_p94lHkEAE&uach_m=[UACH]&adurl=
Frame ID: 327D63B483A666F27686383E374B417D
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuu_ZNrQH6gDIg89SWy3f2Roi4_shqiJ7S8ldNgYETQaPi5X1lpiKQ87VanIgRqIbRBKVMKAzpfttLf10-uN7SD_sOOOApCRohlBLTwFMKEueUWMDLJr7GcwP3L7DWJTYcAnSEOgUmKwKo8pH4IOO10zJh1CibZvICsI6roY0Mye3irqd3pXM8YRkvkbFFVaKfidiHVskWmku9_r7GdkFDIi2tx6ZeL6y_vhoqwMKa4ehTenTmSVhxgH3rw_8B-ZQD6_sw54lmo0wqUCjKy3La18v7lc8hRuwU_zY9VtuUMtb9o4njKG6bfD9WEScUl3XERUDk1JpJ_aw4q9i6GholPGOn1iIQdxw&sai=AMfl-YTIYgZKFflzwN_BLR_T5DW3ChxNrqqmVvWzYd0wE-_ecDvd7Ko3viD-dsmk2RwuuycDbYbpmqmnu-XknogIichjPYvCJanYEblWoSPRvn103RYal1o9Uu7yQs15WIUQEEgjqFLWBxUuRzYSaA8&sig=Cg0ArKJSzGA6MmwdRml2EAE&uach_m=[UACH]&adurl=
Frame ID: 6117846C67FE15F56B94C22B71DD8EAC
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlY9S9J4G2Jf8fX1V15pCIRx37jFmg10z6Ehx8K6crsKzFwIpK--QSsEiVFD1DIWis9mtHXPAIiWr-fVv8zfEM_9GeVc72b40WWAd862URIyqjWqOY11YAUBjpwWb6LgXKhwRYGixGZuZiyFzl-qN_Up7LzAZ9vQdpmwXROc004hGmxwyBcmFIOfoJlB32Kcf_m6sGJNwQmxatogfXKCRXIBlU-JZrwvG0q2O_z7m9QRzejhiMLAYKmKl1FyzhMlmrml-9XGo_4s1Vx-OkcLPgboRqEB6LrdNo98zT8GsHJxetT3Q8332_xADqNQ4epooG-y_IgrKk54Anqlk0nB-VHT2BoszFJQ&sai=AMfl-YQpt46pjenU1MIvMjvi4eHvAJz9T0warhGIxVLjc6PwmeBFwpRLxZB1OfG6Q0KLtoO-6CXrZPw1OlwlS3_6pgaBZTSFAASKLn56DfYc8gAAvyslsXxmC7IMosccSBIhdV0MOqXNb0tbcMq4i_nB&sig=Cg0ArKJSzCri9iZvlIeuEAE&uach_m=[UACH]&adurl=
Frame ID: BD7BCF9024AF482233E4638311AD3D55
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwuyGCN_yqVWozWh4jLZFrBxDqTjU6GpDdqCc683o8TCsmY1GsZXyAde7mVPBUAKvKrY8fxeaSJRGBlRJFnKi1vBOY7tC9axxgH2Fnajw0hafoRdfG_reVWGkmIrmun666bDEhqUhJZ9va53lsxpsa0cljXR-vf1b7HwA1eeYRtPDypwsF0UN50PYFSddIYvc98fNOQZMCBhbKG5SdgtNck3vzEh0kL3FjwLyadsTbyfL54_NNVHjQ1PSFkCF2XCUZHJCs0z2nxVLjZ6-yDfnxwDdxQEbZ-2S_HBSPRK_sJjIKCPWk-KN6YIFJpGjnfOsuu9weyL63-eSuT_0ea9KPZ0QA&sai=AMfl-YSodGCnJFw8nOX2vQOwJJmn1tsT-64E3vSVaBK7PVpBkXcsJJUX7VWifF91l7-SbhQdwb_N2y6o57ENRDDhVIoC6bV7Dty6lqJO1oXprFUo_6Eu_Z8ZPKrbnOAZoJpcgcaNmQFxz0cw8oKohtw&sig=Cg0ArKJSzEZE5iaaqVJiEAE&uach_m=[UACH]&adurl=
Frame ID: 9135449F288E3C14A14B248269B25654
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubH8INjRVs_EddELQmm4wScJmf4uWrGyunAgoR5eXsTBz4ORajfJ4iRJQguOzS5kFKm-EMt67LE03wgxdFDiGIXCzwGe0GG9X3iTabesFd0ypirym9E8uQGj3lefH_UvVEK30cFFKShgpe65CA76DN53PdNRYmZ-UJZUU1NjZ3AtCMvudmAAwls3ESG3ubXzLeQ6RUYoJpm9GZInqn45qhBv9863scxGobOB8NoVoOBbXYo5BR7VLHNN43lGGmRGimwQYqzrLT1hRT2B8Zjlmtx_QXvAKYTO8O4PR7Few_cxzmq0yco3KEnY30_01oB0pyO3hU73mWrB3_BfmNzFz_8uDM_FAH709v7Dk&sai=AMfl-YQsVV9fKJudV-H4rfMLiK2uTxbPJWGTVuZECUcMxlQk1uY5qfamNAesJo6WrUBh-C7yp0FgIj9gRN-w45TzXjeSHcGq80uqxRLiRTA_5NBN3eOIaVtHcXvduzjgZ3LAzW1d6H9oTp83WCfwsW_3&sig=Cg0ArKJSzH8vZr2amyZLEAE&uach_m=[UACH]&adurl=
Frame ID: 63004ACED5D4541D5B81AB42FA72AB4D
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 63D1B91C376F73BD5F211C29060FDA24
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 07559E487C1459EE1C59374BD5B39CD5
Requests: 2 HTTP requests in this frame

Frame: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalceo&pk=modal&r=&oly_anon_id=9800e102-529b-4d66-b172-f586458855ef
Frame ID: BD4184690FDBE9D7CF5812266481526A
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

'Killnet' has allegedly exfiltrated data from hospitals, health systems

Page URL History Show full URLs

https://t.co/NG8RwvXsGV Page URL
https://buff.ly/40svlio HTTP 301
https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-healt... HTTP 301
https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-healt... Page URL

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

203
Requests

92 %
HTTPS

55 %
IPv6

47
Domains

71
Subdomains

62
IPs

7
Countries

3052 kB
Transfer

7249 kB
Size

50
Cookies

67 Outgoing links

These are links going to different origins than the main page.

URL: https://www.beckersasc.com/
Title: ASC

Search URL Search Domain Scan URL

URL: https://www.beckersspine.com/
Title: Spine

Search URL Search Domain Scan URL

URL: https://www.beckersdental.com/
Title: Dental

Search URL Search Domain Scan URL

URL: https://www.beckerspayer.com/
Title: Payer

Search URL Search Domain Scan URL

URL: https://www.beckerspodcasts.com/
Title: Podcasts

Search URL Search Domain Scan URL

URL: https://www.beckersbehavioralhealth.com/
Title: Behavioral

Search URL Search Domain Scan URL

URL: https://www.beckersphysicianleadership.com/
Title: Physician

Search URL Search Domain Scan URL

URL: https://beckers.dragonforms.com/loading.do?omedasite=BCKR_new1
Title: Sign Up For Our Free E-Newsletters

Search URL Search Domain Scan URL

URL: https://www.beckersasc.com/asc-quality-infection-control/beckers-clinical-quality-a-infection-control.html
Title: Clinical Leadership & Infection Control

Search URL Search Domain Scan URL

URL: https://beckerspayer.com/e-weeklies/payer-issues.html
Title: Payer Issues

Search URL Search Domain Scan URL

URL: https://www.beckersphysicianleadership.com/e-weeklies/physician-leadership.html
Title: Physician Leadership

Search URL Search Domain Scan URL

URL: https://www.beckersbehavioralhealth.com/e-newsletters/behavioral-health-e-newsletter.html
Title: Behavioral Health Report

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/annual-meeting-2023/p/1?utm_source=email&utm_content=dropdown
Title: 13th Annual Meeting

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/payerroundtable2023/p/1?utm_source=email&utm_content=dropdown
Title: Payer Issues Roundtable

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/spineorthoasc2023/p/1?utm_source=email&utm_content=dropdown
Title: 20th Annual Spine, Orthopedic & Pain Management-Driven ASC Conference

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/dentalroundtable2023june/p/1?utm_source=email&utm_content=dropdown
Title: The Future of Dentistry Roundtable

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/hitrcm2023/p/1?utm_source=email&utm_content=dropdown
Title: 8th Annual Health IT + Digital Health + RCM Conference

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/ceocfo2023/p/1?utm_source=email&utm_content=dropdown
Title: 11th Annual CEO + CFO Roundtable

Search URL Search Domain Scan URL

URL: https://www.beckersasc.com/advertising-exhibiting-a-sponsorships.html
Title: Exhibiting & Sponsoring

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/the-driving-forces-transforming-the-dental-ve-2023/p/1?utm_source=email&utm_content=dropdown
Title: The Driving Forces Transforming the Dental + DSO Industry Virtual Forum

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/digital-innovation-patient-experience-marketing-2023/p/1?utm_source=email&utm_content=dropdown
Title: Digital Innovation + Patient Experience + Marketing

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/payer-issue-ve-2023/p/1?utm_source=email&utm_content=dropdown
Title: Payer Issues Virtual Event

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/2023-beckers-flatiron-oncology-virtual-summit/p/1?utm_source=email&utm_content=dropdown
Title: Oncology Virtual Summit

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/behavioral-health-2023/p/1?utm_source=email&utm_content=dropdown
Title: Behavioral Health Virtual Event

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/beckers-digital-health-telehealth-virtual-event-2023/p/1?utm_source=email&utm_content=dropdown
Title: Digital Health + Telehealth Virtual Event

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/2023-beckers-human-resources-and-talent-virtual-event/p/1?utm_source=email&utm_content=dropdown
Title: Human Resources + Talent Virtual Event

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/beckers-life-sciences-virtual-event-2023/p/1?utm_source=email&utm_content=dropdown
Title: Life Sciences Virtual Event

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/cnocmo-ve-may2023/p/1?utm_source=email&utm_content=dropdown
Title: CNO + CMO Virtual Event

Search URL Search Domain Scan URL

URL: https://www.beckerspodcasts.com/behavioral-health
Title: Becker's Behavioral Health Podcast

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/aws-custom-hub/
Title: AWS Content Hub

Search URL Search Domain Scan URL

URL: https://view.ceros.com/beckers-healthcare/nrc-health-monthly-podcast/p/1
Title: NRC Health Content Hub

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/intuitive-executive-education/p/1?utm_source=email&utm_content=dropdown
Title: Robotics Content Hub

Search URL Search Domain Scan URL

URL: https://careers.beckershospitalreview.com/
Title: Career Center

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html
Title: Post

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle/?url=https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html
Title: Share

Search URL Search Domain Scan URL

URL: https://www.scmagazine.com/analysis/ransomware/hospitals-urged-to-tighten-ddos-defenses-after-health-data-found-on-killnet-list
Title: SC Media

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/2023-annualmeeting-reviewer-form/p/1?utm_source=email&utm_content=13annualfeatured
Title: Becker's 13th Annual Meeting

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/hitwp/from-cybersecurity-to-cyber-resilience-how-to-protect-patients-minimize-downtime?utm_campaign=AWS_WP_November_2022&utm_source=website&utm_content=featured
Title: From cybersecurity to cyber resilience: How to protect patients + minimize downtime

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/hitwp/the-new-perioperative-growth-playbook-six-winning-strategies-using-automation?utm_campaign=Qventus_WP_July_2022&utm_source=website&utm_content=featured
Title: The new perioperative growth playbook: Six winning strategies using automation

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/hitwp/how-health-plans-can-turbocharge-and-personalize-the-member-experience?utm_campaign=Nuance_WP_December_2022&utm_source=website&utm_content=featured
Title: How health plans can turbocharge and personalize the member experience

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/clinicalwp/benefits-of-efficient-high-quality-tb-screening-for-healthcare-employees?utm_campaign=Quest_WP_January_2022&utm_source=website&utm_content=featured
Title: Benefits of efficient, high-quality TB screening for healthcare employees

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/hitwp/using-ai-to-fill-patient-medication-history-in-epic?utm_campaign=DrFirst_WP_November_2022&utm_source=website&utm_content=featured
Title: A CHIME and DrFirst Roundtable: AI and Automation for Improved Patient and Staff Experience

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/hitwp/5-ways-to-make-your-epic-experience-better?utm_campaign=CipherHealth_WP_October_2022&utm_source=website&utm_content=featured
Title: 5 ways to make your Epic experience better

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/piwp/the-post-call-center-era-how-to-reduce-call-volumes-and-increase-patient-satisfaction-with-intelligent-automation?utm_campaign=Notable_WP_December_2022&utm_source=website&utm_content=featured
Title: The Post-Call Center Era: How to Reduce Call Volumes and Increase Patient Satisfaction with Intelligent Automation

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/piwp/a-buyers-guide-to-physician-payment-automation?utm_campaign=Ludi_WP_September_2022&utm_source=website&utm_content=featured
Title: A buyer's guide to physician payment automation

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/hitwp/south-shore-hospital-ed-prioritizes-med-rec-for-high-risk-patients-with-complexity-scores-and-epic-workflow-enhancements?utm_campaign=DrFirst_WP_November_2022_2&utm_source=website&utm_content=featured
Title: Innovation in the ED The 3 steps South Shore Hospital took to better manage high-risk patients

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/payerwp/optimized-chronic-care-interventions-lead-to-better-outcomes-guarantee-cost-savings?utm_campaign=Vida_WP_February_2023&utm_source=website&utm_content=featured
Title: Optimized chronic care interventions lead to better outcomes, guarantee cost savings

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/hit/the-data-is-in-why-metrics-drive-collaboration-thats-key-to-healthcare-it-strategy?utm_campaign=CereCore_Webinar_2.8.2023&utm_source=website&utm_content=featured
Title: The data is in: Why metrics drive collaboration thats key to healthcare IT strategy

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/finance/optimize-your-revenue-cycle-5-steps-to-boost-productivity?utm_campaign=Xtend_Healthcare_Webinar_2.15.2023&utm_source=website&utm_content=featured
Title: Optimize Your Revenue Cycle 5 steps to boost productivity

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/piwp/enable-your-critical-clinical-supply-chain-with-real-time-and-reactive-visibility?utm_campaign=Vantage_Point_Logistics_Webinar_2.15.2023&utm_source=website&utm_content=featured
Title: Enable your critical clinical supply chain with real-time and reactive visibility

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/payer/real-world-examples-leveraging-ai-for-better-member-experiences?utm_campaign=Nuance_Webinar_2.16.2023&utm_source=website&utm_content=featured
Title: Real World Examples: Leveraging AI for better member experiences

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/finance/reversing-the-trend-how-rural-health-systems-can-improve-financial-performance-with-technology-partnerships?utm_campaign=Multiview_Financial_Webinar_2.16.2023&utm_source=website&utm_content=featured
Title: Reversing the trend: How rural health systems can improve financial performance with technology partnerships

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/clinical/whats-next-for-healthcare-and-pharmacies-in-2023-trends-dynamics-and-whats-next-for-pharmacies-in-healthcare?utm_campaign=Inovalon_On_Demand_Webinar_February_2023&utm_source=website&utm_content=featured
Title: What's next for healthcare and pharmacies in 2023 Trends, Dynamics, and What's Next for Pharmacies in Healthcare

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/hit/how-to-improve-the-physical-safety-of-patients-and-staff-with-automated-visitor-identity-management?utm_campaign=Vector_Flow_On_Demand_Webinar_January_2023&utm_source=website&utm_content=featured
Title: How to improve the physical safety of patients and staff with automated visitor identity management

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/finance/simplify-claims-management-to-save-time-realize-ar-faster?utm_campaign=Waystar_On_Demand_Webinar_January_2023&utm_source=website&utm_content=featured
Title: Simplify claims management to save time, realize AR faster

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/clinical/building-a-precision-oncology-program-at-scale?utm_campaign=Exact_Sciences_On_Demand_Webinar_December_2022&utm_source=website&utm_content=featured
Title: Building a Precision Oncology Program at Scale

Search URL Search Domain Scan URL

URL: https://go.beckershospitalreview.com/hit/how-fight-back-against-mental-health-care-stigma-service-deserts?utm_campaign=Zoom_On_Demand_Webinar_December_2022&utm_source=website&utm_content=featured
Title: How fight back against mental health care stigma + service deserts

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/annual-meeting-2023/p/1
Title: 13th Annual Meeting

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/payerroundtable2023/p/1
Title: Payer Issues Roundtable

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/spineorthoasc2023/p/1
Title: 20th Annual Spine, Orthopedic & Pain Management-Driven ASC Conference

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/dentalroundtable2023june/p/1
Title: The Future of Dentistry Roundtable

Search URL Search Domain Scan URL

URL: https://events.beckershospitalreview.com/hitrcm2023/p/1
Title: 8th Annual Becker's Health IT + Digital Health + RCM Annual Meeting

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/asc-communications/

Search URL Search Domain Scan URL

URL: https://twitter.com/beckershr

Search URL Search Domain Scan URL

URL: http://www.facebook.com/pages/Beckers-Hospital-Review/101670627494

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/hospitalreview1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/NG8RwvXsGV Page URL
https://buff.ly/40svlio HTTP 301
https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=1238I5701601D3V HTTP 301
https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://my.beckershospitalreview.com/is-user-logged-in.html?_=1675460269155 HTTP 303
https://my.beckershospitalreview.com/login.html

Request Chain 61

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag HTTP 302
https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D

Request Chain 153

https://s.adroll.com/j/pre/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 164

https://d.adroll.com/pixel/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&cookie=&adroll_s_ref=https%3A//t.co/&keyw= HTTP 302
https://s.adroll.com/pixel/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7/E5Z5CE3QIZFWDO32KJIMW5.js

Request Chain 168

https://d.adroll.com/cm/b/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI

Request Chain 169

https://d.adroll.com/cm/g/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=72yG--drQvjTg7sYeTFD8g HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 170

https://d.adroll.com/cm/index/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&expiration=1706996270 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&expiration=1706996270&C=1

Request Chain 172

https://d.adroll.com/cm/n/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&expires=365

Request Chain 173

https://d.adroll.com/cm/o/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=ef6c86fbe76b42f8d383bb18793143f2&gdpr=1&gdpr_consent=

Request Chain 174

https://d.adroll.com/cm/outbrain/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&gdpr=1&gdpr_consent=

Request Chain 175

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 176

https://d.adroll.com/cm/r/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 177

https://d.adroll.com/cm/taboola/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI

Request Chain 178

https://d.adroll.com/cm/triplelift/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&dongle=c85e

Request Chain 179

https://d.adroll.com/cm/x/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI

Request Chain 188

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1310345&time=1675460271442&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1310345%26time%3D1675460271442%26url%3Dhttps%253A%252F%252Fwww.beckershospitalreview.com%252Fcybersecurity%252Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%253Futm_medium%253Demail%2526utm_content%253Dnewsletter%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1310345&time=1675460271442&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1310345&time=1675460271442&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&liSync=true&e_ipv6=AQIHEaU6qAvNbwAAAYYZNt78ZuXcuQ9FvYRJGrAPRWuE7rWOa-sf6DXeW2lIpOWFi4OnrrW_oP6_uD4N9sKfxBAlWPiexg

203 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 NG8RwvXsGV
t.co/ 224 B
546 B 178ms
135ms Document
text/html 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/NG8RwvXsGV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 174
content-type: text/html; charset=utf-8
date: Fri, 03 Feb 2023 21:37:46 GMT
expires: Fri, 03 Feb 2023 21:42:47 GMT
perf: 7626143928
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: e2ea7f9c6563b57c4994d2c10a5abb73244a849861da4f31bd2ebe51e286060f
x-response-time: 122
x-transaction-id: 19ee5d3d8fa96377
x-xss-protection: 0

GET
H2

200

Primary Request killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html Show response
www.beckershospitalreview.com/cybersecurity/
Redirect Chain

https://buff.ly/40svlio
https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&...
https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter

79 KB
14 KB

404ms
404ms

Document
text/html

67.227.242.177
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter

Requested by

Host: t.co
URL: https://t.co/NG8RwvXsGV

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

web02.beckersasc.com

Software

Apache /

Resource Hash

5932092d5e11c9c0ff217094853e3e7ce9fb4f23ad19aaa7aaed72673abb22b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://t.co/NG8RwvXsGV
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-length: 14185
content-type: text/html; charset=utf-8
date: Fri, 03 Feb 2023 21:37:48 GMT
expires: Wed, 17 Aug 2005 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 21:37:48 GMT
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff

Redirect headers

cache-control: max-age=1
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 03 Feb 2023 21:37:48 GMT
expires: Fri, 03 Feb 2023 21:37:49 GMT
location: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
server: Apache
strict-transport-security: max-age=31536000
vary: User-Agent
x-content-type-options: nosniff

GET
H2 200 content.css
www.beckershospitalreview.com/plugins/system/jce/css/ 8 KB
1 KB 120ms
118ms Stylesheet
text/css 67.227.242.177
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beckershospitalreview.com/plugins/system/jce/css/content.css?badb4208be409b1335b815dde676300e

Requested by

Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

web02.beckersasc.com

Software

Apache /

Resource Hash

883a3478c49797b4b589354563917f957be99ea498dbf87b2aa19d301e4feef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 21:37:48 GMT
last-modified: Sun, 04 Dec 2022 16:18:48 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=1
accept-ranges: bytes
content-length: 1076
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 olytics.css
www.beckershospitalreview.com/templates/beckers/assets/css/ 28 KB
3 KB 121ms
119ms Stylesheet
text/css 67.227.242.177
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beckershospitalreview.com/templates/beckers/assets/css/olytics.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

web02.beckersasc.com

Software

Apache /

Resource Hash

78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 21:37:48 GMT
last-modified: Fri, 27 Aug 2021 04:05:28 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=1
accept-ranges: bytes
content-length: 2815
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
www.beckershospitalreview.com/templates/beckers/assets/javascript/ 85 KB
30 KB 235ms
233ms Script
application/javascript 67.227.242.177
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beckershospitalreview.com/templates/beckers/assets/javascript/jquery-3.3.1.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

web02.beckersasc.com

Software

Apache /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 21:37:48 GMT
last-modified: Mon, 21 Jan 2019 16:34:29 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=1
accept-ranges: bytes
content-length: 30307
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 jquery.cookie.js Show response
www.beckershospitalreview.com/templates/beckers/assets/javascript/ 3 KB
1 KB 234ms
232ms Script
application/javascript 67.227.242.177
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beckershospitalreview.com/templates/beckers/assets/javascript/jquery.cookie.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

web02.beckersasc.com

Software

Apache /

Resource Hash

b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 21:37:48 GMT
last-modified: Thu, 31 May 2018 01:41:08 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=1
accept-ranges: bytes
content-length: 1365
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 common.js Show response
www.beckershospitalreview.com/templates/beckers/assets/javascript/ 91 KB
20 KB 122ms
121ms Script
application/javascript 67.227.242.177
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beckershospitalreview.com/templates/beckers/assets/javascript/common.js?version=26

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

web02.beckersasc.com

Software

Apache /

Resource Hash

d7ff3d860e756089b3a8b543afd74434c6cb01715279f1efa26e37ac2dcf7bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 21:37:48 GMT
last-modified: Thu, 29 Dec 2022 16:28:15 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=1
accept-ranges: bytes
content-length: 20496
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 disqus-loader.js Show response
www.beckershospitalreview.com/templates/beckers/assets/javascript/ 1 KB
843 B 232ms
231ms Script
application/javascript 67.227.242.177
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beckershospitalreview.com/templates/beckers/assets/javascript/disqus-loader.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

web02.beckersasc.com

Software

Apache /

Resource Hash

df8f37a70e2d573e88b8ba0b3a336c3b1dd3c013ca40e715edcdd7883b86e543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 21:37:48 GMT
last-modified: Thu, 17 Nov 2022 13:08:17 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=1
accept-ranges: bytes
content-length: 784
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 master.css
www.beckershospitalreview.com/templates/beckers/assets/css/ 136 KB
18 KB 235ms
234ms Stylesheet
text/css 67.227.242.177
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=26

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

web02.beckersasc.com

Software

Apache /

Resource Hash

6b4564cb731fe3dabac79ce0fe9cc039cbc57ca5394638e8c5eea416372dcc9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 21:37:48 GMT
last-modified: Mon, 30 Jan 2023 20:13:38 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=1
accept-ranges: bytes
content-length: 18045
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 505 KB
159 KB 60ms
29ms Script
application/javascript 2606:4700::6811:b649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5736f20e2a413433b3af338e6cccd1318197981ce66e68ac810e723ccbf9c10c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:48 GMT
x-amz-version-id: JAvvLYrbAadG1K4h0HWbN.C2V4PipDw0
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 479
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2642/bundles/project-v2.js&cfRay=793e43a65e16bbb5-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Feb 2023 10:10:35 UTC
server: cloudflare
etag: W/"bc37deecb11dd26ba785db0381926c28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4wh0fWy0%2FbZZ2JfJKutgnjpHZf4UeOuzXEyDkda0eiE2YZtWEtNtXDXWW3E33Ed%2Fs69SgBK8HsLo%2BmlvrAUmIbUEUC%2FpjXxFTNOZpjt240Gl8MhTMMfKAEFbZofkvLhaSftPONCUj4HW2w5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 793e4f58eade901c-FRA
x-amz-cf-id: xN1QUUvwlijX9DRc0JjZQN8RLMjUGBhD2ej0febsl2AiN-MA0uCI7A==
x-hs-target-asset: forms-embed/static-1.2642/bundles/project-v2.js

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 131ms
51ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5366982-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b0289f2ec5da31c3c6762aab71b7709c4c456382e059cc6eefebf489eb12e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43860
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
82 KB 133ms
93ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TR9H4RENNB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

175cf49aeecf07d61c4f3cc4d1c7ca741eb93e53c5698547405ede43619bd92c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83361
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 health-it-logo.png
www.beckershospitalreview.com/templates/beckers/assets/images/ 4 KB
4 KB 240ms
238ms Image
image/png 67.227.242.177
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beckershospitalreview.com/templates/beckers/assets/images/health-it-logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

web02.beckersasc.com

Software

Apache /

Resource Hash

d635525e019c41dc7afd21e3dfb2e44af7b53470fd648b0b40d05ff2098fc4d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Feb 2023 21:37:49 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Mar 2020 21:59:38 GMT
server: Apache
vary: User-Agent
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4534
expires: Sun, 05 Mar 2023 21:37:49 GMT

GET
H2 200 Payer_Apply_to_be_a_live_Conference_Reviewer_2.png
www.beckershospitalreview.com/images/ 123 KB
124 KB 122ms
120ms Image
image/png 67.227.242.177
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beckershospitalreview.com/images/Payer_Apply_to_be_a_live_Conference_Reviewer_2.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

web02.beckersasc.com

Software

Apache /

Resource Hash

7af3ee330e9184e8cd282cb34ad56f946e5850702779f32d5067474cd7ef0d50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Feb 2023 21:37:49 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Jan 2023 22:40:05 GMT
server: Apache
vary: User-Agent
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 126321
expires: Sun, 05 Mar 2023 21:37:49 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/beckershospitalreview.com/ 45 KB
17 KB 56ms
7ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/beckershospitalreview.com/p.js
Requested by: Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 16eb3771501078a5c2b3c0b1c09fd127abc7dc2e945526dce9c5ce5f3b8e8e2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: public
date: Fri, 03 Feb 2023 01:09:44 GMT
content-encoding: gzip
via: 1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified: Mon, 12 Oct 2020 20:13:27 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 73781
etag: W/"5f84b8e7-b52e"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: Tv2KLodX6tPOYYmeCCpaHFITkJXX2bYiYvjkLY69g6ek0NpsDk1THw==
expires: Sat, 04 Feb 2023 01:08:08 GMT

GET
H2 200 asyncjs.php Show response
ads.asccommunications.com/www/delivery/ 10 KB
4 KB 705ms
190ms Script
text/javascript 209.59.186.75
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.asccommunications.com/www/delivery/asyncjs.php
Requested by: Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.59.186.75 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: dev02.beckersasc.com
Software: Apache /
Resource Hash: d993da21f665c2de3ee71ae2e6844e58109b578b6529e529e2bf60b6496934d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: gzip
server: Apache
etag: 19d993847e8f680667fa7baf636da235
vary: Accept-Encoding,User-Agent
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600, max-age=2592000
expire: Fri, 03 Feb 2023 22:37:49 GMT
content-length: 3551
expires: Sun, 05 Mar 2023 21:37:49 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 138ms
54ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/common.js?version=26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fbb064d01b24448eaed943710487f7cf539bd2f56d8650d96fd110121e892f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27308
x-xss-protection: 0
server: sffe
etag: "1472 / 760 of 1000 / last-modified: 1675426133"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 olytics.min.js Show response
olytics.omeda.com/olytics/js/v3/p/ 263 KB
72 KB 200ms
49ms Script
application/javascript 2600:9000:234e:2a00:1e:5cef:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Requested by

Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/common.js?version=26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:234e:2a00:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

6bd8a3d8dce116787274c58b9b0ed3d4284191a80cb1249d49c60ef96ade5d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 20:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
age: 5672
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Oct 2022 19:43:20 GMT
server: Apache
etag: W/"269579-1665603800000"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=21600
accept-ranges: bytes
x-amz-cf-id: cyzOmNsKu8zse9ggfmLFmprI3JxOZs5PIQJG3G1sJBz3ZGKWeh_vXQ==
expires: Fri, 03 Feb 2023 14:03:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 97 KB
38 KB 96ms
57ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5SM99NH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f2237ebecdcadb0094e79dc017c9a0ba8a52621453afaa54fd9981b2ba42bcf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39218
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 498900.js Show response
js.hs-analytics.net/analytics/1675460400000/ 69 KB
21 KB 200ms
168ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1675460400000/498900.js
Requested by: Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 851ff07292efb4046385f062e9f6d6b3996e1476731a3a9f3fff13141e55cda7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: NAHAC2DN9N61T510
x-amz-server-side-encryption: AES256
x-amz-id-2: oDgA7jjLHrMIQlvVldgj06Zka2sXKnBwXitF/9/FffQYCIEt3b5TES+NonbRiB3t9hSyBMjwoJ4=
last-modified: Wed, 18 Jan 2023 19:56:51 GMT
server: cloudflare
etag: W/"efe6d0b465a213dd6fd67d6bcd75a140"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 793e4f5aac5130fa-FRA
expires: Fri, 03 Feb 2023 21:42:49 GMT

GET
H2 200 63d2dcd12219d9a79f853ef8 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 215ms
177ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/63d2dcd12219d9a79f853ef8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4ba20b9d27e2920f2c46a49e560ef0924ec6926170fc094a201faa5d60f93739

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 793e4f5abf6590c0-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 updateHits.php Show response
www.beckershospitalreview.com/ 0
45 B 231ms
230ms XHR
text/html 67.227.242.177
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beckershospitalreview.com/updateHits.php?articleId=218085

Requested by

Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/jquery-3.3.1.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

web02.beckersasc.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Feb 2023 21:37:49 GMT
x-content-type-options: nosniff
server: Apache
vary: User-Agent
content-type: text/html; charset=UTF-8
cache-control: max-age=1
content-length: 0
expires: Fri, 03 Feb 2023 21:37:50 GMT

GET
H2 200 hutk-analyze.php Show response
processor.asccommunications.com/ 0
141 B 828ms
185ms XHR
text/html 209.59.186.75
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://processor.asccommunications.com/hutk-analyze.php?hash=
Requested by: Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.59.186.75 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: dev02.beckersasc.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.beckershospitalreview.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
server: Apache
vary: User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: max-age=600
content-length: 0
expires: Fri, 03 Feb 2023 21:47:49 GMT

GET
H2 200 hutk-clicks.php Show response
processor.asccommunications.com/ 0
21 B 831ms
189ms XHR
text/html 209.59.186.75
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://processor.asccommunications.com/hutk-clicks.php?hash=&referer=https%3A%2F%2Ft.co%2F
Requested by: Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.59.186.75 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: dev02.beckersasc.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.beckershospitalreview.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
server: Apache
vary: User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: max-age=600
content-length: 0
expires: Fri, 03 Feb 2023 21:47:49 GMT

GET
H/1.1

200
OK

https://my.beckershospitalreview.com/is-user-logged-in.html?_=1675460269155
https://my.beckershospitalreview.com/login.html

11 KB
11 KB

323ms
322ms

XHR
text/html

50.28.99.4
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://my.beckershospitalreview.com/login.html

Requested by

Protocol

HTTP/1.1

Server

50.28.99.4 , United States, ASN53824 (LIQUIDWEB, US),

Reverse DNS

host.beckersasc.com

Software

Apache /

Resource Hash

9e763e0aec31627d8b89826948020093adbfd0f35278a2e4da15ad2f53a32342

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 21:37:50 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Feb 2023 21:37:50 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.beckershospitalreview.com
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Permissions-Policy: interest-cohort=()
Connection: Keep-Alive
Keep-Alive: timeout=2, max=499
Expires: Wed, 17 Aug 2005 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 21:37:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Feb 2023 21:37:50 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Location: /login.html
Access-Control-Allow-Origin: https://www.beckershospitalreview.com
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=2, max=500
Expires: Wed, 17 Aug 2005 00:00:00 GMT

GET
H2 200 get-article-keywords.php Show response
www.beckershospitalreview.com/ 82 B
111 B 223ms
222ms XHR
text/html 67.227.242.177
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beckershospitalreview.com/get-article-keywords.php?articleId=218085

Requested by

Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/common.js?version=26

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

web02.beckersasc.com

Software

Apache /

Resource Hash

070960ca509da77430cfbc7aef04290e7c8acb965a19a9942918792a37b6ddcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 21:37:49 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: max-age=1
content-length: 78
expires: Fri, 03 Feb 2023 21:37:50 GMT

GET
DATA 200
OK truncated
/ 448 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e99eec91877cb48a488d66fb46a05c2917c34bfde894e376a7ac901858dc94a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 272 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 382230b7d9b7d39592102e3d97d45c14d545781a81bb0d1cf09974365f54a03c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 911 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 809769f60c779d246f5ca5dee9f5440029521605298ca309891d9639a7653c56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 801 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adfd008697cea31868e69da20438df1b722533fb55c92db8ac9e0071fdafc710

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 322 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc5efb734cff97f4c99ec03f9638a0eba36c9808095ff12b733054c459ba050f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 459 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6d37a03d74e2579f9dd1bdae5b32dd80224e22f0e41308bfdfbf91fe7686a6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 437 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cae4941b45d130f40756c688ebe31288a0a473d547feb96abfe5eeb436194db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 404 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e78b00d7d535a11a6ed01c387c8c74a62024287f3db4d7dca17c5efde84307b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK embed.js Show response
beckershospitalreview.disqus.com/ 78 KB
26 KB 310ms
158ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://beckershospitalreview.disqus.com/embed.js

Requested by

Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/disqus-loader.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

1df211e49ac79925ff59e0b410832d5fab393c93fb86c77a5c80ad880b324c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 21:37:49 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=300; includeSubdomains
Server: openresty
Age: 0
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25637

GET
H2 200 get-assets-bhr.php Show response
processor.asccommunications.com/widgets/ 3 KB
1 KB 811ms
197ms XHR
text/html 209.59.186.75
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://processor.asccommunications.com/widgets/get-assets-bhr.php?count=10&type=whitepaper&cssClass=cWhitepapers&url=https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
Requested by: Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/common.js?version=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.59.186.75 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: dev02.beckersasc.com
Software: Apache /
Resource Hash: c61caad7540b4acbdc26fb12c011ac064e35cf104e3377fe20762487eb2cc9ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: max-age=600
content-length: 1048
expires: Fri, 03 Feb 2023 21:47:49 GMT

GET
H2 200 get-assets-bhr.php Show response
processor.asccommunications.com/widgets/ 2 KB
675 B 814ms
199ms XHR
text/html 209.59.186.75
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://processor.asccommunications.com/widgets/get-assets-bhr.php?count=5&type=webinar&cssClass=undefined&url=https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
Requested by: Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/common.js?version=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.59.186.75 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: dev02.beckersasc.com
Software: Apache /
Resource Hash: 44d9ce844e7e4c1fc5658eb7b2303948780c4b02a9164484a6b4302aaaf08b19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: max-age=600
content-length: 642
expires: Fri, 03 Feb 2023 21:47:49 GMT

GET
H/1.1 200
OK /
srv-2023-02-03-21.pixel.parsely.com/plogger/ 43 B
257 B 449ms
104ms Image
image/gif 34.231.207.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2023-02-03-21.pixel.parsely.com/plogger/?rand=1675460269249&plid=7667300&idsite=beckershospitalreview.com&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&urlref=https%3A%2F%2Ft.co%2F&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&sref=https%3A%2F%2Ft.co%2F&sts=1675460269246&slts=0&title=%27Killnet%27+has+allegedly+exfiltrated+data+from+hospitals%2C+health+systems&date=Fri+Feb+03+2023+21%3A37%3A49+GMT%2B0000+(GMT)&action=pageview&pvid=11385711&u=pid%3D6255722a5992a26d25f95dec7c19fa86
Requested by: Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.207.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-207-29.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 21:37:49 GMT
Cache-Control: no-cache
Last-Modified: Friday, 03-Feb-2023 21:37:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 rss.png
www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/ 2 KB
2 KB 177ms
174ms Image
image/png 67.227.242.177
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/rss.png

Requested by

Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=26

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

web02.beckersasc.com

Software

Apache /

Resource Hash

44333b43b6193e3b13ea2d8253464ac87b5a13b51df406a1e2f3d8498da38db0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Feb 2023 21:37:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 06 Nov 2016 02:31:09 GMT
server: Apache
vary: User-Agent
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1943
expires: Sun, 05 Mar 2023 21:37:49 GMT

GET
H2 200 linkedin.png
www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/ 2 KB
2 KB 178ms
175ms Image
image/png 67.227.242.177
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/linkedin.png

Requested by

Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=26

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

web02.beckersasc.com

Software

Apache /

Resource Hash

6d2d7df168329692db78d767ec9d036acf3a8c5504fbe6100b963f0dad3d5503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Feb 2023 21:37:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 06 Nov 2016 02:31:08 GMT
server: Apache
vary: User-Agent
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1657
expires: Sun, 05 Mar 2023 21:37:49 GMT

GET
H2 200 twitter.png
www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/ 2 KB
2 KB 176ms
174ms Image
image/png 67.227.242.177
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/twitter.png

Requested by

Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=26

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

web02.beckersasc.com

Software

Apache /

Resource Hash

ee97deb871f1fdc91ff3363932be46c0fe0a3cc7e72f7d297c0fb229afd37e87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Feb 2023 21:37:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 06 Nov 2016 02:31:09 GMT
server: Apache
vary: User-Agent
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1945
expires: Sun, 05 Mar 2023 21:37:49 GMT

GET
H2 200 facebook.png
www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/ 1 KB
2 KB 178ms
175ms Image
image/png 67.227.242.177
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/facebook.png

Requested by

Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=26

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

web02.beckersasc.com

Software

Apache /

Resource Hash

6449898e8b0c4047b3ff73d3274e616acc3849f6c5fad709ffa8010f91bdb4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Feb 2023 21:37:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 06 Nov 2016 02:31:08 GMT
server: Apache
vary: User-Agent
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1518
expires: Sun, 05 Mar 2023 21:37:49 GMT

GET
H2 200 youtube.png
www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/ 2 KB
2 KB 177ms
175ms Image
image/png 67.227.242.177
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/youtube.png

Requested by

Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=26

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

web02.beckersasc.com

Software

Apache /

Resource Hash

8b85e9af1927bb7e92829d026f9f3b4854d24e6f942235e5931e390ac54a490f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Feb 2023 21:37:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 06 Nov 2016 02:31:09 GMT
server: Apache
vary: User-Agent
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2272
expires: Sun, 05 Mar 2023 21:37:49 GMT

GET
H2 200 json Show response
forms.hsforms.com/embed/v3/form/498900/7dcacd71-8aa3-4d69-8929-c2a110c47927/ 2 KB
2 KB 154ms
124ms XHR
application/json 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/498900/7dcacd71-8aa3-4d69-8929-c2a110c47927/json?hs_static_app=forms-embed&hs_static_app_version=1.2642&X-HubSpot-Static-App-Info=forms-embed-1.2642

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81f0a118a293d1eed5327bfa7ad77b8f86ec9f7d8d2b176ba8b695e6bc772f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.beckershospitalreview.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-origin-hublet: na1
date: Fri, 03 Feb 2023 21:37:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: f020b8e2-1adb-4011-b2ec-61e4291e4872
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BD99EB244A7497EFA78E4295366924433C4A5018E000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.beckershospitalreview.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 793e4f5b1ca492ad-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
81 KB 61ms
60ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TR9H4RENNB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SM99NH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24aec7e0f4018b25d80c0953ff8bb42da7ff7fa1c8e39423f94138d35c436dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83300
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 52ms
52ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5366982-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SM99NH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9fac294d5439bb7e6e5942ef982c6d3dfb7922559749fa38907fb4e0b03010b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43866
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 45ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5366982-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 20:54:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2579
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 03 Feb 2023 22:54:50 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
264 B 47ms
22ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TR9H4RENNB&gtm=45je3210&_p=551022391&cid=199262485.1675460269&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675460269&sct=1&seg=0&dl=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&dr=https%3A%2F%2Ft.co%2F&dt=%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TR9H4RENNB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 21:37:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2023020101.js Show response
securepubads.g.doubleclick.net/gpt/ 383 KB
130 KB 125ms
26ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bcf382c861841335ec9ae5b803af26521b953cee0c2cc4fa291b5cd25f2311e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119919
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132509
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 09:37:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 02 Feb 2024 12:19:10 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 51 B
589 B 159ms
63ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.beckershospitalreview.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14aedbb1a683d0d7092b9c0173961368cbad6e8744b17a474788d1afa747fabc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47
x-xss-protection: 0
expires: Fri, 03 Feb 2023 21:37:49 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
217 B 22ms
21ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=551022391&t=pageview&_s=1&dl=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=814289787&gjid=879131305&cid=199262485.1675460269&tid=UA-5366982-1&_gid=1480741398.1675460269&_r=1&_slc=1&gtm=457e3210&cd2=Cybersecurity&cd3=Health%20IT&cd4=Naomi%20Diaz&cd6=2023-02-01%2016%3A58%3A13&cd7=&cd8=&z=1058865638

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.beckershospitalreview.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 21:37:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 data.js Show response
tags.clickagy.com/ 38 KB
14 KB 62ms
21ms Script
application/javascript 2606:4700::6812:3eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Requested by: Host: ws.zoominfo.com
URL: https://ws.zoominfo.com/pixel/63d2dcd12219d9a79f853ef8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:3eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8557723acebc8e4c614ab5168c4d46da69a93ea0b7ae4ad2851bf1e10302690e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
x-amz-version-id: swy_aEi2mFevUnIx1k7ucq8H7V0abBgM
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 36165
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 11 Jan 2023 20:57:47 GMT
server: cloudflare
etag: W/"7dc7bc84811d5ae6527d61d30e0e1f4d"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 793e4f5c19339010-FRA
x-amz-cf-id: Y2R6VpjBeQg5JmAP4tkvUk5BTSLMMBEOOokhRUKQCUwDznE4vuiCDQ==

POST
H3 200 collect Show response
ws.zoominfo.com/pixel/ 0
565 B 143ms
142ms XHR
text/plain 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/collect

Requested by

Host: ws.zoominfo.com
URL: https://ws.zoominfo.com/pixel/63d2dcd12219d9a79f853ef8

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.beckershospitalreview.com/
x-ws-collect-type: xhr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
access-control-allow-origin: https://www.beckershospitalreview.com
access-control-allow-credentials: true
cf-ray: 793e4f5ceef09094-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 collect
ws.zoominfo.com/pixel/ Frame 0
0 170ms
150ms Preflight
text/html 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/collect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ws-collect-type
Access-Control-Request-Method: POST
Origin: https://www.beckershospitalreview.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type
access-control-allow-origin: https://www.beckershospitalreview.com
allow: GET,HEAD,POST
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 793e4f5bfe619094-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 03 Feb 2023 21:37:49 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
395 B 151ms
135ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 651af918-f4c6-4ba5-889c-791b5bb44d3d
x-trace: 2BCA95EC34ECDDB6EA7DF426A1244CDE7D0FF81D1B000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 793e4f5c08cf904f-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
438 B 157ms
120ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 85ed4b04-c942-4b05-a27a-ebbd3315e399
x-trace: 2B9455B1727D25E0696DAD8BDE9AE60BC48DC018F2000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 793e4f5c893092b1-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 626 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0024db1aa7995507ec914e8dad9d0a126bfca7d705530589b98d7682735c1cbe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 200 olytics
oqs.omeda.com/oqs/rest/ Frame 0
0 576ms
145ms Preflight
text/plain 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.165 Rolling Meadows, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.beckershospitalreview.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Fri, 03 Feb 2023 21:37:49 GMT
Keep-Alive: timeout=5
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 181ms
109ms Fetch
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49763
x-xss-protection: 0
server: cafe
etag: 3763098953803087738
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 21:37:49 GMT

POST
H/1.1 200 olytics Show response
oqs.omeda.com/oqs/rest/ 15 B
354 B 133ms
132ms XHR
application/json 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.165 Rolling Meadows, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

8fed0359a978607741335672c13815cef49036c52f9d3c3173d365840a967ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beckershospitalreview.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 03 Feb 2023 21:37:49 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 9800e102-529b-4d66-b172-f586458855ef Show response
cdp.omeda.com/olytics/segments/o/3c975d3141e541ff8197a5a3b2d3fde9/c/null/a/ 25 B
365 B 701ms
123ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdp.omeda.com/olytics/segments/o/3c975d3141e541ff8197a5a3b2d3fde9/c/null/a/9800e102-529b-4d66-b172-f586458855ef

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.159 Rolling Meadows, United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

2e3d95a11e0bd0b827cfc070a248331c238cc16ddac3c0472242380d04b65fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 21:37:49 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

POST
H2 200 data Show response
aorta.clickagy.com/ 57 B
516 B 377ms
122ms XHR
application/json 54.163.114.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aorta.clickagy.com/data
Requested by: Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.114.10 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-114-10.compute-1.amazonaws.com
Software: Aorta/20230131.88c800859 /
Resource Hash: 462691a4d73382292a9d90115058c8f6ddc9c99bcb3c3e125cacc5ebc702fa3f

Request headers

Referer: https://www.beckershospitalreview.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: gzip
server: Aorta/20230131.88c800859
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.beckershospitalreview.com
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 9050ba4efc18
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 82

GET
H2

204

usersync
pixel-sync.sitescout.com/connectors/clickagy/
Redirect Chain

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag
https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D

0
191 B

158ms
19ms

Image
text/plain

98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
Requested by: Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
Protocol: H2
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 03 Feb 2023 21:37:49 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

date: Fri, 03 Feb 2023 21:37:49 GMT
server: Aorta/20230131.88c800859
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
location: https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: ed1b65fe02a8
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

POST
H2 200 data Show response
aorta.clickagy.com/ 57 B
516 B 375ms
124ms XHR
application/json 54.163.114.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aorta.clickagy.com/data
Requested by: Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.114.10 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-114-10.compute-1.amazonaws.com
Software: Aorta/20230131.88c800859 /
Resource Hash: 462691a4d73382292a9d90115058c8f6ddc9c99bcb3c3e125cacc5ebc702fa3f

Request headers

Referer: https://www.beckershospitalreview.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: gzip
server: Aorta/20230131.88c800859
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.beckershospitalreview.com
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 1e67dc4a72ab
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 82

GET
H2 200 lounge.6d46aa565c1aff855de7c87abad67e09.css
c.disquscdn.com/next/embed/styles/ 0
33 KB 122ms
32ms Other
text/css 2600:9000:211a:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css

Requested by

Host: beckershospitalreview.disqus.com
URL: https://beckershospitalreview.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 02 Feb 2023 18:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 4ca98b546b8d71c72caf6a3d8f75dc24.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 98609
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 33302
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 02 Feb 2023 17:57:57 GMT
server: nginx
etag: "63dbf9a5-8216"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: 8tz3Zyxn1lBzKk-2vh4l4x-6nc_J58_dfRrTpwoSe3fc5bGkoI7lJg==
expires: Fri, 02 Feb 2024 18:14:20 GMT

GET
H2 200 common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js
c.disquscdn.com/next/embed/ 0
93 KB 147ms
58ms Other
application/javascript 2600:9000:211a:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js

Requested by

Host: beckershospitalreview.disqus.com
URL: https://beckershospitalreview.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 18 Jan 2023 17:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 4ca98b546b8d71c72caf6a3d8f75dc24.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 1396334
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94186
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 18 Jan 2023 17:40:51 GMT
server: nginx
etag: "63c82f23-16fea"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: eUg9dALgIV2xgJzIK1ELfPqBVtGAzbszJY-QvIe1G2rhoyyPYRm4Bw==
expires: Thu, 18 Jan 2024 17:45:34 GMT

GET
H2 200 lounge.bundle.5fa14a9f771385c1d8e847d1c143c85d.js
c.disquscdn.com/next/embed/ 0
127 KB 174ms
86ms Other
application/javascript 2600:9000:211a:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.5fa14a9f771385c1d8e847d1c143c85d.js

Requested by

Host: beckershospitalreview.disqus.com
URL: https://beckershospitalreview.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 02 Feb 2023 18:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 4ca98b546b8d71c72caf6a3d8f75dc24.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 98608
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 129580
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 02 Feb 2023 17:57:57 GMT
server: nginx
etag: "63dbf9a5-1fa2c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: MUuEEmyWv9L_AHkreA4tkXWS9UOcMfhkBP4oPWYe-h10bxshSK6hxg==
expires: Fri, 02 Feb 2024 18:14:21 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
17 KB 57ms
8ms Other
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: beckershospitalreview.disqus.com
URL: https://beckershospitalreview.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 21:37:49 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 20
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 17077
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK analyze-url.php Show response
processor2.asccommunications.com/ 1 B
275 B 777ms
200ms XHR
text/html 50.28.99.4
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://processor2.asccommunications.com/analyze-url.php?url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter
Requested by: Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.28.99.4 , United States, ASN53824 (LIQUIDWEB, US),
Reverse DNS: host.beckersasc.com
Software: Apache /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept: */*
Referer: https://www.beckershospitalreview.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.beckershospitalreview.com
Date: Fri, 03 Feb 2023 21:37:50 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=500
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 169ms
62ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.beckershospitalreview.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 150ms
56ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.beckershospitalreview.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 899 B
687 B 119ms
117ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1469781492397556&correlator=2177171163204916&eid=31072024%2C31072165%2C31072169&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fif&iu_parts=30116360%2CHR_Cyber_Security_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=1456x180%7C728x90&ifi=1&adks=1421399717&sfv=1-0-40&cust_params=category%3DCybersecurity&sc=1&cookie_enabled=1&abxe=1&dt=1675460269653&lmt=1675460268&dlt=1675460268905&idt=689&adxs=100&adys=219&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&psz=1019x252&msz=1019x126&fws=4&ohw=1019&ga_vid=199262485.1675460269&ga_sid=1675460270&ga_hid=551022391&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16c4b24fa18b5aaf402333bf80e51d41b3607cc0b3cd87dd7f3dae180be2a2ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 510
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 114ms
111ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1469781492397556&correlator=2177171163204916&eid=31072024%2C31072165%2C31072169&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fif&iu_parts=30116360%2CHR_Homepage_Top_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=1456x180%7C728x90&ifi=2&adks=3656762645&sfv=1-0-40&cust_params=category%3DCybersecurity&sc=1&cookie_enabled=1&abxe=1&dt=1675460269662&lmt=1675460268&dlt=1675460268905&idt=689&adxs=100&adys=345&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&psz=1019x252&msz=1019x126&fws=4&ohw=1019&ga_vid=199262485.1675460269&ga_sid=1675460270&ga_hid=551022391&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5681f49cf3b64bb9f4d7d0f955bafd17659aff75029295b2d1f4c0f8a1f3ed63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13335
x-xss-protection: 0
google-lineitem-id: 5971778143
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138387540463
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 556 B
447 B 117ms
115ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1469781492397556&correlator=2177171163204916&eid=31072024%2C31072165%2C31072169&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fif&iu_parts=30116360%2CHR_HIT_600x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=1200x180%7C600x90&ifi=3&adks=3313594498&sfv=1-0-40&cust_params=category%3DCybersecurity&sc=1&cookie_enabled=1&abxe=1&dt=1675460269665&lmt=1675460268&dlt=1675460268905&idt=689&adxs=115&adys=583&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&psz=950x262&msz=840x126&fws=4&ohw=840&ga_vid=199262485.1675460269&ga_sid=1675460270&ga_hid=551022391&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1f4143ed79f1dcad39c2b6b78234d6eedd16f56b454a3f7403b47c34ac54315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 270
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 567 B
459 B 90ms
89ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1469781492397556&correlator=2177171163204916&eid=31072024%2C31072165%2C31072169&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fif&iu_parts=30116360%2CHR_Cyber_Security_600x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=1200x180%7C600x90&ifi=4&adks=544680991&sfv=1-0-40&cust_params=category%3DCybersecurity&sc=1&cookie_enabled=1&abxe=1&dt=1675460269667&lmt=1675460268&dlt=1675460268905&idt=689&adxs=115&adys=709&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&psz=950x262&msz=840x126&fws=4&ohw=840&ga_vid=199262485.1675460269&ga_sid=1675460270&ga_hid=551022391&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33e459b26c21444650f5073aadaa7ce3dd0dc08d4c3990f8206f9f78dca35124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 282
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 569 B
463 B 96ms
94ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1469781492397556&correlator=2177171163204916&eid=31072024%2C31072165%2C31072169&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fif&iu_parts=30116360%2CHR_Cyber_Security_500x350&enc_prev_ius=%2F0%2F1&prev_iu_szs=1000x700%7C500x350&ifi=5&adks=3397214390&sfv=1-0-40&cust_params=category%3DCybersecurity&sc=1&cookie_enabled=1&abxe=1&dt=1675460269671&lmt=1675460268&dlt=1675460268905&idt=689&adxs=115&adys=1997&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&psz=965x1920&msz=700x490&fws=4&ohw=700&ga_vid=199262485.1675460269&ga_sid=1675460270&ga_hid=551022391&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19f5ca9e25c1446701408c8e85d6003e37ea5096d004cb0419e05b54081ce836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 285
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 126ms
125ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1469781492397556&correlator=2177171163204916&eid=31072024%2C31072165%2C31072169&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fif&iu_parts=30116360%2CHR_Homepage_300x250-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=600x500%7C300x250&ifi=6&adks=2638920786&sfv=1-0-40&cust_params=category%3DCybersecurity&sc=1&cookie_enabled=1&abxe=1&dt=1675460269673&lmt=1675460268&dlt=1675460268905&idt=689&adxs=1095&adys=591&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&psz=390x0&msz=390x0&fws=4&ohw=1400&ga_vid=199262485.1675460269&ga_sid=1675460270&ga_hid=551022391&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d44d2c930c6c9f030dc2a86f3744742b33dc44393430911f7acc04f09d8474f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12965
x-xss-protection: 0
google-lineitem-id: 5971788937
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138386986877
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 576 B
809 B 82ms
80ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1469781492397556&correlator=2177171163204916&eid=31072024%2C31072165%2C31072169&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fif&iu_parts=30116360%2CHR_Cyber_Security_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=600x500%7C300x250&ifi=7&adks=3546172718&sfv=1-0-40&cust_params=category%3DCybersecurity&sc=1&cookie_enabled=1&abxe=1&dt=1675460269675&lmt=1675460268&dlt=1675460268905&idt=689&adxs=1095&adys=591&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&psz=390x0&msz=390x0&fws=4&ohw=1400&ga_vid=199262485.1675460269&ga_sid=1675460270&ga_hid=551022391&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe00cdfc7fcf38d59a3841ae6394116ba995760c5a5f1ca6d4e41aec55f67a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 132ms
131ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1469781492397556&correlator=2177171163204916&eid=31072024%2C31072165%2C31072169&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fif&iu_parts=30116360%2CHR_Homepage_300x250-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=600x500%7C300x250&ifi=8&adks=1799648656&sfv=1-0-40&cust_params=category%3DCybersecurity&sc=1&cookie_enabled=1&abxe=1&dt=1675460269677&lmt=1675460268&dlt=1675460268905&idt=689&adxs=1095&adys=591&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&psz=390x0&msz=390x0&fws=4&ohw=1400&ga_vid=199262485.1675460269&ga_sid=1675460270&ga_hid=551022391&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e878246b255741a9576c0b93eedfee719182429e20f5e00b1eadcc531b31ee97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12962
x-xss-protection: 0
google-lineitem-id: 5424323448
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138383353291
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 140ms
139ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1469781492397556&correlator=2177171163204916&eid=31072024%2C31072165%2C31072169&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fif&iu_parts=30116360%2CHR_Homepage_Bottom_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=1456x180%7C728x90&ifi=9&adks=3878006664&sfv=1-0-40&cust_params=category%3DCybersecurity&sc=1&cookie_enabled=1&abxe=1&dt=1675460269680&lmt=1675460268&dlt=1675460268905&idt=689&adxs=100&adys=2492&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&psz=728x95&msz=728x90&fws=4&ohw=728&ga_vid=199262485.1675460269&ga_sid=1675460270&ga_hid=551022391&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31733a994cc4052bacc6bda171e4981b20485fc222134e61b220a8273174983a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12954
x-xss-protection: 0
google-lineitem-id: 5368719971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138385032310
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 133ms
132ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1469781492397556&correlator=2177171163204916&eid=31072024%2C31072165%2C31072169&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fif&iu_parts=30116360%2CHR_Pop_Up_550x480&enc_prev_ius=%2F0%2F1&prev_iu_szs=550x480&ifi=10&adks=632507170&sfv=1-0-40&cust_params=category%3DCybersecurity&sc=1&cookie_enabled=1&abxe=1&dt=1675460269682&lmt=1675460268&dlt=1675460268905&idt=689&adxs=0&adys=2607&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=199262485.1675460269&ga_sid=1675460270&ga_hid=551022391&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd305fda60f9450ee53cdfb8d1fcbb527ba7a66da4f631de3eb69eeb6e048a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13350
x-xss-protection: 0
google-lineitem-id: 6147520760
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138410690898
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 565 B
461 B 131ms
130ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1469781492397556&correlator=2177171163204916&eid=31072024%2C31072165%2C31072169&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fif&iu_parts=30116360%2CHR_HIT_Pop_Up_550x480&enc_prev_ius=%2F0%2F1&prev_iu_szs=550x480&ifi=11&adks=3637714767&sfv=1-0-40&cust_params=category%3DCybersecurity&sc=1&cookie_enabled=1&abxe=1&dt=1675460269684&lmt=1675460268&dlt=1675460268905&idt=689&adxs=0&adys=2607&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=199262485.1675460269&ga_sid=1675460270&ga_hid=551022391&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f093000fe816b723c9f93ec96c6dcf834669ef570c4358741208a3f6dad6988b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b3c3a27dd2f77fade3ed005759cd1474.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 59BF 6 KB
3 KB 278ms
76ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b3c3a27dd2f77fade3ed005759cd1474.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.beckershospitalreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 21:37:49 GMT
expires: Sat, 03 Feb 2024 21:37:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hasHashes Show response
hemsync.clickagy.com/external/ 2 B
336 B 438ms
104ms XHR
text/plain 34.233.16.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
Requested by: Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-16-172.compute-1.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
content-encoding: gzip
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.beckershospitalreview.com
access-control-expose-headers: content-length, last-modified, expires, content-type
access-control-allow-credentials: true
content-length: 28

GET
H2 200 hasHashes Show response
hemsync.clickagy.com/external/ 2 B
335 B 438ms
105ms XHR
text/plain 34.233.16.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
Requested by: Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-16-172.compute-1.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
content-encoding: gzip
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.beckershospitalreview.com
access-control-expose-headers: content-length, last-modified, expires, content-type
access-control-allow-credentials: true
content-length: 28

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 97E1 7 KB
4 KB 115ms
114ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=218085&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html&t_d=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&t_t=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&s_o=default

Requested by

Host: beckershospitalreview.disqus.com
URL: https://beckershospitalreview.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0a55e798cfc5f96b463b8107b341c3b956ebc3bfa5eb655c6e746cc56c658e36

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beckershospitalreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 31
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2918
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 03 Feb 2023 21:37:49 GMT
ETag: W/"lounge:view:9559927863.b16101786a6e4dd395c671df17859f60.2"
Last-Modified: Wed, 01 Feb 2023 16:58:41 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

HEAD
H3 200 gpt.js
www.googletagservices.com/tag/js/ 0
0 111ms
68ms Fetch
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27320
x-xss-protection: 0
server: sffe
etag: "1472 / 225 of 1000 / last-modified: 1675426045"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 327D 0
0 72ms
70ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviIM03bKUq5j7D5jgW1_WWisMMu-ntTqmnxnVfvqDow2dturyzhlENVqhOgrxeRSFNCHcAGjBr7UfmdmH8oRY7lwtlmNeUYBdxIFtm_-FhjJOayvXQlvcitfdCd5ws9M841khkOl5Kk4IhcfR-RJZQXKJUoGStFX8ZBxlpfAvWJ2Ja67wROx23F4MpTC63QwJcyrwqP1_2pGFWbFUF-J4nqxsoLUvmBmGP6NDshcdaCc61DsErE2OoVVrruzvjHWYbKjwmq2lgGiFeybH7mlnydxQEb8fBxVNgKsCaUKIlImL8K5u6-MJsKFLleb6-VIJTN85D60OB8S81rUE31fWcppEJYpTQFXc&sai=AMfl-YR5sCCnGiVh0Oqm7Jk8ajoJm2FqmP5YhptG2W-UlWi1d6FYFXicybihjcT3Yb5HU4HM2h5BQtqSA8TXmeOWFil20VqFq39sGXYPdklI32v5PMI9yQOKwSD55KueT-65ImpgQD5MzC4R7zeqfo4&sig=Cg0ArKJSzGPo6_p94lHkEAE&uach_m=[UACH]&adurl=

Requested by

Host: t.co
URL: https://t.co/NG8RwvXsGV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 327D 3 KB
2 KB 161ms
61ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 327D 157 KB
48 KB 109ms
107ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 15146627564506785065
tpc.googlesyndication.com/simgad/ Frame 327D 95 KB
95 KB 166ms
65ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15146627564506785065

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57f89e583381f9671bb28a781e8a3be698e625902de675b3928665c60b6a49ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 05:28:00 GMT
x-content-type-options: nosniff
age: 58189
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97043
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 17:26:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Feb 2024 05:28:00 GMT

GET
DATA 200
OK truncated
/ Frame 327D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cc62a927a74e39af8e5c748afac525cf7cd53b57d6e087aea88dfecdd62bce8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6117 0
0 64ms
63ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuu_ZNrQH6gDIg89SWy3f2Roi4_shqiJ7S8ldNgYETQaPi5X1lpiKQ87VanIgRqIbRBKVMKAzpfttLf10-uN7SD_sOOOApCRohlBLTwFMKEueUWMDLJr7GcwP3L7DWJTYcAnSEOgUmKwKo8pH4IOO10zJh1CibZvICsI6roY0Mye3irqd3pXM8YRkvkbFFVaKfidiHVskWmku9_r7GdkFDIi2tx6ZeL6y_vhoqwMKa4ehTenTmSVhxgH3rw_8B-ZQD6_sw54lmo0wqUCjKy3La18v7lc8hRuwU_zY9VtuUMtb9o4njKG6bfD9WEScUl3XERUDk1JpJ_aw4q9i6GholPGOn1iIQdxw&sai=AMfl-YTIYgZKFflzwN_BLR_T5DW3ChxNrqqmVvWzYd0wE-_ecDvd7Ko3viD-dsmk2RwuuycDbYbpmqmnu-XknogIichjPYvCJanYEblWoSPRvn103RYal1o9Uu7yQs15WIUQEEgjqFLWBxUuRzYSaA8&sig=Cg0ArKJSzGA6MmwdRml2EAE&uach_m=[UACH]&adurl=

Requested by

Host: t.co
URL: https://t.co/NG8RwvXsGV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 6117 3 KB
1 KB 143ms
63ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6117 157 KB
48 KB 151ms
149ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 13322197530418059189
tpc.googlesyndication.com/simgad/ Frame 6117 110 KB
110 KB 295ms
215ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13322197530418059189

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf28388abebabf468e69a9f9deb2989a0d07d8bbc64aad1778129e6bf532fdf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112181
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 17:31:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Feb 2024 21:37:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BD7B 0
0 73ms
72ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlY9S9J4G2Jf8fX1V15pCIRx37jFmg10z6Ehx8K6crsKzFwIpK--QSsEiVFD1DIWis9mtHXPAIiWr-fVv8zfEM_9GeVc72b40WWAd862URIyqjWqOY11YAUBjpwWb6LgXKhwRYGixGZuZiyFzl-qN_Up7LzAZ9vQdpmwXROc004hGmxwyBcmFIOfoJlB32Kcf_m6sGJNwQmxatogfXKCRXIBlU-JZrwvG0q2O_z7m9QRzejhiMLAYKmKl1FyzhMlmrml-9XGo_4s1Vx-OkcLPgboRqEB6LrdNo98zT8GsHJxetT3Q8332_xADqNQ4epooG-y_IgrKk54Anqlk0nB-VHT2BoszFJQ&sai=AMfl-YQpt46pjenU1MIvMjvi4eHvAJz9T0warhGIxVLjc6PwmeBFwpRLxZB1OfG6Q0KLtoO-6CXrZPw1OlwlS3_6pgaBZTSFAASKLn56DfYc8gAAvyslsXxmC7IMosccSBIhdV0MOqXNb0tbcMq4i_nB&sig=Cg0ArKJSzCri9iZvlIeuEAE&uach_m=[UACH]&adurl=

Requested by

Host: t.co
URL: https://t.co/NG8RwvXsGV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame BD7B 3 KB
1 KB 130ms
64ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD7B 157 KB
48 KB 157ms
157ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 3183517877028963190
tpc.googlesyndication.com/simgad/ Frame BD7B 90 KB
90 KB 175ms
110ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3183517877028963190

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ecd8462fee70accb2f406be82b051f9607ddbc1e55a1cbccc882c0cbe25c1fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 21:29:34 GMT
x-content-type-options: nosniff
age: 432495
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92069
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 20:34:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 29 Jan 2024 21:29:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9135 0
0 91ms
91ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwuyGCN_yqVWozWh4jLZFrBxDqTjU6GpDdqCc683o8TCsmY1GsZXyAde7mVPBUAKvKrY8fxeaSJRGBlRJFnKi1vBOY7tC9axxgH2Fnajw0hafoRdfG_reVWGkmIrmun666bDEhqUhJZ9va53lsxpsa0cljXR-vf1b7HwA1eeYRtPDypwsF0UN50PYFSddIYvc98fNOQZMCBhbKG5SdgtNck3vzEh0kL3FjwLyadsTbyfL54_NNVHjQ1PSFkCF2XCUZHJCs0z2nxVLjZ6-yDfnxwDdxQEbZ-2S_HBSPRK_sJjIKCPWk-KN6YIFJpGjnfOsuu9weyL63-eSuT_0ea9KPZ0QA&sai=AMfl-YSodGCnJFw8nOX2vQOwJJmn1tsT-64E3vSVaBK7PVpBkXcsJJUX7VWifF91l7-SbhQdwb_N2y6o57ENRDDhVIoC6bV7Dty6lqJO1oXprFUo_6Eu_Z8ZPKrbnOAZoJpcgcaNmQFxz0cw8oKohtw&sig=Cg0ArKJSzEZE5iaaqVJiEAE&uach_m=[UACH]&adurl=

Requested by

Host: t.co
URL: https://t.co/NG8RwvXsGV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 9135 3 KB
1 KB 205ms
205ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9135 157 KB
48 KB 143ms
143ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 17777715902176600408
tpc.googlesyndication.com/simgad/ Frame 9135 31 KB
31 KB 196ms
161ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17777715902176600408

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b31d2b2fa1dc37493df8a079ec3924223f6c194e4d55a798db47f928c6aec29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:52:32 GMT
x-content-type-options: nosniff
age: 189917
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31446
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 16:00:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Feb 2024 16:52:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6300 0
0 82ms
81ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubH8INjRVs_EddELQmm4wScJmf4uWrGyunAgoR5eXsTBz4ORajfJ4iRJQguOzS5kFKm-EMt67LE03wgxdFDiGIXCzwGe0GG9X3iTabesFd0ypirym9E8uQGj3lefH_UvVEK30cFFKShgpe65CA76DN53PdNRYmZ-UJZUU1NjZ3AtCMvudmAAwls3ESG3ubXzLeQ6RUYoJpm9GZInqn45qhBv9863scxGobOB8NoVoOBbXYo5BR7VLHNN43lGGmRGimwQYqzrLT1hRT2B8Zjlmtx_QXvAKYTO8O4PR7Few_cxzmq0yco3KEnY30_01oB0pyO3hU73mWrB3_BfmNzFz_8uDM_FAH709v7Dk&sai=AMfl-YQsVV9fKJudV-H4rfMLiK2uTxbPJWGTVuZECUcMxlQk1uY5qfamNAesJo6WrUBh-C7yp0FgIj9gRN-w45TzXjeSHcGq80uqxRLiRTA_5NBN3eOIaVtHcXvduzjgZ3LAzW1d6H9oTp83WCfwsW_3&sig=Cg0ArKJSzH8vZr2amyZLEAE&uach_m=[UACH]&adurl=

Requested by

Host: t.co
URL: https://t.co/NG8RwvXsGV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 6300 3 KB
1 KB 206ms
205ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6300 157 KB
48 KB 137ms
136ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 21:37:49 GMT

GET
H2 200 9235696770772740121
tpc.googlesyndication.com/simgad/ Frame 6300 76 KB
76 KB 165ms
130ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9235696770772740121

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

802730988dfcca7b2752f4b139cbe9e79ecc7abc81aa649eae2b984df7bce5b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:25:15 GMT
x-content-type-options: nosniff
age: 342754
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77359
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 18:41:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 30 Jan 2024 22:25:15 GMT

GET
DATA 200
OK truncated
/ Frame 6117 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6bb3ba7b2c39447882161ffcd7a8c3f307d50d2abb488162d026ae6d303ddcb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BD7B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4806d59440626c00d25b37074591409b9f644ef4458333fadfbd9b9098e80a46

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9135 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94f4dea710672d3907984e8db32f4c7421a6e3188fb2ff507dffae3775cf4bab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6300 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5eb89c0191f452431837d082aae32b9a929b155a8afbfdc2d563b0e6bcfe2a16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lounge.load.535e02cb37c76499f9768559d5c40585.js Show response
c.disquscdn.com/next/embed/ Frame 97E1 958 B
1 KB 130ms
33ms Script
application/javascript 2600:9000:211a:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.535e02cb37c76499f9768559d5c40585.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=218085&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html&t_d=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&t_t=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b392fce3bf3340c2cd754bb4c728059e822657e17d473ba374963078e3a8b62a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=218085&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html&t_d=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&t_t=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&s_o=default
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 02 Feb 2023 18:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 98608
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 495
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 02 Feb 2023 17:57:56 GMT
server: nginx
etag: "63dbf9a4-1ef"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: 4wZsCTlhfRjjKRTOJ8cTInZ0E8-8e50KoqanVWkNe_QzwoqUeQDw0A==
expires: Fri, 02 Feb 2024 18:14:22 GMT

GET
H2 200 get-assets-bhr.php Show response
processor.asccommunications.com/widgets/ 2 KB
704 B 182ms
181ms XHR
text/html 209.59.186.75
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://processor.asccommunications.com/widgets/get-assets-bhr.php?count=5&type=ondemand&cssClass=undefined&url=https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
Requested by: Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/common.js?version=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.59.186.75 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: dev02.beckersasc.com
Software: Apache /
Resource Hash: 6c47a0bef4b7fa998d5a6d4c6a05680fe0aa289b981979c1f6eed91ccd8c7fa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: max-age=600
content-length: 625
expires: Fri, 03 Feb 2023 21:47:50 GMT

GET
H2 200 common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js Show response
c.disquscdn.com/next/embed/ Frame 97E1 280 KB
93 KB 47ms
47ms Script
application/javascript 2600:9000:211a:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.535e02cb37c76499f9768559d5c40585.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9c72aa9048dc4cb5f976e7b1a5be738cdc5429f35291261fab0036d077afaa51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=218085&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html&t_d=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&t_t=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 18 Jan 2023 17:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 4ca98b546b8d71c72caf6a3d8f75dc24.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 1396335
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94186
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 18 Jan 2023 17:40:51 GMT
server: nginx
etag: "63c82f23-16fea"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: K9g4Gsjfa9dYQNLP2GIH8TkJbGEP8wi_6N1_3bfjzy9nDmlbOxYuDg==
expires: Thu, 18 Jan 2024 17:45:34 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame BD7B 0
0 62ms
62ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLZ_2hkIvt-sP-6SdO8ez14oqR-s9HKk7Ncy-bmiwlAQguexJeEFRiKnqwbBgaFoejYoAvsZjkJaY75yjR5Ws1dSJC1Sy9y2JVEepk-aRupZtmHgAroSIYw2yIY90mwmmkbrw15Sk2ZNZK3A-9slPW974t2jKr2yH34fMO-9aMpA_jVVgeZxgDY_V_jdP0dG4x7EYYRl9nDNn8Yk43BxDJKr3MAqIYC8cJ-qX2mUWAqRDvE_zsmjPYL85vSg1ghU6LDUfLg5kUpFWirA-7WxUtEp-_Rq_FJsJfOQYhjMYFgYdIG3ysIKxBiDcTNOcWJfkdCNo_mwPqhDWaYIWoC45hnBGggm_ojCt3&sai=AMfl-YTahDsCStqF2VMi0sY5F91THahIhopf424--SlXN70-TcMunLlnL2HUXCndqCEcNIUZv0bNPI4RrChsyiT1tJH7yLiGGcvawJrX7iIZh1B7JEyhj02dp3SozaZHsnG0S1Ufs8PpnV4dNE8lcyi0&sig=Cg0ArKJSzB1Ogi9fOrX1EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 21:37:50 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6300 0
0 60ms
59ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjtbA8_gNF9fZw_PIBlczgT1OtUwGyrFzsSNLY6nVSd9mEL3eGY1wHKSDBHOO5iqtcZifH-Jiya3_iHdHRKws3zZDlNczwx8eTc1PydSrtZ_Bj6hNkzuA1N5xCCHsQgdFEWewhKXke8Uyo2dsbuothx1_zC82NqF_982wsSa-mtGRMv-7vpOHfcC1MlwBjv6CU3lxSSu-_NlPjE1ZQERHECs0b_VM86pJweKsW8SB6rN7iA9HFSA_YKtrm82LhERv3LMmT7YYmJRLRhFIUep12hpIw-k6RgPtvbahutjjOCewrFFEv5lAIfCXEL8HwG_2ZsLeoM7-aisv94gOC-VFSqDlXvFHAqSNWaPIADg&sai=AMfl-YSG5ltNmT1zrLOB8Z2MyrUuuz-iBuLunB-tKBBzdonpALBrnd7Wd3EnWeqOZTeGvtqNspVTzu7Jui6PVf2GWSJ7hzSHxWaxCt8lw0I8C0EsxNHm-t_aZy4DtCVbZ3Nk64m3_Zlwvpz4kf3_ywZe&sig=Cg0ArKJSzF0D7_qJh60lEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 21:37:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9135 0
0 59ms
58ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDZBpj0JfzZ8SpjQG9p75IbOFdF_cJq-Zm1o92bCz_NeNO3F4WYW_O35mfBkQBCqtBVOq6Y-4haRTMeYf8k_QXGXf4cCD0uOZNbmqgHYEl0tBNxsam6U7h4V8LxgXW9YthorkJ55Mv9beG1vjJI0noVGPzYTe04pVzqYVqVGVxlFJmxRA_Eg3ALMjcNP3Up4NsMtm5tDWPIgJUs2al2MTsuG0zla9rc_MMbL8lXqxt3YI_BDEnXAIgYiJeb8kgyRb0udLJQgDltXdmLiSHBan9jjG0a4THqPh34t6d6nC8dGCophBcMkUZomkBXhLRdpkUq3IPknJxWvAQihW8-_LoJPmEPVc&sai=AMfl-YRyU7FU1QgB8bYmumtl-h-lQ-mkb_ZKfQuaAPYi5OiJJ5gagamrcLvaI3JZZBa9nsv7DPgsfufIp3aEaFqVM1V92ZucVS3Gb_yT-cA6ERwVBoIrQIsy8BsfdIbY-W6pLfsc_S0ZvcdsfCK53Ig&sig=Cg0ArKJSzM5BboQ7CpyLEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 21:37:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 327D 0
0 57ms
56ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWF5tH0wZ7GEn7-fM-MtcoBoEOa95jgxHybtRnHkzVK-dnUUoZhcnZu_ojY-xvnI9SPPngI823RaInw0-q3entvRxH3Ir5HOJF5IwjHNYhqji0rFKmfWWswgK2r_EvTkmbg4X_qsGHqUyV8EBzoEbKAei-892gZGqG4KzrvkQRCcz4zQo-Vm8Toa31Vv04R-BURcjo4mCLise1HiQ_FmE6vSUVE3P3rCpXwoNoX_WIbCmI6CNTZku3Ym7C3LxwAZpBSbXLyeT9aHX_1of6k24QG75JlCayLwZYzES3AbuLDYTHlnnLG8xkOH1nWr4igPntMgiu8smsN6V9wnhdbFzELoUB4Rjy-BB4dQ&sai=AMfl-YQQf4wHQnTBxH1z6OVrU-uKOik4gOgqGzgwOwLjHzxvlKTzTL_PqDHtJt1Bxvn7dJfFPNbtcrS8VVI0jt1BteCg9NPz7mHD-HmFwLKtfZlvKnokXRF3Bn6yBeowC7CMHPdZX3FxHOCZsmPuAYI&sig=Cg0ArKJSzKcsqJBfuUpuEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 21:37:50 GMT

GET
H2 200 omeda-migrate-cookies.php Show response
processor.asccommunications.com/hubspot/ 0
21 B 193ms
192ms XHR
text/html 209.59.186.75
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://processor.asccommunications.com/hubspot/omeda-migrate-cookies.php
Requested by: Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.59.186.75 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: dev02.beckersasc.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.beckershospitalreview.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
server: Apache
vary: User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: max-age=600
content-length: 0
expires: Fri, 03 Feb 2023 21:47:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6117 0
0 62ms
61ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5OqSXwgiMWG3YjwNLDIxXJoeHxsXDOpxOOAky359wpu6-3PPjFLLVyrs-SrNal7hORF8Ru0ksjspUcyeDM3EaVTMWU055Rqq1atEuf95ZvdAFIxtQhreeGXGcdbySXct3mOCWnyj5gpwTPl8TQ-eY873WnONvLK1F7PFL01z0ywp5-6PQNFMvz_8qIJyHNvDpVPh5k2YDw5NEZxqTOQPQ2Uzzwo7Q-4_lWsks_dtUcO2B8gBB15X80MqovYJi_OCShNSOqYp-3YMpVVZXY4lxqDzuWayuox95lnXdOruw_g8lEAKVrhvrHi7JmlD1OfMmSpz-GPrNLHDXJuu1wvCFBwn_Ro-llLyd&sai=AMfl-YQZBOtKejHQ9zBPud0U1VIrE2lYvHYjPm2I3GF7eM8Va37DdO3yDU4WwEklJ1Ovqlpy4Rk_GaCGL5LMgsBbRnSZHAMqQIpcLH_ZbDSg40SPCPOgZIj-2jzAkNgZuDsbVyCjUTLfNyumVFRvZEs&sig=Cg0ArKJSzKy3vNFkUGTSEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 21:37:50 GMT

GET
H2 200 getArticleRelated.php Show response
www.beckershospitalreview.com/ 1 KB
405 B 269ms
269ms XHR
text/html 67.227.242.177
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beckershospitalreview.com/getArticleRelated.php?articleId=218085

Requested by

Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/common.js?version=26

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

web02.beckersasc.com

Software

Apache /

Resource Hash

9db35401e3b025856393aacf9cc879a697f20e9d75980a390f0de3fde82a67af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 21:37:50 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: max-age=1
content-length: 371
expires: Fri, 03 Feb 2023 21:37:51 GMT

GET
H2 200 get-latest-articles-by-category.php Show response
www.beckershospitalreview.com/ 2 KB
643 B 266ms
266ms XHR
text/html 67.227.242.177
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beckershospitalreview.com/get-latest-articles-by-category.php?catid=226

Requested by

Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/common.js?version=26

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

web02.beckersasc.com

Software

Apache /

Resource Hash

db4e3964b215c65d922a60ace0e94bc15e8227359cd233be05f4f4974637a8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 21:37:50 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: max-age=1
content-length: 563
expires: Fri, 03 Feb 2023 21:37:51 GMT

GET
H2 200 498900.js Show response
js-na1.hs-scripts.com/ 2 KB
899 B 158ms
124ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-na1.hs-scripts.com/498900.js
Requested by: Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1675460400000/498900.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4a9adf8ea12dc00b27fddc06d8330decf18535562728ff811622e7cfe91b8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 03 Feb 2023 21:31:28 GMT
server: cloudflare
x-hubspot-correlation-id: 894859e8-69c8-4a75-be43-8bd6f336d598
x-trace: 2BB16C9498F4BEB7755FF4D84CD47FE04BC61B90BD000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.beckershospitalreview.com
cache-control: public, max-age=30
access-control-allow-credentials: true
cf-ray: 793e4f611c812c22-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
552 B 301ms
133ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1858685340&v=1.1&a=498900&rcu=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html&r=https%3A%2F%2Ft.co%2F&pu=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&t=%27Killnet%27+has+allegedly+exfiltrated+data+from+hospitals%2C+health+systems&cts=1675460270216&vi=602637e7fcc45967eac23fc7add5ee44&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 486a6a71-3b1b-4eeb-abcf-fdcf03f6ab79
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNoyFLCuvxJk0SdM9YWNb8wwhuPLazqB2gcaFLtU8bABT0dC3KIb%2FWzsavu32PE3YfQIjmdF%2F9kX4dToUkv6LZNvNe1TubUwQP3qAmkFT53fdqsVVWgceR9RLPnxLGenG8oxB1gNVkvg4Hr8Y93T"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 793e4f61fc4d5b62-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
559 B 290ms
126ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=7dcacd71-8aa3-4d69-8929-c2a110c47927&fci=5215cf7b-89d8-487b-832c-4f0092ebd1d7&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1858685340&v=1.1&a=498900&rcu=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html&r=https%3A%2F%2Ft.co%2F&pu=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&t=%27Killnet%27+has+allegedly+exfiltrated+data+from+hospitals%2C+health+systems&cts=1675460270223&vi=602637e7fcc45967eac23fc7add5ee44&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 91f589f2-db29-4ee1-a79f-6a8bb242349a
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNPXga2DAV%2Bi5ZoIGUneoTqJykobaapsjieQ4BLiCfZvSU69kpyBy1798YsqkLw%2Fq3CN%2BUKwltWuO%2Bd3KmXRQ3KS%2BcomdIfRewBON%2BFItme1Ef7xmxjywAvI1njZ6GwvVxZymq7cAIhFxG1oq3Av"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 793e4f61fc4e5b62-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
899 B 287ms
123ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=7dcacd71-8aa3-4d69-8929-c2a110c47927&fci=5215cf7b-89d8-487b-832c-4f0092ebd1d7&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1858685340&v=1.1&a=498900&rcu=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html&r=https%3A%2F%2Ft.co%2F&pu=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&t=%27Killnet%27+has+allegedly+exfiltrated+data+from+hospitals%2C+health+systems&cts=1675460270224&vi=602637e7fcc45967eac23fc7add5ee44&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: bc5025b5-8f9b-4a73-b11a-d35422b98bea
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3tJG%2BYEcjJF0qrkK0p86AZaYj9KzWlOX8U%2F4daGl5t78lSO29jc%2Fe9zi5qvbY9XnBrWzQ%2BCGkKafV4aX%2F10fijqsqYykGfAEPbNgMqPTMog9w1itqYl7Vfk%2BM43UWFdkbgpbhv8%2BwsdTDpDpIwT"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 793e4f61fc4f5b62-FRA
x-robots-tag: none

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 77ms
76ms XHR
application/json 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a54ff8d29897053868ef3357dbd5e21b4efbe01538d318b8b1bd710f102ea9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11248
x-xss-protection: 0

GET
H2 200 lounge.6d46aa565c1aff855de7c87abad67e09.css
c.disquscdn.com/next/embed/styles/ Frame 97E1 227 KB
33 KB 19ms
19ms Stylesheet
text/css 2600:9000:211a:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d0fe7829b80042849bc663282897301056f3b7d5c05032a479de7796151bfc8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=218085&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html&t_d=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&t_t=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 02 Feb 2023 18:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 4ca98b546b8d71c72caf6a3d8f75dc24.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 98610
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 33302
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 02 Feb 2023 17:57:57 GMT
server: nginx
etag: "63dbf9a5-8216"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: Yum1wBeoJY4Q3wqR-8CJYFpDiZB01dpdmfLu9-V6eg1n0RdN0g9oAg==
expires: Fri, 02 Feb 2024 18:14:20 GMT

GET
H2 200 lounge.bundle.5fa14a9f771385c1d8e847d1c143c85d.js Show response
c.disquscdn.com/next/embed/ Frame 97E1 506 KB
127 KB 18ms
18ms Script
application/javascript 2600:9000:211a:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.5fa14a9f771385c1d8e847d1c143c85d.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0b50caaddeb386ddfa9fda9366e1890945cd57983d77dadac840ed88a552a0c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=218085&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html&t_d=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&t_t=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 02 Feb 2023 18:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 4ca98b546b8d71c72caf6a3d8f75dc24.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 98609
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 129580
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 02 Feb 2023 17:57:57 GMT
server: nginx
etag: "63dbf9a5-1fa2c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: p4dIOiyvBRO0WITEwtcZyxJFbEdRfGVmUCpfbTtmHG0Tb9WCU3zSvQ==
expires: Fri, 02 Feb 2024 18:14:21 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 97E1 17 KB
17 KB 7ms
7ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

263b09281522ea09ca51070c7f42e99c083094c81ed30a6e77a1abc55511d44c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=218085&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html&t_d=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&t_t=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 21:37:50 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 20
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 17077
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 57 KB
19 KB 116ms
20ms Script
text/javascript 2600:9000:225e:3000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 628d6315130cd4de61ea584cd8dc091a22f3fe455afbf7228b43b99ca44db25e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id: NwsfeSQdu7qaTe6tGVib5bHAlZ1WnBa6
Content-Encoding: gzip
Via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
Date: Fri, 03 Feb 2023 20:55:16 GMT
Age: 2557
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 14:43:35 GMT
Server: AmazonS3
Etag: W/"3980429e4470aea3a07be4951d0c262b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: kLBfWhBz9miNxKx_6yOWRLV-w6c_-ZiCgYeJg5NZnVQoWTY8KmBVtg==

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 97E1 3 KB
4 KB 124ms
124ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=beckershospitalreview&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7a55ab5ced67c53bdae3180edf16b09004c39920085cdba96354a8f71541a2c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=218085&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html&t_d=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&t_t=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&s_o=default
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 21:37:50 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Origin, Cookie
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 3402
X-XSS-Protection: 1; mode=block

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 86ms
85ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 21:37:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 97E1 11 KB
1 KB 114ms
44ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29cf63b3a3f220aa82357afebcfda1a2499327ce2429680ab58af2a87ed19f23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=218085&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html&t_d=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&t_t=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Feb 2023 21:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 20:15:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Feb 2023 21:37:50 GMT

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 97E1 13 KB
13 KB 27ms
27ms Image
image/svg+xml 2600:9000:211a:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 15 Jan 2023 02:16:14 GMT
via: 1.1 4ca98b546b8d71c72caf6a3d8f75dc24.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-C2
age: 1711296
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
server: nginx
etag: "63c080c9-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: p6RfI-6FdWS-3y2wOLfWRE0WTUy72IpMwxSLQbLw8DydGhVIZdtEYQ==
expires: Mon, 15 Jan 2024 02:16:14 GMT

GET
H2 200 vote.db918335ef853b5fb09a9c6bb933ac5b.svg
c.disquscdn.com/next/embed/assets/img/ Frame 97E1 279 B
879 B 27ms
27ms Image
image/svg+xml 2600:9000:211a:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/vote.db918335ef853b5fb09a9c6bb933ac5b.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3ef55a2dfb1f5a96fc821ab726854564a8106c4e503b71b1744aea108d31b54e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 11 Jan 2023 08:50:11 GMT
via: 1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-C2
age: 2033259
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 279
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 06 Jan 2023 19:06:43 GMT
server: nginx
etag: "63b87143-117"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 3GZfUqxLd4wl9HkZdJWIB7BOCp2IBjCrxswzNDf4gLs9NsJaoGmrsw==
expires: Thu, 11 Jan 2024 08:50:11 GMT

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 97E1 3 KB
3 KB 27ms
26ms Image
image/gif 2600:9000:211a:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 12 Jan 2023 03:03:01 GMT
via: 1.1 4ca98b546b8d71c72caf6a3d8f75dc24.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-C2
age: 1967689
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 06 Jan 2023 19:06:43 GMT
server: nginx
etag: "63b87143-b9b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ItyfGAeFR7aHl55QgdKd6RpBkSJRWyPBidrJ9KwNNpqlCkAH3B3eNg==
expires: Fri, 12 Jan 2024 03:03:01 GMT

GET
H2 200 email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
c.disquscdn.com/next/embed/assets/img/ Frame 97E1 840 B
1 KB 28ms
27ms Image
image/svg+xml 2600:9000:211a:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 25 Jan 2023 03:23:40 GMT
via: 1.1 4ca98b546b8d71c72caf6a3d8f75dc24.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-C2
age: 843250
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 840
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 20 Jan 2023 22:02:55 GMT
server: nginx
etag: "63cb0f8f-348"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: w0mSD64N5gVk0HnyHVOTqcvb6QlzGqRRlEHt-nQtZj8MLKrPwcMWoA==
expires: Thu, 25 Jan 2024 03:23:40 GMT

GET
H2 200 privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
c.disquscdn.com/next/embed/assets/img/ Frame 97E1 891 B
1 KB 28ms
27ms Image
image/svg+xml 2600:9000:211a:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 28 Jan 2023 10:59:15 GMT
via: 1.1 4ca98b546b8d71c72caf6a3d8f75dc24.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-C2
age: 556715
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 891
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 20 Jan 2023 22:02:55 GMT
server: nginx
etag: "63cb0f8f-37b"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: FA9b0AZsUzrSMTWAXGiWSPatoW9n-N6Qv6boirXmhZHOHypLQPX00w==
expires: Sun, 28 Jan 2024 10:59:15 GMT

GET
H2 200 warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
c.disquscdn.com/next/embed/assets/img/ Frame 97E1 605 B
1 KB 29ms
28ms Image
image/svg+xml 2600:9000:211a:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 17 Jan 2023 07:05:35 GMT
via: 1.1 4ca98b546b8d71c72caf6a3d8f75dc24.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-C2
age: 1521135
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 605
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
server: nginx
etag: "63c080c9-25d"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: T3SbearWCc8JrtUBfrXQr2IcUBPtoMq322J6gw2lpWsg0EcqKzrLKw==
expires: Wed, 17 Jan 2024 07:05:35 GMT

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 97E1 8 KB
8 KB 30ms
29ms Font
application/octet-stream 2600:9000:211a:4200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:4200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.6d46aa565c1aff855de7c87abad67e09.css
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 18 Jan 2023 06:16:27 GMT
via: 1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-C2
age: 1437683
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
server: nginx
etag: "63c080c9-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: NmS-_WHaQuYm0lITVmXu7J_n8JnAkfey1plHyugXgA8s6EDYI5Vb7g==
expires: Thu, 18 Jan 2024 06:16:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 100ms
55ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=1469781492397556&vrg=2023020101&nw_id=30116360&nslots=11&eid=31072024%2C31072165%2C31072169%2C676982961&pub_url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&qid=CKHD2fGn-vwCFR3huwgdmpwLCA&iu=%2F30116360%2FHR_Homepage_300x250-2&e=512&ret=300x250&req=600x500%7C300x250&bm=0&efh=1&stk=0&ifi=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 21:37:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 82ms
56ms Image
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=1469781492397556&vrg=2023020101&nw_id=30116360&nslots=11&eid=31072024%2C31072165%2C31072169%2C676982961&pub_url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&qid=CNW_2fGn-vwCFU3ruwgdD9oEpQ&iu=%2F30116360%2FHR_Homepage_300x250-1&e=512&ret=300x250&req=600x500%7C300x250&bm=0&efh=1&stk=0&ifi=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 21:37:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 97E1 15 KB
16 KB 287ms
21ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:49:45 GMT
x-content-type-options: nosniff
age: 254885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 22:49:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 97E1 15 KB
15 KB 289ms
27ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 11:48:56 GMT
x-content-type-options: nosniff
age: 380934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 11:48:56 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 97E1 17 KB
17 KB 302ms
42ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:07:02 GMT
x-content-type-options: nosniff
age: 156648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 02:07:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 97E1 16 KB
16 KB 306ms
50ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 15:23:02 GMT
x-content-type-options: nosniff
age: 368088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:23:02 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 97E1 17 KB
17 KB 310ms
57ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 14:33:59 GMT
x-content-type-options: nosniff
age: 25431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 14:33:59 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 97E1 43 B
339 B 114ms
98ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=245&event=init_embed&thread=9559927863&forum=beckershospitalreview&forum_id=293602&imp=519hdgs3jffntn&thread_slug=killnet_has_successfully_exfiltrated_data_from_hospitals_health_systems&user_type=anon&referrer=https%3A%2F%2Fwww.beckershospitalreview.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=218085&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html&t_d=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&t_t=%0A%09%09%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 21:37:50 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 73 KB
21 KB 67ms
29ms Script
application/javascript 2606:4700::6811:eccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/498900.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2937f3299d73f3d0c53f0b73b582b3ff16495bf9efc133f3195dcc5c2341ed2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
x-amz-version-id: taqgEgnsrT5tsXCQJYBxI5iw6YGfjof_
via: 1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 493
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.12020/bundles/project.js&cfRay=793e4356690230c9-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Wed, 01 Feb 2023 11:33:55 UTC
server: cloudflare
etag: W/"34276ce78542d549ceeb934446d38e5a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 793e4f633c9e9253-FRA
x-amz-cf-id: KeYHLfxYNYeowDO0lwvmXiADJQKtQxGTHWXky6X6vBcP-uC2kgz25Q==
x-hs-target-asset: conversations-embed/static-1.12020/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 61ms
23ms Script
application/javascript 2606:4700::6811:72b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/498900.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:72b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7455fff3d4e08245186e113636f69cbc44679bdf8870de5e4fd9a835e3d2e93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
x-amz-version-id: voeLZ8jD1qAOp4h9t0pVQ2YHSdN3ebgQ
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 548
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.317/bundles/pixels-release.js&cfRay=793e41ffadca381b-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 31 Jan 2023 04:09:31 UTC
server: cloudflare
etag: W/"bde7af4ffd2c05ea8423271f767ebc69"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 793e4f633add39d6-FRA
x-amz-cf-id: _Vagk5H7yie6b8dhLGJoo_zfwIz_rCQ5h9iwulx3YojWP9PkoUU7Gg==
x-hs-target-asset: adsscriptloaderstatic/static-1.317/bundles/pixels-release.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/498900/ 203 KB
63 KB 444ms
407ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/498900/banner.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/498900.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 677f08947c3a550d6da423a1ce0546e15579a61c3315b102077decc895e53d9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
x-amz-version-id: XQFq_3QuoGTGvAvS3TiH6XjS_C8niWta
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 9VXYD7Y9KWH077QQ
x-amz-server-side-encryption: AES256
x-amz-id-2: 87Ttm4/Y9OVyjvRI/BP6a9ZfScIHAfKbZ68fp+U28HQgA3vWwUyh/A7UgWbZy3H29WlcXu65dTo=
last-modified: Fri, 03 Feb 2023 19:34:40 GMT
server: cloudflare
etag: W/"d40ee697868a9be277fd36453d1cf717"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.beckershospitalreview.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 793e4f6338ce3820-FRA
expires: Fri, 03 Feb 2023 21:42:50 GMT

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/exp/JQYF3N5JPJGL3IXYVZYR5C/ 42 B
835 B 8ms
8ms Script
text/javascript 2600:9000:225e:3000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/JQYF3N5JPJGL3IXYVZYR5C/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f51a75f2ede4c5e0457f05d60bfa39290b59348a71cdae4cc701236e6f552ad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id: SQkeb.RNh5kBHZEq.WHizHOaRiyRmy1q
Date: Fri, 03 Feb 2023 21:34:43 GMT
Via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
Age: 188
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 42
Last-Modified: Wed, 04 Jan 2023 21:08:31 GMT
Server: AmazonS3
Etag: "2ff5e20519778d0385c77e7f6e12de10"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: abS0_Iz87k2Z-UgdFvJiTx1F9kXyRFx3ytinH0L99w6E0ANGIXOmGw==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

8ms
7ms

Script
application/javascript

2600:9000:225e:3000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:225e:3000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Fri, 03 Feb 2023 08:56:41 GMT
Via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
Age: 45672
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: A0oXMmWX0l7joKWRImB68T3e-33k0oI0XBZA3bVRm8SdhD3-bQxmTQ==

Redirect headers

Date: Fri, 03 Feb 2023 04:59:33 GMT
Via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
Age: 59896
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: VtVFrkA0_qNiFb0SW44DlB4mlnUD5C_cmoU0QHt6VjhmwGojPpg0nA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7/ 0
809 B 21ms
8ms Script
text/javascript 2600:9000:225e:3000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id: jePn.fQjUMu8YDHGOoMbXMr_rIf7qPB_
Date: Fri, 03 Feb 2023 20:46:46 GMT
Via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
Age: 3065
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Thu, 02 Feb 2023 00:14:11 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 2ZU7A51idqerAyNMIoWyiCO_o1Od5r0CCBPYUru80On7n11fczwcBg==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 63D1 13 KB
5 KB 25ms
23ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.beckershospitalreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 219846
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 08:33:44 GMT
expires: Thu, 01 Feb 2024 08:33:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0755 783 B
1 KB 50ms
22ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

baba8f1e3237e9d76a185b9a8aa1b97db9d2e5d2ad52a1862cca48a9946117e5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nj8EvroBJQHJ7CFAxesB8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beckershospitalreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-nj8EvroBJQHJ7CFAxesB8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 21:37:50 GMT
expires: Fri, 03 Feb 2023 21:37:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200 p Show response
cdp.omeda.com/olytics/segments/ 589 B
930 B 169ms
168ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdp.omeda.com/olytics/segments/p

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.159 Rolling Meadows, United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

fd1360c3090b37fcbcc09c45ba2acc4e6d950455ef836069dec4f18a15b700c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beckershospitalreview.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 03 Feb 2023 21:37:53 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200 p
cdp.omeda.com/olytics/segments/ Frame 0
0 113ms
113ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.omeda.com/olytics/segments/p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.180.130.159 Rolling Meadows, United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.beckershospitalreview.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Date: Fri, 03 Feb 2023 21:37:50 GMT
Keep-Alive: timeout=5
Server: Apache
vary: access-control-request-method,Access-Control-Request-Headers

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 63D1 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 12:13:26 GMT

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 401 B
956 B 142ms
141ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=498900&conversations-embed=static-1.12020&mobile=false&messagesUtk=f71305cccb4747d9830dc20f407d2771&traceId=f71305cccb4747d9830dc20f407d2771&referrer=https%3A%2F%2Ft.co%2F

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48b3e8bc2db2547784c623c9170746715aed7087acfb486666d6813e1a40c911

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.beckershospitalreview.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e626ca75-2343-42ca-8963-8877191fbeb1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 299
server: cloudflare
x-trace: 2BA12A87A7B849664C73AA42BC10A2A900DD76C82F000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.beckershospitalreview.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3ASWSMut7orjXAgIoa0f0vcVqq%2BiYHDc14dBsilTBs6WfNM1BUv%2FJvDtzDN7UjXbfO0G%2BprsHDhSd83eGn%2FZTlgLvX7GBiuCKcQ9xHi8ORQ59R3JGUnr5e6UgiozheHzMaH9ZLHT4a3yLzyPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 793e4f655e23bb3d-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 JQYF3N5JPJGL3IXYVZYR5C Show response
d.adroll.com/consent/check/ 462 B
948 B 173ms
32ms Script
application/javascript 2a05:d018:cc3:fe04:7036:b4fb:4707:a1df
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/JQYF3N5JPJGL3IXYVZYR5C?pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&_s=d8c6b3401362c261ddb25e38c39f64d9&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:7036:b4fb:4707:a1df Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 310e33ce5ebd0aaa68fac582770b63715a3b5b58e1358adf878f35fa184baf9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Fri, 03 Feb 2023 21:37:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 462
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 298ms
132ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.beckershospitalreview.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.beckershospitalreview.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 793e4f647d5fbb3d-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Fri, 03 Feb 2023 21:37:50 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebqW%2B%2FFyK2NhisQEMOpv52JBu01yKbBc6V1shhF60dqJ%2FZ%2B2zsaNgk68nieAzDdfsPJdyQsSm5gfKIrhlsrgDRQVzEcExwlpqvN5LbBQlxh59%2F8GlJajwtJ7WD0NmsPsKWTVcuT63x1z4FrIKw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 4ccdd7b1-2e05-44d7-a3bb-a67cd4076b1e
x-trace: 2B750B165D51E9274BFF1471FA3DE0C4642B83B55D000000000000000000

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0755 0
0 55ms
55ms Image
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023020101&jk=1469781492397556&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H/1.1

200
OK

E5Z5CE3QIZFWDO32KJIMW5.js Show response
s.adroll.com/pixel/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7/
Redirect Chain

https://d.adroll.com/pixel/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalrevie...
https://s.adroll.com/pixel/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7/E5Z5CE3QIZFWDO32KJIMW5.js

4 KB
2 KB

19ms
18ms

Script
text/javascript

2600:9000:225e:3000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7/E5Z5CE3QIZFWDO32KJIMW5.js
Protocol: HTTP/1.1
Server: 2600:9000:225e:3000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45547ec904d2db2b9ca7066c78d7061d38b08eef213671767ab28e9b8fcd7b5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-Amz-Version-Id: VKrTFjWHCzMIIO8C73eK9TSSxIFeHfAT
Content-Encoding: gzip
Via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
Date: Fri, 03 Feb 2023 21:34:43 GMT
Age: 805
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 23 Jan 2023 14:52:58 GMT
Server: AmazonS3
Etag: W/"7cd9bdde2034a2007821a3795473a5c4"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: mMljCrhXZMeDTh9lUherCi3Ud8RViEq2BBsuRHgF_CcLq5wpgxQDXw==

Redirect headers

date: Fri, 03 Feb 2023 21:37:50 GMT
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: p
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.22.1
x-rule: *
x-segment-eid: E5Z5CE3QIZFWDO32KJIMW5
location: https://s.adroll.com/pixel/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7/E5Z5CE3QIZFWDO32KJIMW5.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: WCNBXDE6Q5ETTM2BEJXDP7
x-segment-name: *
x-advertisable-eid: JQYF3N5JPJGL3IXYVZYR5C
x-conversion-currency

GET
H2 200 WCNBXDE6Q5ETTM2BEJXDP7
ipv4.d.adroll.com/px4/JQYF3N5JPJGL3IXYVZYR5C/ 42 B
518 B 171ms
29ms Image
image/gif 34.242.35.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipv4.d.adroll.com/px4/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&cookie=&adroll_s_ref=https%3A//t.co/&keyw=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.35.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-35-28.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 03 Feb 2023 21:37:51 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 42
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 63D1 0
10 B 23ms
22ms Image
text/plain 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?56IFXg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 65ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d.adroll.com
URL: https://d.adroll.com/pixel/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&cookie=&adroll_s_ref=https%3A//t.co/&keyw=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Feb 2023 21:37:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: wUYqQiRXYJueS9Iu+Y+5xtikeT3FDx6yjHWd1bfXSBStJmk/MIzOVctqOqCayGvwpV/2cRSBMl/uHldrkY1CBQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-success...
https://x.bidswitch.net/sync?dsp_id=44&user_id=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI

43 B
343 B

9ms
8ms

Image
image/gif

52.29.36.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI
Protocol: H2
Server: 52.29.36.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-36-14.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI
date: Fri, 03 Feb 2023 21:37:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-success...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=72yG--drQvjTg7sYeTFD8g
https://d.adroll.com/cm/g/in

42 B
553 B

32ms
32ms

Image
image/gif

2a05:d018:cc3:fe04:7036:b4fb:4707:a1df
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Server: 2a05:d018:cc3:fe04:7036:b4fb:4707:a1df Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 21:37:51 GMT
server: nginx/1.22.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 21:37:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://d.adroll.com/cm/g/in
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-suc...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&expiration=1706996270
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&expiration=1706996270&C=1

43 B
766 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&expiration=1706996270&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 21:37:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 21:37:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=105&external_user_id=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&expiration=1706996270&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 38ms
33ms Image
image/gif 2a05:d018:cc3:fe04:7036:b4fb:4707:a1df
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&advertisable=JQYF3N5JPJGL3IXYVZYR5C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:7036:b4fb:4707:a1df Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:50 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.1
content-length: 42
vary: Cookie
content-type: image/gif

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-success...
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&expires=365

0
239 B

77ms
16ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&expires=365
pragma: no-cache
date: Fri, 03 Feb 2023 21:37:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-success...
https://us-u.openx.net/w/1.0/sd?id=537103138&val=ef6c86fbe76b42f8d383bb18793143f2&gdpr=1&gdpr_consent=

43 B
273 B

63ms
22ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537103138&val=ef6c86fbe76b42f8d383bb18793143f2&gdpr=1&gdpr_consent=
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 21:37:51 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537103138&val=ef6c86fbe76b42f8d383bb18793143f2&gdpr=1&gdpr_consent=
pragma: no-cache
date: Fri, 03 Feb 2023 21:37:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 108
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-...
https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&gdpr=1&gdpr_consent=

0
0

261ms
17ms

Image
application/json

20.13.96.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Server: 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&gdpr=1&gdpr_consent=
pragma: no-cache
date: Fri, 03 Feb 2023 21:37:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 121
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...

42 B
494 B

143ms
23ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 21:37:51 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Fri, 03 Feb 2023 21:37:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 212
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-success...
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
125 B

82ms
11ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:51 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Fri, 03 Feb 2023 21:37:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 169
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-s...
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI

0
90 B

69ms
17ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16780

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI
pragma: no-cache
date: Fri, 03 Feb 2023 21:37:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-ha...
https://eb2.3lift.com/xuid?mid=4714&xuid=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&dongle=c85e

37 B
140 B

66ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4714&xuid=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&dongle=c85e
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4714&xuid=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&dongle=c85e
pragma: no-cache
date: Fri, 03 Feb 2023 21:37:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 102
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842&pv=45795326468.16284&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-success...
https://ib.adnxs.com/setuid?entity=172&code=ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI

43 B
1 KB

7ms
7ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI

Protocol

HTTP/1.1

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 21:37:51 GMT
AN-X-Request-Uuid: f228713a-7631-41a1-80ea-028b5f68f998
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.30; 217.64.151.30; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 21:37:51 GMT
AN-X-Request-Uuid: 210016d2-cb9a-4994-8578-93193b731bac
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.30; 217.64.151.30; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 187952941924941 Show response
connect.facebook.net/signals/config/ 151 KB
42 KB 665ms
665ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/187952941924941?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

71d882e1589703ebfc9d453172218f99f47101c98ccfe6a1addf93e5cb2ff522

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Feb 2023 21:37:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Y+gxGGzYIVhuX6nPpHBvUvyVTOpqZYyXpeHC+JIq5Md6IIbSdIpDqyGpyOby3s8r2ev//TLSmj3Kc4QUkog1bQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 188 B
917 B 168ms
125ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=498900

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da07e95a4d0faa53761abaa711179986b1f71d6c522751157777d585dc4b2b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 76b889a1-a584-4032-afc4-0209035dd2ec
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B2A634F500B09368B607FB91EBC5AEBC5D0C93092000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.beckershospitalreview.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOL%2FtZZ97vJ7m42q2Wd7K7sMAJkF1OQdmbUi7u%2F4ugl5rKesjN621Wt6DxXQ623D%2Bn%2FckVXrGztXn5ZquBjD4VL%2BZ2FhbsfzvvT%2Be9kE2ZtGZdIoqNlW2kRY5ocSzbvEAxZG1D66oXPLauWx"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 793e4f662e2b9b33-FRA
access-control-allow-headers: *

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BD7B 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssshsZfgzEqqJRZOpnO378do0qarmU-pNXTS0NflQUqZxRb6fZ-ltGOVY3foKNuLktlhhxkC7edSvwdrIXvJzZiIe07_KtfbxgEyzuBqCl8FEmb4Mrw&sig=Cg0ArKJSzAIGLPacscbqEAE&id=lidar2&mcvt=1000&p=727,1095,977,1395&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1799648656&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675460269849&rpt=251&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 21:37:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 327D 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7lNH03zD9YWgAU0La81yuEXUOdXGr_1jjJ9n0Ea-L1f0mW_nMOu_tzA8RhWFV3bc6hoboUxnG1tMiEGXnXC0GGoxRjBXbpfnvX8sbnHBFk7PMmkm6&sig=Cg0ArKJSzBxmpxnk14ZzEAE&id=lidar2&mcvt=1000&p=219,100,309,828&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3656762645&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675460269810&rpt=365&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 21:37:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6117 42 B
64 B 55ms
54ms Fetch
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5lWQrhzDyfTjGKXzNRKA3BIV7Ys79eHN_mujLzDEEVz1LIX6UP3qtNfxc4E-yqbB0cl5aTvZQKvJX-bpsLOhUVmnlJ2MbxwNoGZ0-29pPU3K6Bsmp&sig=Cg0ArKJSzDkbaVpClVtuEAE&id=lidar2&mcvt=1000&p=467,1095,717,1395&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2638920786&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675460269834&rpt=352&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 21:37:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 242ms
19ms Script
application/x-javascript 2a02:26f0:11a::217:9a4a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a4a Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=60172
accept-ranges: bytes
content-length: 4777

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023020101&jk=1469781492397556&bg=!gIOlg8fNAAaq5O5FiuQ7ACkAdvg8WqS3QHytzlxxxhLZpbVrWyxmrzY5BJNg-THe8e8TODwM0SH7CQIAAABxUgAAAAJoAQeZAsWplvXf-ezrVURzj5HbmgFRHbgn4Q-l2zL2iNaURsmkkcmqgLVUzZkSlVBrk6H_zcC9ODhbUh7BFBAqHZ2ys4SjoRHLih1Fbix880dr9_8b7z83u3IBvGLhGmQh7J8wDr3YAYkefCijKhR4sJAaud4SCslTaSE6wOxmgnM7h3rJ2VTV2pdpAf5vf1KSyeRFD0OJU7UN-70JlfweCb_JN-dQfQSTpUgiGSxqOSeDH6GRzCm1m9LwHl2QJGt4uf0ua_2wEWuhA1HVVPM1VufJZMNFxl05diUOc0hWFpEU7YQxcWL0IiTkHStLd3B_yDjtwahMb7B3PgZldb9UeUTyhf8VnymUA4q7934hDlUns-DN1KR2S3aiVPhL5T790vdXmexj5b1OKdysfIBGqkQFT2rv2VtnViacybEr0HUWj0OHQ-I7LQch9O28K_Ynf3LTNay9m7LubE4AeCyS7U__9yW4C7cCoV1G1AySwYdLZVojIHtc2bcGz0NL_-7BcAjNciIuXIaiEe4rq9Zrd_AdgFtnSeEEaBHtlnJaTBLwagpRNJ0RAcdG52CkkClwc2WYlcF733zllkvvlUgZfHP3HqoZ9T5ohwaZm9RKN3u95spJIqSi6OX11pq_V4ktzJC9MfxEwR2fxTwrk8zq8epnzA7YgEUCpakz8gWUZjbZzt8ODTtW2Tn4G-h5qnnqu6TD1Y7yRl0LuB_a64kbIhyuKwz2xewJJwdJw9IhsJ9IjrdgD-roagGdZ_6d2PfyKLh-9pFuBX2fEfNq6x89ZjmNuUIhDthDtPjzXo8UTZItxGLy_B3_T5UAK7tTy9cD4uwXlSuJpg9CNpKT9KXOXuXi0C_fHAgjThQwCOR8dAAbu7E_8QfLsbjz1Z5fBqbWFu2rnsuJqh9tC657QeA77ZryphoowTrhL365og52mMMzzUge7wAOIDkH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1310345/domain/beckershospitalreview.com/ 36 B
369 B 87ms
20ms XHR
application/json 2600:9000:2304:c800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1310345/domain/beckershospitalreview.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:c800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.beckershospitalreview.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:07:18 GMT
content-encoding: gzip
via: 1.1 1c6954b6a2b349a78fb0daa669c3e984.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 34233
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=35744
x-amz-cf-id: SDteQPgWnKZYPXDJpw9LIr2b9ExgLkeCVFQ7o2-9wIuFEK3Ys1Uh6g==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1310345&time=1675460271442&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospit...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1310345%26time%3D1675460271442%26url%3Dhttps%253A%252F%252Fwww.beckershospitalrev...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1310345&time=1675460271442&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospit...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1310345&time=1675460271442&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospi...

0
265 B

325ms
159ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1310345&time=1675460271442&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&liSync=true&e_ipv6=AQIHEaU6qAvNbwAAAYYZNt78ZuXcuQ9FvYRJGrAPRWuE7rWOa-sf6DXeW2lIpOWFi4OnrrW_oP6_uD4N9sKfxBAlWPiexg
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:37:51 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: ED3F1B57BDA44063981AC1C5CC636678 Ref B: FRAEDGE1817 Ref C: 2023-02-03T21:37:52Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXz0n5bxoxX5kSujqMHDw==

Redirect headers

date: Fri, 03 Feb 2023 21:37:51 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: B11D1D364D1543DA8812467225B6DABE Ref B: FRAEDGE1511 Ref C: 2023-02-03T21:37:51Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1310345&time=1675460271442&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&liSync=true&e_ipv6=AQIHEaU6qAvNbwAAAYYZNt78ZuXcuQ9FvYRJGrAPRWuE7rWOa-sf6DXeW2lIpOWFi4OnrrW_oP6_uD4N9sKfxBAlWPiexg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXz0n5W0Mz2dIAI/iMtEA==

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 72 KB
22 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.95

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Feb 2023 21:37:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: pp16OknbFrcPyh04K3aGAz15grzoFg6T+YbLuKAHMacyd9wF1xIpOnLcHLYhdOqV/6qOgYbpWsiXCzIwzij30g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 12ms
12ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.95

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Feb 2023 21:37:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 8ARej5lJkdiEVm09UJSikbfrTxIworD9MHFWV0a/mRUfwZ3XLCbRkuImhoLzQzIH64I7/LelNi4zsS2ErRHBSg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1151078721744405 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 459ms
459ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1151078721744405?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4376f5c5c750e3735c2b273ffd16c96efc7ac920f92ca3be9e7dd8c0917f7920

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Feb 2023 21:37:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: HQpmWRmFXGiDLjDFEeVT4uZ3Ivvk20o1FeHRjtE5yKBq9AhW6/F6J1Yoqn+PBkSCelPPNgiLlGO111SBOCVPEQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 41ms
9ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=187952941924941&ev=PageView&dl=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1675460271726&cd[segment_eid]=E5Z5CE3QIZFWDO32KJIMW5&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=29&cs_est=true&fbp=fb.1.1675460271723.1407471314&it=1675460271009&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Feb 2023 21:37:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 8ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1151078721744405&ev=PageView&dl=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1675460272211&sw=1600&sh=1200&ud[external_id]=602637e7fcc45967eac23fc7add5ee44&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675460271723.1407471314&it=1675460271009&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Feb 2023 21:37:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 9ms
9ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1151078721744405&ev=Microdata&dl=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fkillnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html%3Futm_medium%3Demail%26utm_content%3Dnewsletter&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1675460272713&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems%22%2C%22meta%3Akeywords%22%3A%22HHS%2C%20hospital%20cybersecurity%2C%20healthcare%20cybersecurity%2C%20KillNet%2C%20hospital%20data%20breach%2C%20hacking%2C%20in%20january%2C%20confirmed%2C%20multiple%2C%20jan%22%2C%22meta%3Adescription%22%3A%22On%20Jan.%2031%2C%20%27Killnet%2C%27%20a%20Russian-based%20hacking%20group%20claimed%20to%20have%20taken%20down%20multiple%20hospital%20and%20health%20system%20websites%20across%20the%20U.S.%2C%20and%20HHS%20confirmed%20that%20the%20group%20has%20obtained%20data%20from%20a%20number%20of%20hospitals%20in%20January%2C%20SC%20Media%20reported%20Jan.%20%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%27Killnet%27%20has%20allegedly%20exfiltrated%20data%20from%20hospitals%2C%20health%20systems%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=602637e7fcc45967eac23fc7add5ee44&v=2.9.95&r=stable&ec=1&o=30&fbp=fb.1.1675460271723.1407471314&it=1675460271009&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Feb 2023 21:37:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200 loading.do Show response
beckers.dragonforms.com/ Frame BD41 8 KB
4 KB 595ms
118ms Document
text/html 204.180.130.190

General

Check archive.org

Show headers Download Go to

Full URL

https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalceo&pk=modal&r=&oly_anon_id=9800e102-529b-4d66-b172-f586458855ef

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.190 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

1a3205740340832a95c16c7d8ce2723e9387445d284813f8b7cb90b2f1571893

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beckershospitalreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 03 Feb 2023 21:37:40 GMT
Keep-Alive: timeout=5
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 xclose.png
olytics.omeda.com/olytics/img/ 958 B
1 KB 40ms
40ms Image
image/png 2600:9000:234e:2a00:1e:5cef:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://olytics.omeda.com/olytics/img/xclose.png

Requested by

Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/css/olytics.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:234e:2a00:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

2862ad1a2d8a7f739b935dc2fa1cbed5c426d68572d1032a08f2c7f5c1c0bf59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.beckershospitalreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:51:57 GMT
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: OSL50-P1
age: 6377
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 23 Mar 2018 13:37:38 GMT
server: Apache
etag: W/"958-1521812258000"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=43200
accept-ranges: bytes
x-amz-cf-id: dKOVhXQt6_7VkP-efIDGjNDZfc6ptmjrtEZKygoN8sdmuObjbIRfIg==
expires: Fri, 03 Feb 2023 19:51:47 GMT

POST
H/1.1 200 imp Show response
cdp.omeda.com/olytics/segments/ 20 B
360 B 126ms
125ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdp.omeda.com/olytics/segments/imp

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.159 Rolling Meadows, United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

ab64560cf10e232d83b783805d267b1675aa728828db773daefe5936e0e4ed67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beckershospitalreview.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 03 Feb 2023 21:38:00 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200 imp
cdp.omeda.com/olytics/segments/ Frame 0
0 112ms
112ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.omeda.com/olytics/segments/imp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.180.130.159 Rolling Meadows, United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.beckershospitalreview.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Date: Fri, 03 Feb 2023 21:38:00 GMT
Keep-Alive: timeout=5
Server: Apache
vary: access-control-request-method,Access-Control-Request-Headers

GET
H/1.1 200 site_313b.css
hostedcontent.dragonforms.com/hosted/images/dragon/generic/313/ Frame BD41 19 KB
19 KB 593ms
108ms Stylesheet
text/css 205.162.42.5

General

Check archive.org

Show headers Download Go to

Full URL

https://hostedcontent.dragonforms.com/hosted/images/dragon/generic/313/site_313b.css

Requested by

Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalceo&pk=modal&r=&oly_anon_id=9800e102-529b-4d66-b172-f586458855ef

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.162.42.5 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

75aa8016193d3f8a36dc043dcb078fb89662b0616a4a55d45d84df688b5f90ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beckers.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 21:38:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 23 Feb 2022 14:15:47 GMT
Server: Apache
ETag: W/"19163-1645625747327"
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ Frame BD41 84 KB
29 KB 86ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:3b

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalceo&pk=modal&r=&oly_anon_id=9800e102-529b-4d66-b172-f586458855ef
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer: https://beckers.dragonforms.com/
Origin: https://beckers.dragonforms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:38:01 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-14e4a"
vary: Accept-Encoding
x-hw: 1675460281.dop261.fr8.t,1675460281.cds109.fr8.hn,1675460281.cds140.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29811

GET
H/1.1 200 conditional.js Show response
x.dragonforms.com/js/ Frame BD41 34 KB
34 KB 618ms
147ms Script
application/javascript 204.180.130.190

General

Check archive.org

Show headers Download Go to

Full URL

https://x.dragonforms.com/js/conditional.js?build=V23.2.2-20230201

Requested by

Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalceo&pk=modal&r=&oly_anon_id=9800e102-529b-4d66-b172-f586458855ef

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.190 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

39efb9daff1285c1d957167cd3b4162a59b476eec3271790a0283c1f7d4a339c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beckers.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 21:37:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 24 Jan 2023 13:56:22 GMT
Server: Apache
ETag: W/"34470-1674568582000"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 dragonCampaign.js Show response
x.dragonforms.com/js/ Frame BD41 13 KB
13 KB 622ms
144ms Script
application/javascript 204.180.130.190

General

Check archive.org

Show headers Download Go to

Full URL

https://x.dragonforms.com/js/dragonCampaign.js?build=V23.2.2-20230201

Requested by

Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalceo&pk=modal&r=&oly_anon_id=9800e102-529b-4d66-b172-f586458855ef

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.190 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

f084eb3b60be7c6309cc5ff62056f29deba6ae55270642089f04f035d9cb3738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beckers.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 21:37:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 01 Nov 2022 12:59:08 GMT
Server: Apache
ETag: W/"13287-1667307548000"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 generic.css
x.dragonforms.com/style/ Frame BD41 2 KB
1 KB 621ms
152ms Stylesheet
text/css 204.180.130.190

General

Check archive.org

Show headers Download Go to

Full URL

https://x.dragonforms.com/style/generic.css?build=V23.2.2-20230201

Requested by

Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalceo&pk=modal&r=&oly_anon_id=9800e102-529b-4d66-b172-f586458855ef

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.190 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

a75268aabd3efca2333dda30048a44d566fca0fa0c70f87249784d6c4dbaaa50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beckers.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 21:37:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Jun 2021 15:35:48 GMT
Server: Apache
ETag: W/"2478-1623339348000"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 7.css
hostedcontent.dragonforms.com/hosted/images/dragon/12392/ Frame BD41 1 KB
2 KB 604ms
118ms Stylesheet
text/css 205.162.42.5

General

Check archive.org

Show headers Download Go to

Full URL

https://hostedcontent.dragonforms.com/hosted/images/dragon/12392/7.css

Requested by

Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalceo&pk=modal&r=&oly_anon_id=9800e102-529b-4d66-b172-f586458855ef

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.162.42.5 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

b7c138acc2227685057654a924b404684aa0f6f9ff58f6e252cf040052a4bcf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beckers.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 21:38:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 12 Mar 2020 21:26:26 GMT
Server: Apache
ETag: W/"1047-1584048386910"
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 217.gif
cdn.omeda.com/hosted/images/dragon/generic/ Frame BD41 9 KB
9 KB 605ms
108ms Image
image/gif 205.162.42.5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.omeda.com/hosted/images/dragon/generic/217.gif

Requested by

Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalceo&pk=modal&r=&oly_anon_id=9800e102-529b-4d66-b172-f586458855ef

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.162.42.5 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

056dd44aece96c67e45ba421d734f125e1497bbdb3b70194b7aadb8a68d10085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beckers.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 21:38:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 25 Aug 2016 18:46:39 GMT
Server: Apache
ETag: W/"8851-1472150799847"
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 olyticsLinkAssistance.js Show response
beckers.dragonforms.com/js/ Frame BD41 4 KB
4 KB 112ms
111ms Script
application/javascript 204.180.130.190

General

Check archive.org

Show headers Download Go to

Full URL

https://beckers.dragonforms.com/js/olyticsLinkAssistance.js

Requested by

Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalceo&pk=modal&r=&oly_anon_id=9800e102-529b-4d66-b172-f586458855ef

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.190 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

2deb0d094a307e99fcaa3dfd02f9802de8e485134d85a2f1d2d77d453dc8b934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalceo&pk=modal&r=&oly_anon_id=9800e102-529b-4d66-b172-f586458855ef
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 21:37:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 25 Jul 2022 13:12:48 GMT
Server: Apache
ETag: W/"4025-1658754768000"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame BD41 117 KB
45 KB 45ms
45ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MV5SCJ

Requested by

Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalceo&pk=modal&r=&oly_anon_id=9800e102-529b-4d66-b172-f586458855ef

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

44c9640a3e74131559724fc87a24f0000b8a00d7cbdb53facecfc8360f0bebd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beckers.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:38:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46531
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Feb 2023 21:38:02 GMT

GET
H2 200 olytics.min.js Show response
olytics.omeda.com/olytics/js/v3/p/ Frame BD41 263 KB
72 KB 44ms
44ms Script
application/javascript 2600:9000:234e:2a00:1e:5cef:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Requested by

Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalceo&pk=modal&r=&oly_anon_id=9800e102-529b-4d66-b172-f586458855ef

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:234e:2a00:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

3bb51322ad907cbce304cb075d28ffa672f3c649e8cc502315c4d4044df11f7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beckers.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 20:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
age: 5685
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Oct 2022 19:43:20 GMT
server: Apache
etag: W/"269579-1665603800000"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=21600
accept-ranges: bytes
x-amz-cf-id: 9HbN7P-HaG42vhDVwBlU4-UOGwTTKFhdxNU4A1NLDGN0PQIFbSdyAA==
expires: Fri, 03 Feb 2023 14:03:20 GMT

GET
H/1.1 200 evaluateConditionalContent.do;jsessionid=000146C2C05C1F2AC646F73110ECE98E Show response
beckers.dragonforms.com/ Frame BD41 180 B
482 B 123ms
123ms XHR
text/x-json 204.180.130.190

General

Check archive.org

Show headers Download Go to

Full URL

https://beckers.dragonforms.com/evaluateConditionalContent.do;jsessionid=000146C2C05C1F2AC646F73110ECE98E?demo19347=modal&demo19348=&demo19350=&demo19351=&demo19352=&opt19353=1&dragon_pagenumber=1&jsessionid=000146C2C05C1F2AC646F73110ECE98E&timestemp=1675460282330&omedasite=NL_hospitalceo

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.190 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

7b68f1c5740bd22df0a8b2412c1c6dccbeb10a177f1b7e88034a01981676e190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalceo&pk=modal&r=&oly_anon_id=9800e102-529b-4d66-b172-f586458855ef
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 21:37:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/x-json;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 evaluateConditionalContent.do;jsessionid=000146C2C05C1F2AC646F73110ECE98E Show response
beckers.dragonforms.com/ Frame BD41 180 B
482 B 235ms
118ms XHR
text/x-json 204.180.130.190

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.190 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

7b68f1c5740bd22df0a8b2412c1c6dccbeb10a177f1b7e88034a01981676e190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalceo&pk=modal&r=&oly_anon_id=9800e102-529b-4d66-b172-f586458855ef
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 21:37:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/x-json;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

HEAD
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame BD41 0
0 87ms
87ms Fetch
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beckers.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49762
x-xss-protection: 0
server: cafe
etag: 12565373689503662125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 21:38:02 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame BD41 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV5SCJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beckers.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 20:54:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2592
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 03 Feb 2023 22:54:50 GMT

HEAD
H3 200 gpt.js
www.googletagservices.com/tag/js/ Frame BD41 0
0 53ms
52ms Fetch
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beckers.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 21:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27320
x-xss-protection: 0
server: sffe
etag: "1472 / 58 of 1000 / last-modified: 1675426045"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 03 Feb 2023 21:38:02 GMT

POST
H/1.1 204 p Show response
cdp.omeda.com/olytics/segments/ Frame BD41 0
244 B 127ms
127ms XHR
text/plain 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdp.omeda.com/olytics/segments/p

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.159 Rolling Meadows, United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beckers.dragonforms.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 03 Feb 2023 21:38:02 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200 p
cdp.omeda.com/olytics/segments/ Frame 0
0 119ms
118ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.omeda.com/olytics/segments/p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.180.130.159 Rolling Meadows, United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://beckers.dragonforms.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Date: Fri, 03 Feb 2023 21:38:08 GMT
Keep-Alive: timeout=5
Server: Apache
vary: access-control-request-method,Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.beckershospitalreview.com/cybersecurity	1969-12-31 23:59:59	Name: Value: test
.t.co/	1970-01-20 18:54:34	Name: muc Value: 1e78b7be-9cac-4f90-811a-412e6c4767bb
.buff.ly/	1970-01-20 13:43:32	Name: _bit Value: n13lBL-bb1a6168aef443ea8f-004
www.beckershospitalreview.com/	1969-12-31 23:59:59	Name: c8e38179792b91d8191cb88680d463c3 Value: f8c59ef5adc35fdf0de3a82027a249bc
.beckershospitalreview.com/	1970-01-20 09:24:22	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.beckershospitalreview.com/cybersecurity/killnet-has-successfully-exfiltrated-data-from-hospitals-health-systems.html?utm_medium=email&utm_content=newsletter%22%2C%22sref%22:%22https://t.co/%22%2C%22sts%22:1675460269246%2C%22slts%22:0}
.beckershospitalreview.com/	1970-01-20 18:53:44	Name: _parsely_visitor Value: {%22id%22:%22pid=6255722a5992a26d25f95dec7c19fa86%22%2C%22session_count%22:1%2C%22last_session_ts%22:1675460269246}
.beckershospitalreview.com/	1970-01-20 19:00:20	Name: _ga_TR9H4RENNB Value: GS1.1.1675460269.1.0.1675460269.0.0.0
.ws.zoominfo.com/	1970-01-20 18:09:56	Name: visitorId Value: b73c668d4d0a48801dcc1a546788a987f20a78d28f852d7401c46703540c452b
.zoominfo.com/	1970-01-20 09:24:22	Name: __cf_bm Value: emZxX.EBNAPN6O0PSzbA_eHK0yuHuR5ludbMoxbzgg8-1675460269-0-AUzJiIh1/N99A9nUYFiXXqLWE0OJNwAi/PvH01YLaCgYWc+zR+AAjWxUQq8eEopio24p0dvtyda6mQAKuQ00YnI=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: B1r1YcnvyVtXDsKND9a0QTldETqmW8.zrWvoe0Se41c-1675460269397-0-604800000
.beckershospitalreview.com/	1970-01-20 19:00:20	Name: _ga Value: GA1.2.199262485.1675460269
.beckershospitalreview.com/	1970-01-20 09:25:46	Name: _gid Value: GA1.2.1480741398.1675460269
.beckershospitalreview.com/	1970-01-20 09:24:20	Name: _gat_gtag_UA_5366982_1 Value: 1
.beckershospitalreview.com/	1970-01-20 18:09:56	Name: oly_fire_id Value: 2672C9123356A8B
.beckershospitalreview.com/	1970-01-20 18:09:56	Name: oly_anon_id Value: 9800e102-529b-4d66-b172-f586458855ef
.beckershospitalreview.com/	1970-01-20 18:45:56	Name: __gads Value: ID=a3484d15bf4e17c8:T=1675460269:S=ALNI_Ma436yWTDbvTR5C4IQ3lzkzEvHmBg
.beckershospitalreview.com/	1970-01-20 18:45:56	Name: __gpi Value: UID=00000baf710a3640:T=1675460269:RT=1675460269:S=ALNI_MbUUDO1JiaIEjFjZgY09gJEBDacgg
.doubleclick.net/	1970-01-20 18:45:56	Name: IDE Value: AHWqTUlSLz1Y85YfmpVYTkBjqcPeQPFE2VOcnkgLeUCm2as3J9g-IOgE2BHKYn3blpQ
my.beckershospitalreview.com/	1969-12-31 23:59:59	Name: cf24aa9c35ec30d75eff88c65005a4e1 Value: d87d940c47c8295fa5beb597a7d0f26d
www.beckershospitalreview.com/	1970-01-20 10:07:32	Name: omedadfptargeting Value: undefined\|undefined*
www.beckershospitalreview.com/	1970-01-20 10:07:32	Name: omedadpushedcookie Value: 1
.hubspot.com/	1970-01-20 09:24:22	Name: __cf_bm Value: lVZaDXuXfdEmFZ_1DU8ToTp02MC2Y1Cn7M3Fit8CKU8-1675460270-0-Aabv7Xha42hw3a0FNcbyFYavqbyO2yPA7779XjFr6YNwJzncZN8od7w495Dfu+LZbrO3e2feXtiVZSAVB7nMFNs=
.www.beckershospitalreview.com/	1970-01-20 18:10:17	Name: __adroll_fpc Value: 3981ed69f7f27fdc5844b7b2bb31bce1-1675460270842
.www.beckershospitalreview.com/	1970-01-20 18:09:56	Name: __ar_v4 Value: %7CJQYF3N5JPJGL3IXYVZYR5C%3A20230205%3A1%7CWCNBXDE6Q5ETTM2BEJXDP7%3A20230205%3A1%7CE5Z5CE3QIZFWDO32KJIMW5%3A20230205%3A1
.beckershospitalreview.com/	1970-01-20 13:43:32	Name: __hstc Value: 77465994.602637e7fcc45967eac23fc7add5ee44.1675460270214.1675460270214.1675460270214.1
.beckershospitalreview.com/	1970-01-20 13:43:32	Name: hubspotutk Value: 602637e7fcc45967eac23fc7add5ee44
.beckershospitalreview.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.beckershospitalreview.com/	1970-01-20 09:24:22	Name: __hssc Value: 77465994.1.1675460270214
.casalemedia.com/	1970-01-20 18:09:56	Name: CMID Value: Y91.rzzsV7S0rgpoidCEYgAA
.casalemedia.com/	1970-01-20 11:33:56	Name: CMPS Value: 2184
.casalemedia.com/	1970-01-20 11:33:56	Name: CMPRO Value: 2184
.adnxs.com/	1970-01-20 11:33:56	Name: uuid2 Value: 5107569653318860343
.adnxs.com/	1970-01-20 11:33:56	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2E?lkFc.7!]tbPl@/@8$-^=$U_hBUYjy_(apzK3A/u[k@5U>KA3F?gD%WOgC^6n:]/44eK-Uz>Cwc3qZsn2HCl#`h3If)y3KL9D3I?+r#@PHC
.d.adroll.com/	1970-01-20 18:53:08	Name: __adroll Value: ef6c86fbe76b42f8d383bb18793143f2-g_1675460271-a_1675460270
.adroll.com/	1970-01-20 18:53:08	Name: __adroll_shared Value: ef6c86fbe76b42f8d383bb18793143f2-g_1675460271-a_1675460270
.pubmatic.com/	1970-01-20 11:33:56	Name: KRTBCOOKIE_10 Value: 22808-ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI&KRTB&22883-ZWY2Yzg2ZmJlNzZiNDJmOGQzODNiYjE4NzkzMTQzZjI
.pubmatic.com/	1970-01-20 10:07:32	Name: PugT Value: 1675460271
.bidswitch.net/	1970-01-20 18:09:56	Name: tuuid Value: e1c92888-0cbf-47ac-b780-ff8abc24ad07
.bidswitch.net/	1970-01-20 18:09:56	Name: c Value: 1675460271
.bidswitch.net/	1970-01-20 18:09:56	Name: tuuid_lu Value: 1675460271
www.beckershospitalreview.com/	1970-01-20 09:25:46	Name: ln_or Value: eyIxMzEwMzQ1IjoiZCJ9
.linkedin.com/	1970-01-20 10:07:32	Name: UserMatchHistory Value: AQIoFUNZUwLjZwAAAYYZNt29MWAsv6H1NzzQfneY-yGbWWoiSvj8CetyrSWOmVhUefCBlU9vv_sdhQ
.linkedin.com/	1970-01-20 10:07:32	Name: AnalyticsSyncHistory Value: AQLmhsUScxatKgAAAYYZNt29ibovJ2pwQws_CAdQvThXdbziSHDNhD7Xm0vbNgR5zEJ3OFA2u2tiXIFHPwpAgw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:09:56	Name: bcookie Value: "v=2&78117b2c-54a5-417d-8023-93b98ba6e4fb"
.linkedin.com/	1970-01-20 09:25:46	Name: lidc Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2990:u=1:x=1:i=1675460271:t=1675546671:v=2:sig=AQGKXXB3_Derlmrl-krKIBCajRtYA6J9"
.beckershospitalreview.com/	1970-01-20 11:33:56	Name: _fbp Value: fb.1.1675460271723.1407471314
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:09:56	Name: bscookie Value: "v=1&202302032137519a86d3d1-4350-4412-837f-3cfcd4cf3dc8AQHkSthxsOlWyM-pXSXqthF3nH492om6"
.linkedin.com/	1970-01-20 13:43:32	Name: li_gc Value: MTswOzE2NzU0NjAyNzE7MjswMjFuzffoUsRU8veTetnIreCCWTZFJOG4E0lP6IXD5t0giw==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.asccommunications.com
adservice.google.com
adservice.google.de
aorta.clickagy.com
api.hubapi.com
api.hubspot.com
b3c3a27dd2f77fade3ed005759cd1474.safeframe.googlesyndication.com
beckers.dragonforms.com
beckershospitalreview.disqus.com
buff.ly
c.disquscdn.com
cdn.linkedin.oribi.io
cdn.omeda.com
cdn.parsely.com
cdp.omeda.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d.adroll.com
disqus.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
hemsync.clickagy.com
hostedcontent.dragonforms.com
ib.adnxs.com
image2.pubmatic.com
ipv4.d.adroll.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hsforms.net
js.usemessages.com
my.beckershospitalreview.com
olytics.omeda.com
oqs.omeda.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
processor.asccommunications.com
processor2.asccommunications.com
px.ads.linkedin.com
px4.ads.linkedin.com
referrer.disqus.com
region1.google-analytics.com
s.adroll.com
securepubads.g.doubleclick.net
snap.licdn.com
srv-2023-02-03-21.pixel.parsely.com
sync.outbrain.com
sync.taboola.com
t.co
tags.clickagy.com
tpc.googlesyndication.com
track.hubspot.com
ups.analytics.yahoo.com
us-u.openx.net
ws.zoominfo.com
www.beckershospitalreview.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
x.bidswitch.net
x.dragonforms.com
104.244.42.197
13.107.42.14
13.248.245.213
141.226.228.48
142.250.201.194
151.101.0.134
18.156.0.31
18.66.100.58
185.64.190.80
185.80.39.216
199.232.192.134
20.13.96.71
2001:4860:4802:34::36
2001:4de0:ac18::1:a:3b
204.180.130.159
204.180.130.165
204.180.130.190
205.162.42.5
209.59.186.75
2600:9000:211a:4200:6:8656:f5c0:93a1
2600:9000:225e:3000:6:9280:1080:93a1
2600:9000:2304:c800:2:53b2:240:93a1
2600:9000:234e:2a00:1e:5cef:3780:93a1
2606:4700:4400::6812:21ab
2606:4700::6810:5605
2606:4700::6810:5905
2606:4700::6810:650c
2606:4700::6811:43b0
2606:4700::6811:72b0
2606:4700::6811:b649
2606:4700::6811:cbcc
2606:4700::6811:d2cc
2606:4700::6811:eccc
2606:4700::6812:3eb
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:80b::2004
2a00:1450:4001:829::200e
2a00:1450:400d:802::2002
2a00:1450:400d:803::2001
2a00:1450:400d:808::2002
2a00:1450:400d:808::2003
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::2002
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::2008
2a02:26f0:11a::217:9a4a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:cc3:fe04:7036:b4fb:4707:a1df
34.231.207.29
34.233.16.172
34.242.35.28
34.98.64.218
37.252.171.149
50.28.99.4
52.29.36.14
54.163.114.10
67.199.248.12
67.227.242.177
69.173.144.165
98.98.134.241
0024db1aa7995507ec914e8dad9d0a126bfca7d705530589b98d7682735c1cbe
056dd44aece96c67e45ba421d734f125e1497bbdb3b70194b7aadb8a68d10085
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
070960ca509da77430cfbc7aef04290e7c8acb965a19a9942918792a37b6ddcb
0a55e798cfc5f96b463b8107b341c3b956ebc3bfa5eb655c6e746cc56c658e36
0b50caaddeb386ddfa9fda9366e1890945cd57983d77dadac840ed88a552a0c9
14aedbb1a683d0d7092b9c0173961368cbad6e8744b17a474788d1afa747fabc
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16c4b24fa18b5aaf402333bf80e51d41b3607cc0b3cd87dd7f3dae180be2a2ca
16eb3771501078a5c2b3c0b1c09fd127abc7dc2e945526dce9c5ce5f3b8e8e2e
175cf49aeecf07d61c4f3cc4d1c7ca741eb93e53c5698547405ede43619bd92c
19f5ca9e25c1446701408c8e85d6003e37ea5096d004cb0419e05b54081ce836
1a3205740340832a95c16c7d8ce2723e9387445d284813f8b7cb90b2f1571893
1b0289f2ec5da31c3c6762aab71b7709c4c456382e059cc6eefebf489eb12e46
1bcf382c861841335ec9ae5b803af26521b953cee0c2cc4fa291b5cd25f2311e
1df211e49ac79925ff59e0b410832d5fab393c93fb86c77a5c80ad880b324c3c
24aec7e0f4018b25d80c0953ff8bb42da7ff7fa1c8e39423f94138d35c436dd1
263b09281522ea09ca51070c7f42e99c083094c81ed30a6e77a1abc55511d44c
2862ad1a2d8a7f739b935dc2fa1cbed5c426d68572d1032a08f2c7f5c1c0bf59
29cf63b3a3f220aa82357afebcfda1a2499327ce2429680ab58af2a87ed19f23
2deb0d094a307e99fcaa3dfd02f9802de8e485134d85a2f1d2d77d453dc8b934
2e3d95a11e0bd0b827cfc070a248331c238cc16ddac3c0472242380d04b65fba
310e33ce5ebd0aaa68fac582770b63715a3b5b58e1358adf878f35fa184baf9e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31733a994cc4052bacc6bda171e4981b20485fc222134e61b220a8273174983a
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
33e459b26c21444650f5073aadaa7ce3dd0dc08d4c3990f8206f9f78dca35124
382230b7d9b7d39592102e3d97d45c14d545781a81bb0d1cf09974365f54a03c
39efb9daff1285c1d957167cd3b4162a59b476eec3271790a0283c1f7d4a339c
3bb51322ad907cbce304cb075d28ffa672f3c649e8cc502315c4d4044df11f7a
3ef55a2dfb1f5a96fc821ab726854564a8106c4e503b71b1744aea108d31b54e
3fbb064d01b24448eaed943710487f7cf539bd2f56d8650d96fd110121e892f6
4376f5c5c750e3735c2b273ffd16c96efc7ac920f92ca3be9e7dd8c0917f7920
44333b43b6193e3b13ea2d8253464ac87b5a13b51df406a1e2f3d8498da38db0
44c9640a3e74131559724fc87a24f0000b8a00d7cbdb53facecfc8360f0bebd9
44d9ce844e7e4c1fc5658eb7b2303948780c4b02a9164484a6b4302aaaf08b19
45547ec904d2db2b9ca7066c78d7061d38b08eef213671767ab28e9b8fcd7b5b
462691a4d73382292a9d90115058c8f6ddc9c99bcb3c3e125cacc5ebc702fa3f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4806d59440626c00d25b37074591409b9f644ef4458333fadfbd9b9098e80a46
48b3e8bc2db2547784c623c9170746715aed7087acfb486666d6813e1a40c911
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba20b9d27e2920f2c46a49e560ef0924ec6926170fc094a201faa5d60f93739
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4cae4941b45d130f40756c688ebe31288a0a473d547feb96abfe5eeb436194db
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e78b00d7d535a11a6ed01c387c8c74a62024287f3db4d7dca17c5efde84307b
4ecd8462fee70accb2f406be82b051f9607ddbc1e55a1cbccc882c0cbe25c1fc
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5681f49cf3b64bb9f4d7d0f955bafd17659aff75029295b2d1f4c0f8a1f3ed63
5736f20e2a413433b3af338e6cccd1318197981ce66e68ac810e723ccbf9c10c
57f89e583381f9671bb28a781e8a3be698e625902de675b3928665c60b6a49ce
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5932092d5e11c9c0ff217094853e3e7ce9fb4f23ad19aaa7aaed72673abb22b8
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5cc62a927a74e39af8e5c748afac525cf7cd53b57d6e087aea88dfecdd62bce8
5e99eec91877cb48a488d66fb46a05c2917c34bfde894e376a7ac901858dc94a
5eb89c0191f452431837d082aae32b9a929b155a8afbfdc2d563b0e6bcfe2a16
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628d6315130cd4de61ea584cd8dc091a22f3fe455afbf7228b43b99ca44db25e
6449898e8b0c4047b3ff73d3274e616acc3849f6c5fad709ffa8010f91bdb4a5
677f08947c3a550d6da423a1ce0546e15579a61c3315b102077decc895e53d9a
6a54ff8d29897053868ef3357dbd5e21b4efbe01538d318b8b1bd710f102ea9a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4564cb731fe3dabac79ce0fe9cc039cbc57ca5394638e8c5eea416372dcc9f
6bd8a3d8dce116787274c58b9b0ed3d4284191a80cb1249d49c60ef96ade5d87
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6c47a0bef4b7fa998d5a6d4c6a05680fe0aa289b981979c1f6eed91ccd8c7fa0
6d2d7df168329692db78d767ec9d036acf3a8c5504fbe6100b963f0dad3d5503
71d882e1589703ebfc9d453172218f99f47101c98ccfe6a1addf93e5cb2ff522
75aa8016193d3f8a36dc043dcb078fb89662b0616a4a55d45d84df688b5f90ed
78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79
7a55ab5ced67c53bdae3180edf16b09004c39920085cdba96354a8f71541a2c7
7af3ee330e9184e8cd282cb34ad56f946e5850702779f32d5067474cd7ef0d50
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b31d2b2fa1dc37493df8a079ec3924223f6c194e4d55a798db47f928c6aec29
7b68f1c5740bd22df0a8b2412c1c6dccbeb10a177f1b7e88034a01981676e190
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
802730988dfcca7b2752f4b139cbe9e79ecc7abc81aa649eae2b984df7bce5b6
809769f60c779d246f5ca5dee9f5440029521605298ca309891d9639a7653c56
81f0a118a293d1eed5327bfa7ad77b8f86ec9f7d8d2b176ba8b695e6bc772f7c
851ff07292efb4046385f062e9f6d6b3996e1476731a3a9f3fff13141e55cda7
8557723acebc8e4c614ab5168c4d46da69a93ea0b7ae4ad2851bf1e10302690e
883a3478c49797b4b589354563917f957be99ea498dbf87b2aa19d301e4feef4
8b85e9af1927bb7e92829d026f9f3b4854d24e6f942235e5931e390ac54a490f
8d44d2c930c6c9f030dc2a86f3744742b33dc44393430911f7acc04f09d8474f
8fed0359a978607741335672c13815cef49036c52f9d3c3173d365840a967ccb
94f4dea710672d3907984e8db32f4c7421a6e3188fb2ff507dffae3775cf4bab
9c72aa9048dc4cb5f976e7b1a5be738cdc5429f35291261fab0036d077afaa51
9db35401e3b025856393aacf9cc879a697f20e9d75980a390f0de3fde82a67af
9e763e0aec31627d8b89826948020093adbfd0f35278a2e4da15ad2f53a32342
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a2937f3299d73f3d0c53f0b73b582b3ff16495bf9efc133f3195dcc5c2341ed2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
a75268aabd3efca2333dda30048a44d566fca0fa0c70f87249784d6c4dbaaa50
ab64560cf10e232d83b783805d267b1675aa728828db773daefe5936e0e4ed67
adfd008697cea31868e69da20438df1b722533fb55c92db8ac9e0071fdafc710
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f4143ed79f1dcad39c2b6b78234d6eedd16f56b454a3f7403b47c34ac54315
b392fce3bf3340c2cd754bb4c728059e822657e17d473ba374963078e3a8b62a
b6bb3ba7b2c39447882161ffcd7a8c3f307d50d2abb488162d026ae6d303ddcb
b6d37a03d74e2579f9dd1bdae5b32dd80224e22f0e41308bfdfbf91fe7686a6c
b7c138acc2227685057654a924b404684aa0f6f9ff58f6e252cf040052a4bcf9
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
baba8f1e3237e9d76a185b9a8aa1b97db9d2e5d2ad52a1862cca48a9946117e5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c61caad7540b4acbdc26fb12c011ac064e35cf104e3377fe20762487eb2cc9ad
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
cf28388abebabf468e69a9f9deb2989a0d07d8bbc64aad1778129e6bf532fdf2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0fe7829b80042849bc663282897301056f3b7d5c05032a479de7796151bfc8c
d635525e019c41dc7afd21e3dfb2e44af7b53470fd648b0b40d05ff2098fc4d8
d7ff3d860e756089b3a8b543afd74434c6cb01715279f1efa26e37ac2dcf7bc5
d993da21f665c2de3ee71ae2e6844e58109b578b6529e529e2bf60b6496934d4
da07e95a4d0faa53761abaa711179986b1f71d6c522751157777d585dc4b2b1c
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
db4e3964b215c65d922a60ace0e94bc15e8227359cd233be05f4f4974637a8c4
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc5efb734cff97f4c99ec03f9638a0eba36c9808095ff12b733054c459ba050f
df8f37a70e2d573e88b8ba0b3a336c3b1dd3c013ca40e715edcdd7883b86e543
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e878246b255741a9576c0b93eedfee719182429e20f5e00b1eadcc531b31ee97
ee97deb871f1fdc91ff3363932be46c0fe0a3cc7e72f7d297c0fb229afd37e87
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f084eb3b60be7c6309cc5ff62056f29deba6ae55270642089f04f035d9cb3738
f093000fe816b723c9f93ec96c6dcf834669ef570c4358741208a3f6dad6988b
f2237ebecdcadb0094e79dc017c9a0ba8a52621453afaa54fd9981b2ba42bcf6
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f51a75f2ede4c5e0457f05d60bfa39290b59348a71cdae4cc701236e6f552ad9
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7455fff3d4e08245186e113636f69cbc44679bdf8870de5e4fd9a835e3d2e93
f9fac294d5439bb7e6e5942ef982c6d3dfb7922559749fa38907fb4e0b03010b
fd1360c3090b37fcbcc09c45ba2acc4e6d950455ef836069dec4f18a15b700c3
fd305fda60f9450ee53cdfb8d1fcbb527ba7a66da4f631de3eb69eeb6e048a4c
fe00cdfc7fcf38d59a3841ae6394116ba995760c5a5f1ca6d4e41aec55f67a93
ff4a9adf8ea12dc00b27fddc06d8330decf18535562728ff811622e7cfe91b8d

www.beckershospitalreview.com Open in urlscan Pro 67.227.242.177 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

203 Requests

92 %HTTPS

55 %IPv6

47 Domains

71 Subdomains

62 IPs

7 Countries

3052 kBTransfer

7249 kBSize

50 Cookies

67 Outgoing links

Page URL History

Redirected requests

203 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.beckershospitalreview.com Open in urlscan Pro
67.227.242.177 Public Scan

Screenshot
Live screenshot

Full Image

203
Requests

92 %
HTTPS

55 %
IPv6

47
Domains

71
Subdomains

62
IPs

7
Countries

3052 kB
Transfer

7249 kB
Size

50
Cookies

203 HTTP transactions
14 data transactions