www.govtech.com Open in urlscan Pro
18.66.122.73 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Submission: On June 19 via manual (June 19th 2024, 2:18:20 am UTC) from US — Scanned from DE

Summary HTTP 90 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 46 IPs in 4 countries across 34 domains to perform 90 HTTP transactions. The main IP is 18.66.122.73, located in United States and belongs to AMAZON-02, US. The main domain is www.govtech.com. The Cisco Umbrella rank of the primary domain is 566757.
TLS certificate: Issued by Amazon RSA 2048 M03 on April 1st 2024. Valid for: a year.

This is the only time www.govtech.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	18.66.122.73 18.66.122.73	16509 (AMAZON-02) (AMAZON-02)
9	18.66.147.96 18.66.147.96	16509 (AMAZON-02) (AMAZON-02)
2 3	2600:9000:211... 2600:9000:211e:e00:4:8ff3:780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:89d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700::68... 2606:4700::6813:b234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:264... 2600:9000:2646:8800:18:1fcd:354:4b41	16509 (AMAZON-02) (AMAZON-02)
2	104.18.141.119 104.18.141.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.96 65.9.66.96	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.16.117.43 104.16.117.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
1	18.66.102.106 18.66.102.106	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:6ffe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:df98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
2	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
7	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
1	13.32.27.19 13.32.27.19	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:20:... 2606:4700:20::ac43:4415	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.99.71 13.32.99.71	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:780... 2a02:26f0:780::210:ca3b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.245.46.29 18.245.46.29	16509 (AMAZON-02) (AMAZON-02)
1	216.58.212.164 216.58.212.164	15169 (GOOGLE) (GOOGLE)
1	34.202.136.61 34.202.136.61	14618 (AMAZON-AES) (AMAZON-AES)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:f36c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
2	52.44.173.20 52.44.173.20	14618 (AMAZON-AES) (AMAZON-AES)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
90	46

4 18.66.122.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-73.fra60.r.cloudfront.net

www.govtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.66.147.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-96.fra60.r.cloudfront.net

erepublic.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211e:e00:4:8ff3:780:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cdn.tiny.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:89d1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:8800:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.141.119 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-96.fra56.r.cloudfront.net

sp.tinymce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.117.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-106.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:6ffe (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:df98 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:4415 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
polo.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-71.fra60.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:780::210:ca3b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-29.fra56.r.cloudfront.net

marco.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.164 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f164.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.136.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-136-61.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f5058aa24d11363bbf941a4bdd5dc64e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f36c (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.44.173.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-173-20.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	128 KB
9	brightspotcdn.com erepublic.brightspotcdn.com — Cisco Umbrella Rank: 361843	239 KB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 352 www.linkedin.com — Cisco Umbrella Rank: 558 px4.ads.linkedin.com — Cisco Umbrella Rank: 6457	4 KB
7	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 5216 forms-na1.hsforms.com — Cisco Umbrella Rank: 8105	7 KB
6	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 136 f5058aa24d11363bbf941a4bdd5dc64e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 172	20 KB
5	feathr.co cdn.feathr.co — Cisco Umbrella Rank: 24912 polo.feathr.co — Cisco Umbrella Rank: 20129 marco.feathr.co — Cisco Umbrella Rank: 20961	56 KB
4	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2789	4 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 stats.g.doubleclick.net — Cisco Umbrella Rank: 132 cm.g.doubleclick.net — Cisco Umbrella Rank: 276	145 KB
4	govtech.com www.govtech.com — Cisco Umbrella Rank: 566757	29 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 283	3 KB
3	dpmsrv.com s.dpmsrv.com — Cisco Umbrella Rank: 36424 a.dpmsrv.com — Cisco Umbrella Rank: 30111	14 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	240 KB
3	tiny.cloud 2 redirects cdn.tiny.cloud — Cisco Umbrella Rank: 29056	164 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 958	14 KB
2	google.de www.google.de — Cisco Umbrella Rank: 8196	126 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3078 www.google.com — Cisco Umbrella Rank: 5	317 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68	21 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 5335 forms.hscollectedforms.net — Cisco Umbrella Rank: 5451	25 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1344	59 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	91 KB
2	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 7811	158 KB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 491	98 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 4202	1 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1477	201 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 638	306 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2567	26 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3908	4 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2600	24 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	1 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 5178	2 KB
1	tinymce.com sp.tinymce.com — Cisco Umbrella Rank: 29784	397 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1659	15 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2946	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 333	31 KB
90	34

	Domain	Requested by
9	cdn.cookielaw.org	www.govtech.com cdn.cookielaw.org
9	erepublic.brightspotcdn.com	www.govtech.com erepublic.brightspotcdn.com
5	px.ads.linkedin.com	3 redirects snap.licdn.com
4	track.hubspot.com
4	forms-na1.hsforms.com	www.govtech.com js.hsforms.net
4	www.govtech.com	erepublic.brightspotcdn.com
3	ib.adnxs.com	2 redirects
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
3	polo.feathr.co	cdn.feathr.co
3	forms.hsforms.com	js.hsforms.net www.govtech.com
3	www.googletagmanager.com	www.govtech.com
3	cdn.tiny.cloud	2 redirects www.govtech.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	a.dpmsrv.com	www.govtech.com s.dpmsrv.com
2	snap.licdn.com	www.govtech.com js.hsadspixel.net
2	www.google.de	www.govtech.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.govtech.com connect.facebook.net
2	js.hsforms.net	www.govtech.com
1	idsync.rlcdn.com	www.govtech.com
1	cm.g.doubleclick.net	s.dpmsrv.com
1	px4.ads.linkedin.com	www.govtech.com
1	www.linkedin.com	1 redirects
1	api.hubapi.com	js.hsadspixel.net
1	f5058aa24d11363bbf941a4bdd5dc64e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ping.chartbeat.net	www.govtech.com
1	www.google.com	www.govtech.com
1	marco.feathr.co	www.govtech.com
1	s.dpmsrv.com	www.govtech.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	cdn.feathr.co	www.govtech.com
1	script.hotjar.com	static.hotjar.com
1	region1.analytics.google.com	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	fonts.googleapis.com	www.govtech.com
1	static.hotjar.com	www.govtech.com
1	ws.zoominfo.com	www.govtech.com
1	sp.tinymce.com	www.govtech.com
1	static.chartbeat.com	www.govtech.com
1	js.hs-scripts.com	www.govtech.com
1	www.googletagservices.com	www.govtech.com
90	47

This site contains links to these domains. Also see Links.

Domain
newsletters.govtech.com
webinars.govtech.com
events.govtech.com
papers.govtech.com
www.facebook.com
www.linkedin.com
twitter.com
membership.chicagotribune.com
www.tribunecontentagency.com
content.erepublic.com
www.erepublic.com
erepublic.my.salesforce-sites.com
erepublic.secure.force.com
www.youtube.com
www.governing.com
insider.govtech.com
www.onetrust.com

Subject Issuer	Validity	Valid
prod.erepublic.psdops.com Amazon RSA 2048 M03	`2024-04-01` - `2025-04-30`	a year	crt.sh
cdn.erepublic.psdops.com Amazon RSA 2048 M03	`2024-01-19` - `2025-02-16`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
hs-scripts.com E1	`2024-05-31` - `2024-08-29`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2024-05-15` - `2025-06-06`	a year	crt.sh
hsforms.net WE1	`2024-06-13` - `2024-09-11`	3 months	crt.sh
tinymce.com Amazon RSA 2048 M03	`2024-04-21` - `2025-05-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-28` - `2024-06-26`	3 months	crt.sh
zoominfo.com E5	`2024-06-17` - `2024-09-15`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
hscollectedforms.net E1	`2024-05-27` - `2024-08-25`	3 months	crt.sh
hs-analytics.net WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
hsadspixel.net E6	`2024-06-14` - `2024-09-12`	3 months	crt.sh
hs-banner.com E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.google.de WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
hsforms.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
feathr.co GTS CA 1P5	`2024-06-05` - `2024-09-03`	3 months	crt.sh
*.dpmsrv.com Amazon RSA 2048 M02	`2024-02-16` - `2025-03-16`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
marco.feathr.co Amazon RSA 2048 M01	`2023-07-23` - `2024-08-20`	a year	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
hubapi.com E1	`2024-05-04` - `2024-08-02`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
hubspot.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Frame ID: 0439E7C530DD4D4AC9343BB10952D56C
Requests: 92 HTTP requests in this frame

Frame: https://f5058aa24d11363bbf941a4bdd5dc64e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6CF2CB4E433A0CEA17F13F4B637DA830
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4C697134DB98A8DC39E39B2BA46D4D2B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cyber Attack Hits Agency That Oversees Illinois Insurance

Detected technologies

TinyMCE (Rich Text Editors) Expand

Overall confidence: 100%
Detected patterns

/tiny_?mce(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

90
Requests

94 %
HTTPS

51 %
IPv6

34
Domains

47
Subdomains

46
IPs

4
Countries

1523 kB
Transfer

4969 kB
Size

44
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://newsletters.govtech.com/?promo_code=topnav-newsletters
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://webinars.govtech.com/?promo_code=topnav
Title: Webinars

Search URL Search Domain Scan URL

URL: https://events.govtech.com/?promo_code=topnav-events
Title: Events

Search URL Search Domain Scan URL

URL: https://papers.govtech.com/?promo_code=topnav-papers
Title: Papers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=314190606794339&display=popup&href=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&mini=true&title=Cyber%20Attack%20Hits%20Agency%20That%20Oversees%20Illinois%20Insurance&summary=The%20cyber%20attack%20was%20carried%20out%20at%20the%20Office%20of%20the%20Special%20Deputy%20Receiver%2C%20a%20nonprofit%20that%20works%20with%20the%20state%20and%20exists%20largely%20to%20protect%20creditors%20and%20policyholders%20of%20troubled%20or%20insolvent%20insurance%20companies.&source=GovTech
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&text=Cyber%20Attack%20Hits%20Agency%20That%20Oversees%20Illinois%20Insurance
Title: Twitter

Search URL Search Domain Scan URL

URL: http://membership.chicagotribune.com/newsletters/subscribe/lid/929fe373-c3ea-4ae8-a36f-46968f33da6f?track=ct__spin_content-promotion__________roadblock
Title: Sign up for The Spin to get the top stories in politics delivered to your inbox weekday afternoons.

Search URL Search Domain Scan URL

URL: https://www.tribunecontentagency.com/
Title: Tribune Content Agency, LLC.

Search URL Search Domain Scan URL

URL: https://newsletters.govtech.com/?promo_code=gt_enews_web_flyinID247
Title: SUBSCRIBE

Search URL Search Domain Scan URL

URL: https://events.govtech.com/?promo_code=footer
Title: Events

Search URL Search Domain Scan URL

URL: https://webinars.govtech.com/?promo_code=footer
Title: Webinars

Search URL Search Domain Scan URL

URL: https://papers.govtech.com/?promo_code=footer
Title: Papers

Search URL Search Domain Scan URL

URL: https://content.erepublic.com/industry-masterclass?promo_code=footer&__hstc=59400946.2640db903e425214b12e3a47774076ae.1718763495335.1718763495335.1718763495335.1&__hssc=59400946.1.1718763495336&__hsfp=3598200494
Title: Industry Academy

Search URL Search Domain Scan URL

URL: https://www.erepublic.com/privacy/?promo_code=footer&__hstc=59400946.2640db903e425214b12e3a47774076ae.1718763495335.1718763495335.1718763495335.1&__hssc=59400946.1.1718763495336&__hsfp=3598200494
Title: Privacy & AI

Search URL Search Domain Scan URL

URL: https://erepublic.my.salesforce-sites.com/ContactUs/?src=https://www.erepublic.com/
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.erepublic.com/brands/govtech/?promo_code=footer&__hstc=59400946.2640db903e425214b12e3a47774076ae.1718763495335.1718763495335.1718763495335.1&__hssc=59400946.1.1718763495336&__hsfp=3598200494
Title: Advertise

Search URL Search Domain Scan URL

URL: https://newsletters.govtech.com/?promo_code=footer
Title: Stay Up To Date

Search URL Search Domain Scan URL

URL: https://erepublic.secure.force.com/PrivacyRequest/
Title: California Residents - Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://twitter.com/govtechnews
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/GovernmentTechnology
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/governmenttechnology
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/government-technology/
Title: linkedin

Search URL Search Domain Scan URL

URL: https://www.governing.com/?__hstc=59400946.2640db903e425214b12e3a47774076ae.1718763495335.1718763495335.1718763495335.1&__hssc=59400946.1.1718763495336&__hsfp=3598200494

Search URL Search Domain Scan URL

URL: https://insider.govtech.com/

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://cdn.tiny.cloud/1/p94feg18soy8tkaiy2yfbhinp3agqij3cvjh5wz5g751roh5/tinymce/5/tinymce.min.js HTTP 307
https://cdn.tiny.cloud/1/p94feg18soy8tkaiy2yfbhinp3agqij3cvjh5wz5g751roh5/tinymce/5.10.9-138/tinymce.min.js HTTP 307
https://cdn.tiny.cloud/1/invalid-origin/tinymce/5.10.9-138/tinymce.min.js

Request Chain 68

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D1499%26pixelIndex%3D0%26r%3D583861%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.govtech.com%252Fsecurity%252Fcyber-attack-hits-agency-that-oversees-illinois-insurance HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D1499%2526pixelIndex%253D0%2526r%253D583861%2526tzOffset%253D-120%2526url%253Dhttps%25253A%25252F%25252Fwww.govtech.com%25252Fsecurity%25252Fcyber-attack-hits-agency-that-oversees-illinois-insurance HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=1060575221409163253&zn=&sn=&q=xImp&v=1.x&cl=1499&pixelIndex=0&r=583861&tzOffset=-120&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance

Request Chain 71

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=747380&time=1718763494303&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=747380&time=1718763494303&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D747380%26time%3D1718763494303%26url%3Dhttps%253A%252F%252Fwww.govtech.com%252Fsecurity%252Fcyber-attack-hits-agency-that-oversees-illinois-insurance%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=747380&time=1718763494303&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=747380&time=1718763494303&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&cookiesTest=true&liSync=true&e_ipv6=AQKY_CAvqEyTnAAAAZAuSZ5cO2erGdN31N__EvegcnRXnVGI75HELt9eNGx0F3aerA

90 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request cyber-attack-hits-agency-that-oversees-illinois-insurance Show response
www.govtech.com/security/ 124 KB
26 KB 726ms
428ms Document
text/html 18.66.122.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-73.fra60.r.cloudfront.net
Software: istio-envoy / Brightspot
Resource Hash: dbd3ebe7dd8dd594fb11b5bda2c5ad4842b3bcd25bafcd46a86ce49ddbcff4b1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-length: 25967
content-type: text/html;charset=UTF-8
date: Wed, 19 Jun 2024 02:18:12 GMT
server: istio-envoy
vary: Accept-Encoding
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-id: cHmUpF_T_tesR26U35anP8nKShKYw263cI7mkEPoK7UWCAPq7f4YaQ==
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
x-envoy-decorator-operation: brightspot-cms-verify.erepublic.svc.cluster.local:80/*
x-envoy-upstream-service-time: 132
x-powered-by: Brightspot

GET
H2 200 All.min.9d804c41c25b2c6d2b193d2ee65b9bad.gz.css
erepublic.brightspotcdn.com/resource/00000178-1345-dc1a-a7fd-9f55b8d10000/styleguide/ 216 KB
31 KB 136ms
8ms Stylesheet
text/css 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://erepublic.brightspotcdn.com/resource/00000178-1345-dc1a-a7fd-9f55b8d10000/styleguide/All.min.9d804c41c25b2c6d2b193d2ee65b9bad.gz.css
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-96.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 648d6f64dc1915418c85ef0d55c46ed54b804bdc5b2bf3bc666d8f54e99d6df6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Dec 2023 01:25:50 GMT
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
last-modified: Mon, 30 Oct 2023 12:25:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 16332743
etag: "a12c7d59f06b2929e932d23df6325114"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 31316
x-amz-cf-id: ZxgFZu-RbTZ4gG5I7luaae1p09ux_vSl7JOkutuybe58tqfDmSFIcA==

GET
H2

200

tinymce.min.js Show response
cdn.tiny.cloud/1/invalid-origin/tinymce/5.10.9-138/
Redirect Chain

https://cdn.tiny.cloud/1/p94feg18soy8tkaiy2yfbhinp3agqij3cvjh5wz5g751roh5/tinymce/5/tinymce.min.js
https://cdn.tiny.cloud/1/p94feg18soy8tkaiy2yfbhinp3agqij3cvjh5wz5g751roh5/tinymce/5.10.9-138/tinymce.min.js
https://cdn.tiny.cloud/1/invalid-origin/tinymce/5.10.9-138/tinymce.min.js

407 KB
163 KB

343ms
343ms

Script
application/javascript

2600:9000:211e:e00:4:8ff3:780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tiny.cloud/1/invalid-origin/tinymce/5.10.9-138/tinymce.min.js

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Server

2600:9000:211e:e00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

3329e7b951fe7c48f467231dce4f031ce597b49495460541cf3965068398e7b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.govtech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 19 Jun 2024 02:18:13 GMT
content-encoding: gzip
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
x-cache: RefreshHit from cloudfront
server: nginx/1.20.0
etag: W/"8Qn37o65eoMW1nS6N5+YdY08qsLA10jO/g5PXYaeaek="
access-control-max-age: 3600
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-if-error=3000, stale-while-revalidate=3000
access-control-allow-credentials: true
vary: Accept-Encoding,Origin
access-control-allow-headers: *
x-amz-cf-id: iMxviNFsEk8Z3pt5-ks0drTcvVa-P7GEWEGH43UB8Rlb4wOPjAbjsQ==

Redirect headers

date: Wed, 19 Jun 2024 02:18:12 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-length: 0
server: nginx/1.20.0
access-control-max-age: 3600
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
location: https://cdn.tiny.cloud/1/invalid-origin/tinymce/5.10.9-138/tinymce.min.js
access-control-allow-origin: *
cache-control: public, s-maxage=10, max-age=0
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: *
x-amz-cf-id: osqtrEVwNxFW2Wf5tpk3QxH-JouO_Qy75K4rRoXYqL2jFmYARXZQag==

GET
H2 200 webcomponents-loader.266c0bb4f707570dca3c59bb04633dc0.gz.js Show response
erepublic.brightspotcdn.com/resource/00000178-1345-dc1a-a7fd-9f55b8d10000/styleguide/webcomponents-loader/ 6 KB
2 KB 131ms
10ms Script
text/javascript 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://erepublic.brightspotcdn.com/resource/00000178-1345-dc1a-a7fd-9f55b8d10000/styleguide/webcomponents-loader/webcomponents-loader.266c0bb4f707570dca3c59bb04633dc0.gz.js
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-96.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 21:47:55 GMT
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
last-modified: Tue, 09 Mar 2021 20:52:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 16605018
etag: "8771ad6d93cb1761c69e6457af1b0fd1"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2079
x-amz-cf-id: 3a3XtSGhkqxxCenFese66A3-cCdFff6LU-nyo5X4clAWaxjRqyZQGQ==

GET
H2 200 All.min.f4b92f9d16f9fd9611b6a7d52a851753.gz.js Show response
erepublic.brightspotcdn.com/resource/00000178-1345-dc1a-a7fd-9f55b8d10000/styleguide/ 106 KB
27 KB 7ms
7ms Script
text/javascript 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://erepublic.brightspotcdn.com/resource/00000178-1345-dc1a-a7fd-9f55b8d10000/styleguide/All.min.f4b92f9d16f9fd9611b6a7d52a851753.gz.js
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-96.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 580dd03d6a10ab52741f799691d2ecba4ed069044970ae14457a64e5b2c598fe

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Sep 2023 01:20:41 GMT
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
last-modified: Thu, 17 Jun 2021 19:29:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 22726652
etag: "82684234e6fb084c3735d801e99347b1"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 27239
x-amz-cf-id: HWjy-P4q0YobBjo9ykxF3daUH3Z4epXu8Dt2XBLX3skwJc1sfXGpYA==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 98 KB
31 KB 58ms
24ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ca0a92f00666dc3e62a0406b07d789170655d27ff3e4a689c0403c0c790b6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31335
x-xss-protection: 0
server: cafe
etag: 100 / 19893 / 31084716 / config-hash: 5515444381961717830
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Jun 2024 02:18:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
71 KB 47ms
20ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-732206-2

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e612909b3c747b97eff87998303d7e561d05cbdfc213639b8881af3cb974e682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72469
x-xss-protection: 0
last-modified: Wed, 19 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Jun 2024 02:18:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 294 KB
100 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DLKHJ6T8K5

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ad78747fbc9ba39fef134b1cbea24d199e953ff271cd40e3b6dbbda5d63c5b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102659
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Jun 2024 02:18:12 GMT

GET
H2 200 20544071.js Show response
js.hs-scripts.com/ 2 KB
1 KB 154ms
115ms Script
application/javascript 2606:4700::6810:89d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/20544071.js

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dbf45873924e8cbfe926dd92375d0385538d16ccef8a26c1d81b281cbd321a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 3d72be93-8dab-42f0-b0a4-748030d7ef48
x-envoy-upstream-service-time: 4
content-length: 645
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3d72be93-8dab-42f0-b0a4-748030d7ef48
last-modified: Wed, 19 Jun 2024 02:16:41 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.govtech.com
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-jpg76
access-control-allow-credentials: true
cache-control: public, max-age=90
accept-ranges: bytes
cf-ray: 896006f719f72ba3-FRA
expires: Wed, 19 Jun 2024 02:19:43 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 69ms
34ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 19 Jun 2024 02:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ceCldLDyZN6bSQL6yyKLMg==
age: 20280
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Tue, 18 Jun 2024 05:26:32 GMT
server: cloudflare
etag: 0x8DC8F5736CD45E4
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3fa137a4-801e-00bc-029a-c184fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 896006f449635d66-FRA

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 64ms
7ms Script
application/x-javascript 2600:9000:2646:8800:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:8800:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:19:50 GMT
content-encoding: gzip
via: 1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 00:13:00 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 35903
etag: W/"665fad8c-9895"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: w-1hR9SiYU1eKi59kc6hfBiwkpk-69AbahkUZko8yMM4J3hmcYjqcg==
expires: Wed, 19 Jun 2024 16:19:50 GMT

GET
H2 200 gt-with-block.svg
erepublic.brightspotcdn.com/bc/a8/3ad2250148b8a28b31d4bd4edd24/ 7 KB
7 KB 24ms
13ms Image
image/svg+xml 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://erepublic.brightspotcdn.com/bc/a8/3ad2250148b8a28b31d4bd4edd24/gt-with-block.svg
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-96.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34a542361bb2e84a349db9afd6c0379e37e3e86e09b615d85ad774614b5aa588

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 01 Dec 2023 19:32:01 GMT
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
last-modified: Thu, 25 Mar 2021 14:15:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 17304372
etag: "9d199c72327093bd525a8ecfd7bbc9fd"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7241
x-amz-cf-id: Sz-9OTDpvhrbKSK-GGJdA1Exy0bvBNW4rpuPG17uitxid5XUHbQj0A==

GET
H2 200 bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js Show response
erepublic.brightspotcdn.com/resource/00000178-1345-dc1a-a7fd-9f55b8d10000/_resource/analytics/ 9 KB
3 KB 24ms
14ms Script
text/javascript 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://erepublic.brightspotcdn.com/resource/00000178-1345-dc1a-a7fd-9f55b8d10000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-96.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 01 Oct 2023 12:57:26 GMT
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
last-modified: Thu, 08 Apr 2021 19:11:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 22598447
etag: "c066757a8992615b576ac565d39d182d"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3003
x-amz-cf-id: FwMdJm_T8a0rtJZNR_kC0JFowgJGpxk2x3udxx36Ho6mYeVyT8s30g==

GET
H3 200 v2.js Show response
js.hsforms.net/forms/embed/ 482 KB
156 KB 47ms
21ms Script
application/javascript 104.18.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee3184f88b136b6ad521ec8d57fcf138b0c78172ee82e5d8773998bebac6486d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
age: 549
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5387/bundles/project-v2.js&cfRay=895ff98aa9e4bb85-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"56164b8f5dbcf6e65e555e48d5d6176a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5387/bundles/project-v2.js
date: Wed, 19 Jun 2024 02:18:12 GMT
x-amz-version-id: mnlqbpb.vUvH_hPLxl7NeOxIrfIBia92
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: afdd3abd-f22d-40f9-af7e-a01a56cf1efb
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: afdd3abd-f22d-40f9-af7e-a01a56cf1efb
last-modified: Thu, 06 Jun 2024 13:36:59 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F34AFANrKhKduLgGvJATCdiAgHFI%2FLazrvUcdhh6KRlzwrpxg8mLMRyBZGBXlOa4mQUeiGdy674dzmWDL8koxpui%2F2bSO69u5ZSe1FXZsNypKOijg2aW7Exg0bGE9yLw"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-vdptk
cf-ray: 896006f51c889188-FRA
x-amz-cf-id: qYvq6UeuwZNm9Swr2R_q6HRArxzGAKQBAI8l09e0-4vaPkOojQGBYg==

GET
H2 200 gt-rev-footer.svg
erepublic.brightspotcdn.com/d3/0a/68cfab0e4eca977018bcdac61418/ 12 KB
13 KB 8ms
8ms Image
image/svg+xml 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://erepublic.brightspotcdn.com/d3/0a/68cfab0e4eca977018bcdac61418/gt-rev-footer.svg
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-96.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66dc6095f84a6c9a37bb0c74422aee70fd6c03888ce365e17262fbcd11b6623e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 20 Dec 2023 04:29:13 GMT
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
last-modified: Mon, 29 Mar 2021 21:10:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 15716940
etag: "62ee98651fe45ec203e837e23e37e4e4"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 12503
x-amz-cf-id: 2oDiWfRYIxh2fHDOOJ8X_uToZOIg3XZ5zjSAVFl3RzD0VKSddYrRlA==

GET
H2 200 i
sp.tinymce.com/ 43 B
397 B 45ms
8ms Image
image/gif 65.9.66.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tinymce.com/i?aid=invalid-origin&tna=tinymce_cloud&p=web&dtm=1718763493243&stm=1718763493244&tz=Europe%2FBerlin&e=se&se_ca=script_load
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-96.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 06:14:23 GMT
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2017 05:55:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 72231
etag: "fb02f374b8f73825415db1bccd4bd76d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: no-store
accept-ranges: bytes
content-length: 43
x-amz-cf-id: SI-XRhM47AlSqjyirBPbDy7b86HVaKC9alD0Il80KKCSqdpHEP-5Ow==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 44ms
13ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0896fd2604414c514c57e58a506872f11eeef3d78f21e434c434060d57191d50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Jun 2024 02:18:13 GMT
content-md5: zWOfA26cWEv0870ZO/f3wQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1297, tbw=2776, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: hDCjFdLPR/Av1VM0iyV02Nsjy7IQ31Rkra2rXu6mcsZm+v36XrdNOciUiAL3Q1Z1Na185cZ7TLmg4unkP56U8Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: b3f7298ad0134d4e0fad805e3a717462
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "f0889bbaccc40fbdbfa7adf81813817f"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 19 Jun 2024 02:30:47 GMT

GET
H3 200 3YEAZrKW9N6gmvCOSs0V Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 283ms
246ms Script
text/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/3YEAZrKW9N6gmvCOSs0V

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

48c572c7f4b22623ec3852bf721f8d998b30a0546470bec93fdd366ab827e855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 896006f94da99f58-FRA

GET
H2 200 af6bc92a-a4ce-40e7-9435-9f16f3b93bd8.json Show response
cdn.cookielaw.org/consent/af6bc92a-a4ce-40e7-9435-9f16f3b93bd8/ 4 KB
2 KB 44ms
27ms XHR
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/af6bc92a-a4ce-40e7-9435-9f16f3b93bd8/af6bc92a-a4ce-40e7-9435-9f16f3b93bd8.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb7c4fb83a58c4959b9f1e1b8efa4b1a74818b66c631a3c7c245eaa5dba60151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 19 Jun 2024 02:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 20171
content-md5: 9b+jToJLsr99IQAE2gkqNA==
content-length: 1558
x-ms-lease-status: unlocked
last-modified: Tue, 21 Jun 2022 19:03:25 GMT
server: cloudflare
etag: 0x8DA53B8B84EED2D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f8744f45-c01e-0089-72b7-218356000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 896006f92d0e9be8-FRA
expires: Thu, 20 Jun 2024 02:18:13 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 200 KB
69 KB 37ms
37ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-THPTKKX

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c50ba4d83599e60fe0a624ea9655d0a914d2ccf2ffc5d5e72c445d87a23f27fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70209
x-xss-protection: 0
last-modified: Wed, 19 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Jun 2024 02:18:13 GMT

GET
H2 200 hotjar-3502518.js Show response
static.hotjar.com/c/ 9 KB
4 KB 88ms
43ms Script
application/javascript 18.66.102.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3502518.js?sv=6

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-106.fra56.r.cloudfront.net

Software

Resource Hash

1ffbcd2fb764bd207fe8469400ea6ff8b7f5e556c3d06ffce647802c74b6b7b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Jun 2024 02:18:13 GMT
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/0168f10a9f8c5b6e847e756c193338e2
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: o76CHGh_8M7JZeHwzpkV1CM9RXfMGn-7UHechAF2uW3HJgkcUmh4TQ==

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 61ms
18ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700|ProximaNova-Bold:300,400,700

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Origin: https://www.govtech.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Jun 2024 02:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Jun 2024 02:18:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jun 2024 02:18:13 GMT

GET
H2 200 ProximaNova-Regular.1be01815c845b1b946696b3064996a02.woff
erepublic.brightspotcdn.com/resource/00000178-1345-dc1a-a7fd-9f55b8d10000/styleguide/assets/fonts/ 55 KB
55 KB 38ms
8ms Font
application/x-font-woff 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://erepublic.brightspotcdn.com/resource/00000178-1345-dc1a-a7fd-9f55b8d10000/styleguide/assets/fonts/ProximaNova-Regular.1be01815c845b1b946696b3064996a02.woff
Requested by: Host: erepublic.brightspotcdn.com
URL: https://erepublic.brightspotcdn.com/resource/00000178-1345-dc1a-a7fd-9f55b8d10000/styleguide/All.min.9d804c41c25b2c6d2b193d2ee65b9bad.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-96.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7573cae10a3155ebe3f9c7e0f85a90bb89539d891d830a7db2ead27924471a3a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://erepublic.brightspotcdn.com/resource/00000178-1345-dc1a-a7fd-9f55b8d10000/styleguide/All.min.9d804c41c25b2c6d2b193d2ee65b9bad.gz.css
Origin: https://www.govtech.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Sep 2023 20:09:22 GMT
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 22831732
x-cache: Hit from cloudfront
content-length: 55984
last-modified: Wed, 24 Mar 2021 11:33:14 GMT
server: AmazonS3
etag: "abddbdb46fb66bad4e827f8e8ad2b115"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-font-woff
access-control-allow-origin: https://www.govtech.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: y8mBBBkSUD9kePlLvy580QxUOACdJBUKs-IhFVCUAg4jKepFtb5rsw==

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/ 463 KB
144 KB 37ms
8ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js?cb=31084716

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 01:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2497
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147664
x-xss-protection: 0
server: cafe
etag: 1926151935331161023
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 19 Jun 2025 01:36:36 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 62ms
17ms Script
application/javascript 2606:4700::6810:6ffe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20544071.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6ffe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Origin: https://www.govtech.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
age: 222
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=8960018efa9a916b-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"7d377a186677c174f204d466b8fa5fdb"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: collected-forms-embed-js/static-1.503/bundles/project.js
date: Wed, 19 Jun 2024 02:18:13 GMT
x-amz-version-id: WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 3202e375-64d5-4419-88d7-4bdf0fcbef39
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 10
x-evy-trace-route-configuration: listener_https/all
x-request-id: 3202e375-64d5-4419-88d7-4bdf0fcbef39
last-modified: Wed, 15 May 2024 14:34:44 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-ncdrp
cf-ray: 896006f9f9ae9c04-FRA
x-amz-cf-id: P6iD95cnVK5-eRZVAAFGz5yTG6LkTZFhllIf431h6XCjiRc8brMayw==

GET
H2 200 20544071.js Show response
js.hs-analytics.net/analytics/1718763300000/ 67 KB
24 KB 198ms
147ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1718763300000/20544071.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20544071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54facedeac31183e8f620df740c641dd1999369d9a888c4b7c2bc55731617928

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:13 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: HD3QQ58FBD0GYBT1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 1cd532d1-390e-4ea2-9f01-cd7da4056fdc
x-envoy-upstream-service-time: 37
x-amz-id-2: xQaGfyJHqwGz0hPmCpiVJuD+7N4PxC6U4KOIuw5OegvHL/VP8SC6+RVu/+3vcdsG/hatvNQcYdBB+qYx1fYZUA==
x-evy-trace-listener: listener_https
x-request-id: 1cd532d1-390e-4ea2-9f01-cd7da4056fdc
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 04 Jun 2024 00:02:40 GMT
server: cloudflare
etag: W/"073f19c2b5eb246a9d9833d9afce98f4"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-gnznr
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 896006fa0fca9748-FRA
expires: Wed, 19 Jun 2024 02:23:13 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 73ms
26ms Script
application/javascript 2606:4700::6811:df98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20544071.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:df98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c114a5641b9988aecb7a00c47bd1d37d912883ff4ef9c3b9fe6ad21603ab1066

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:13 GMT
x-amz-version-id: 7Zz_oLsqoY3yHsxt9nM5YRwsj1MKwqFV
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 244
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.565/bundles/pixels-release.js&cfRay=896001028a8118df-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 8fba5121-1b57-41f4-ba4b-f78e615f494d
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8fba5121-1b57-41f4-ba4b-f78e615f494d
last-modified: Tue, 18 Jun 2024 12:46:30 UTC
server: cloudflare
etag: W/"b233ea75981268a81228cd819e8fd5eb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-wlmbb
cf-ray: 896006fa0fe39199-FRA
x-amz-cf-id: bbi0qNTlEqE8suU4JWfrt5fPf6m3FT8vUsY7zvwx66r2XLXtx7q1QQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.565/bundles/pixels-release.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/20544071/ 71 KB
26 KB 393ms
334ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/20544071/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20544071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67f511a9e8a24c17b509b6e3ba562b8428505a41466708c4091dc4b7d0f3fe7a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:13 GMT
x-amz-version-id: Q_1RNzp0xbtSSYaifwFQOavDf4IUPI7a
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: Y4R6BRCTS6QNCD1C
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 89d88b3a-373b-4226-ba2a-271cef3fa290
x-envoy-upstream-service-time: 37
x-amz-id-2: 6vZP5IHf/jg34nZncfY9XIHJpWr1i5buztp46zNQsRmk66cWBVI0cUoL5RXxOccTz1kPv+rc87w=
x-evy-trace-listener: listener_https
x-request-id: 89d88b3a-373b-4226-ba2a-271cef3fa290
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 04 Jun 2024 00:02:40 GMT
server: cloudflare
etag: W/"69fbb867ca012ba9d206d0476b7afac8"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.governing.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-gnznr
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 896006fa1937363b-FRA
expires: Wed, 19 Jun 2024 02:23:13 GMT

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc8adc8da618730d44f693c94526935e9973f2f150c41f4cbeb289e134a7ff9e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 _track Show response
www.govtech.com/ 0
293 B 325ms
323ms XHR
text/plain 18.66.122.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.govtech.com/_track
Requested by: Host: erepublic.brightspotcdn.com
URL: https://erepublic.brightspotcdn.com/resource/00000178-1345-dc1a-a7fd-9f55b8d10000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-73.fra60.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Jun 2024 02:18:13 GMT
x-envoy-decorator-operation: brightspot-cms-verify.erepublic.svc.cluster.local:80/*
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 13
x-amz-cf-id: vKUv-2Zl5vmPYHmF9J7wdJf0iMdAO7O8lMyH6fJc35Kgs8P55YUwZA==

GET
H2 200 ProximaNova-Bold.15407d36652ef2f57920058fa4a11aed.woff
erepublic.brightspotcdn.com/resource/00000178-1345-dc1a-a7fd-9f55b8d10000/styleguide/assets/fonts/ 56 KB
57 KB 9ms
8ms Font
application/x-font-woff 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://erepublic.brightspotcdn.com/resource/00000178-1345-dc1a-a7fd-9f55b8d10000/styleguide/assets/fonts/ProximaNova-Bold.15407d36652ef2f57920058fa4a11aed.woff
Requested by: Host: erepublic.brightspotcdn.com
URL: https://erepublic.brightspotcdn.com/resource/00000178-1345-dc1a-a7fd-9f55b8d10000/styleguide/All.min.9d804c41c25b2c6d2b193d2ee65b9bad.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-96.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13b4db5ab3c753292fd73c63cf9ca663960d140d90316a2fcb6c239c7afd920a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://erepublic.brightspotcdn.com/resource/00000178-1345-dc1a-a7fd-9f55b8d10000/styleguide/All.min.9d804c41c25b2c6d2b193d2ee65b9bad.gz.css
Origin: https://www.govtech.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 13 Sep 2023 07:29:47 GMT
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 24173307
x-cache: Hit from cloudfront
content-length: 57804
last-modified: Wed, 24 Mar 2021 11:33:15 GMT
server: AmazonS3
etag: "f2b3778db4bee7715d4b3a3119d9340d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-font-woff
access-control-allow-origin: https://www.govtech.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: 1mvRMWv4V3s6XypGS1humWYugcBZ1LPyrdsaAE0418s8eVQASW-28w==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 68ms
25ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept: application/json
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 896006fa3ba2914a-FRA
access-control-allow-headers: Content-Type

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 39ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-732206-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Jun 2024 01:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2230
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 19 Jun 2024 03:41:03 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 46ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DLKHJ6T8K5&gtm=45je46h0v886345943za200&_p=1718763493278&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=793058372.1718763493&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718763493&sct=1&seg=0&dl=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&dt=Cyber%20Attack%20Hits%20Agency%20That%20Oversees%20Illinois%20Insurance&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1773&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DLKHJ6T8K5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 02:18:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.govtech.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
245 B 67ms
20ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DLKHJ6T8K5&cid=793058372.1718763493&gtm=45je46h0v886345943za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DLKHJ6T8K5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 02:18:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.govtech.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 36ms
17ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DLKHJ6T8K5&cid=793058372.1718763493&gtm=45je46h0v886345943za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=84025755

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 02:18:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/20544071/4b63ba82-f400-4842-b2e3-adbb676d735c/ 3 KB
2 KB 162ms
136ms XHR
application/json 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/20544071/4b63ba82-f400-4842-b2e3-adbb676d735c/json?hs_static_app=forms-embed&hs_static_app_version=1.5387&X-HubSpot-Static-App-Info=forms-embed-1.5387

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef8c51ddade97595d1e723d370b1d756b0b7f8cf98bc06899a5fe9a79737dde2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-origin-hublet: na1
date: Wed, 19 Jun 2024 02:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c71ec72b-f4f4-4436-ac4f-ce7e58740f6d
x-envoy-upstream-service-time: 18
alt-svc: h3=":443"; ma=86400
content-length: 1327
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c71ec72b-f4f4-4436-ac4f-ce7e58740f6d
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.govtech.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 896006fafea52c26-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-cgx6f

GET
DATA 200
OK truncated
/ 88 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09cc6f343c0c49a0ed3a85bd8669509f4995199ac002b701ab8b1be8b7c66a89

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 v2.js Show response
js.hsforms.net/forms/embed/ 482 KB
1 KB 42ms
38ms Script
application/javascript 104.18.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee3184f88b136b6ad521ec8d57fcf138b0c78172ee82e5d8773998bebac6486d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
age: 550
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5387/bundles/project-v2.js&cfRay=895ff98aa9e4bb85-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"56164b8f5dbcf6e65e555e48d5d6176a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5387/bundles/project-v2.js
date: Wed, 19 Jun 2024 02:18:13 GMT
x-amz-version-id: mnlqbpb.vUvH_hPLxl7NeOxIrfIBia92
via: 1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: afdd3abd-f22d-40f9-af7e-a01a56cf1efb
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: afdd3abd-f22d-40f9-af7e-a01a56cf1efb
last-modified: Thu, 06 Jun 2024 13:36:59 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JG5S613S5g5%2B8USeC9uM6UfYk32P6t99TCUkkDrBRDBKmF5O1nfDYl%2BMRcwQ4sQP2wYf1nUImfwvDTOYL8VDfANSYq%2BypUFk8Zt7ZcT%2FCy0s5gCcthGghwUjY0HjLfxf"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-vdptk
cf-ray: 896006fad8029188-FRA
x-amz-cf-id: qYvq6UeuwZNm9Swr2R_q6HRArxzGAKQBAI8l09e0-4vaPkOojQGBYg==

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.36.0/ 362 KB
86 KB 26ms
23ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.36.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00bab1a0ca70bae23e6e733c1b78045476a2d2688aa0c5cf26fc7efa81ccaa0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 19 Jun 2024 02:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8atDBk1Pe2rTtV5h1AnhkA==
age: 24920
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 87793
x-ms-lease-status: unlocked
last-modified: Tue, 07 Jun 2022 19:29:06 GMT
server: cloudflare
etag: 0x8DA48BBFD0F8D63
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 538af368-601e-0039-207f-22c29f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 896006fadc605d66-FRA

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 305 KB
87 KB 33ms
23ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e26df9f03de20877170d9c9e6417abb8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

4b8e86d86bde3098e04e472018122c51c388047ed623eaa1464143df92bd6250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Origin: https://www.govtech.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Jun 2024 02:18:13 GMT
content-md5: ADorNOcTBNAROLWJ0ClaTA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89055
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4290, tp=9, tpl=0, uplat=3, ullat=-1
x-fb-debug: wJEK7Fcn4IIuxAN5t9NWm4Sx5gEqTnRtKSfFqaLwXUf8yDxQBXJu1CxA2cBj9yWMe3gSD/BFl7fI4BCCxJ3W2g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 6ebb977d80c0bdcb07e05765d5c69202
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "f964227e2ab365a26b534e072342a06f"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 19 Jun 2025 01:02:54 GMT

GET
H2 200 modules.d7e8b7276297041c77dc.js Show response
script.hotjar.com/ 223 KB
55 KB 74ms
9ms Script
application/javascript 13.32.27.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d7e8b7276297041c77dc.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3502518.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-19.fra56.r.cloudfront.net

Software

Resource Hash

5386276d7b39f169894ac43f599ff63b5b8dbe70545e243dd30315367f227edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 14:14:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 129847
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56173
last-modified: Mon, 17 Jun 2024 14:13:59 GMT
etag: "6450b6d7fa3e5db2598f02650685bdec"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: BPpTwDIjBCWI8TfY3glTq-Ob0YrbGEwEMKHcq2vHxEGPbQU3yQhaug==

GET
H2 200 boomerang.min.js Show response
cdn.feathr.co/js/ 189 KB
54 KB 64ms
24ms Script
text/javascript 2606:4700:20::ac43:4415
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.feathr.co/js/boomerang.min.js
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4415 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a62f2c0519d7fd8026c2590579549f279211f0144ccc7cdd0142ced78c9f76d4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:13 GMT
x-amz-version-id: vlIFmG8_cgr51HmXLXbNtnFuK3ZShbu.
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 33FC8J836JQ6RDY4
age: 5517
x-amz-id-2: N0v1tO9wNZFzIklVhcl5NAsWJY47itEaofyJZC4dsaH2ihkbBzcvcwu+qatpOUXH7UEpNDt92io=
last-modified: Thu, 11 Apr 2024 19:05:07 GMT
server: cloudflare
etag: W/"0f03cb726e27f7ec9ff0d7fe50d7de72"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qvcF4FInYrHesumlGORAfiIia2kquxPVeGnIhBudFomCaSw%2BOWziM%2FIkcOQ5zwK9yuDa87oNgQQs3N8DzHsd%2Bg72LXxN%2FM%2FwZv9BWA%2BHNwZKNQ0NlD4e%2FNwLWfDRBppB9%2BR7dDWFC5iimQo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 896006fb9bffbbbf-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 15ms
14ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1758727624&t=pageview&_s=1&dl=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&ul=de-de&de=UTF-8&dt=Cyber%20Attack%20Hits%20Agency%20That%20Oversees%20Illinois%20Insurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1264831622&gjid=676179736&cid=793058372.1718763493&tid=UA-732206-2&_gid=1848471362.1718763494&_r=1&gtm=457e46h0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=1308198859

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 02:18:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.govtech.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 135 B
432 B 134ms
128ms XHR
application/json 2606:4700::6810:6ffe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=20544071&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6ffe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51ed80e0ce7099dff0c5cde218d6ee9e28c36cfe67f39853ae45d0df1f365377

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d896c73c-2145-40f5-83f4-41b5a402601e
x-envoy-upstream-service-time: 15
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d896c73c-2145-40f5-83f4-41b5a402601e
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.govtech.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-vdptk
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 896006fc0ab29c04-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 22ms
20ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-732206-2&cid=793058372.1718763493&jid=1264831622&gjid=676179736&_gid=1848471362.1718763494&npa=1&_u=YADAAUAAAAAAACAAI~&z=1261781072

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Jun 2024 02:18:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.govtech.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/20544071/65ed2cb9-d1ef-4f39-b681-fb4e91129663/ 3 KB
2 KB 130ms
129ms XHR
application/json 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/20544071/65ed2cb9-d1ef-4f39-b681-fb4e91129663/json?hs_static_app=forms-embed&hs_static_app_version=1.5387&X-HubSpot-Static-App-Info=forms-embed-1.5387

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8317612abb9dec5aca64d9572326083026928f24218c830d6387e64aef8a2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-origin-hublet: na1
date: Wed, 19 Jun 2024 02:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0eecfe87-1783-483b-b01e-bf5746fe2ebb
x-envoy-upstream-service-time: 19
alt-svc: h3=":443"; ma=86400
content-length: 1329
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0eecfe87-1783-483b-b01e-bf5746fe2ebb
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.govtech.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 896006fc1f272c26-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-zwbwx

GET
DATA 200
OK truncated
/ 88 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2501458e0e2c22ec853c707f698d3958dfc9d54ecdba6dfd37bf6d1ede37786a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK dpm_37585335691c5a6647266cf0d14de500031ffb07.min.js Show response
s.dpmsrv.com/ 32 KB
12 KB 66ms
7ms Script
application/x-javascript 13.32.99.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_37585335691c5a6647266cf0d14de500031ffb07.min.js
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-71.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b568078c78ac35df8e94ce1e16e39b98d604ef7734ba9ed0291500205439a472

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 05:09:49 GMT
Content-Encoding: gzip
Via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
Last-Modified: Thu, 28 Mar 2024 15:50:13 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P3
Age: 76243
x-amz-server-side-encryption: AES256
ETag: "20816a1fea33ba254fdc745d927a56bf"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11373
X-Amz-Cf-Id: ld2CopnAUDSt4WKu3V4dv1Gp_deIqrAPDvdvM0jFVHAX0SPrFTJNVQ==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
14 KB 149ms
35ms Script
application/javascript 2a02:26f0:780::210:ca3b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:ca3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jun 2024 16:46:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=65795
accept-ranges: bytes
content-length: 14004

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/af6bc92a-a4ce-40e7-9435-9f16f3b93bd8/165b81e9-5285-4ee6-9e77-b703da9c80c8/ 31 KB
8 KB 29ms
28ms Fetch
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/af6bc92a-a4ce-40e7-9435-9f16f3b93bd8/165b81e9-5285-4ee6-9e77-b703da9c80c8/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.36.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77e81ce3ba7e9446d8c7b28030a76fd14d8702904318065ddf808748b19f50f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 19 Jun 2024 02:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6356
content-md5: Gv4th/iCQuqYlOPFyxzh/w==
content-length: 8088
x-ms-lease-status: unlocked
last-modified: Tue, 21 Jun 2022 19:03:27 GMT
server: cloudflare
etag: 0x8DA53B8B91972AB
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6d16e0c0-401e-0048-7128-b673f4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 896006fc2ed99be8-FRA
expires: Thu, 20 Jun 2024 02:18:13 GMT

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
882 B 148ms
124ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7f9967b1-e04d-479f-8f7f-951f8e8010aa
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7f9967b1-e04d-479f-8f7f-951f8e8010aa
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-gzqtc
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 896006fd08ad3838-FRA

GET
H2 200 integrations Show response
polo.feathr.co/v1/accounts/61b37535300097efae7173bb/ 20 B
683 B 282ms
215ms XHR
application/json 2606:4700:20::ac43:4415
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/accounts/61b37535300097efae7173bb/integrations

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4415 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e193af561ebea22e588f5f525947a5b7f3f2aaca6f6fe8a40f6db8bd6f14ff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:14 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jgd0y2J7RyuVBd25g3l6bBxJfcSZpNGocj0UgwJBQYwavoOxTlCZxunruD0OFZgExKiTiX%2FVGXhKAUQsgC8hNUnhKnt6fZlLT8PJu5mcQVLeKtAR%2FSUbe6VPIkQ8OSOPAI8tsc8Rd%2BiphzQQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 896006fdfece39f1-FRA
access-control-allow-headers: AccountId, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Range, ReportObject, ReportType, User-Agent, X-API-Key, X-Requested-With
content-length: 20

GET
H2 200 refresh
marco.feathr.co/v1/ 43 B
626 B 372ms
292ms Image
image/gif 18.245.46.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marco.feathr.co/v1/refresh
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-29.fra56.r.cloudfront.net
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:14 GMT
via: 1.1 e47c87f8fd9c4c08ac7559d0bcc2b4c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
x-amzn-requestid: 421cd6f1-0467-4d2b-8347-11a5dd568fe5
x-amzn-trace-id: Root=1-66723fe6-34c633644a4870aa6562b5ac;Parent=3c162678385fbc30;Sampled=0;lineage=5eb2f403:0
access-control-allow-methods: *
content-type: image/gif
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-apigw-id: Zl7sCFHKIAMEfsg=
content-length: 43
x-amz-cf-id: _wEc8Ya0jFb8pz5ZiNFVJvBQLNpt5FRd_WusNCf6OqnzALJJLUl-Yg==
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 87ms
25ms Image
image/gif 216.58.212.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-732206-2&cid=793058372.1718763493&jid=1264831622&npa=1&_u=YADAAUAAAAAAACAAI~&z=1487855991

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f164.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 02:18:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 19ms
17ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-732206-2&cid=793058372.1718763493&jid=1264831622&npa=1&_u=YADAAUAAAAAAACAAI~&z=1487855991

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 02:18:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 297ms
92ms Image
image/gif 34.202.136.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=govtech.com&p=%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&u=BKUE2xBNOnbasJDTX&d=govtech.com&g=46219&g0=Editorial&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6937&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&b=2303&t=BXUjB0CW0-QYD9lmWoBN2ZPzBQkchT&V=147&i=Cyber%20Attack%20Hits%20Agency%20That%20Oversees%20Illinois%20Insurance&tz=-120&sn=1&sv=DmeFzaCxHcosBOQ_r8BzWgSwCf2c9U&sr=external&sd=1&im=067b2fff&_
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.136.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-136-61.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 19 Jun 2024 02:18:14 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 /
erepublic.brightspotcdn.com/dims4/default/cad8581/2147483647/strip/true/crop/1200x626+0+87/resize/840x438!/format/webp/quality/90/ 43 KB
43 KB 301ms
300ms Image
image/webp 18.66.147.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://erepublic.brightspotcdn.com/dims4/default/cad8581/2147483647/strip/true/crop/1200x626+0+87/resize/840x438!/format/webp/quality/90/?url=http%3A%2F%2Ferepublic-brightspot.s3.us-west-2.amazonaws.com%2F58%2Ff1%2F176a36fb23ff57fd6c2dfe80b58d%2Fillinois-capitol-snow.jpg
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-96.fra60.r.cloudfront.net
Software: istio-envoy /
Resource Hash: b742a2ad0df4a19ea153bf95610d286ca9e60fe9456f6950f2ee8ff5d83cc894

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:14 GMT
x-envoy-decorator-operation: brightspot-dims-verify.erepublic.svc.cluster.local:80/*
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-envoy-upstream-service-time: 145
content-length: 43604
x-amz-cf-id: H4kDzyuEJMXEr30PTGSuisxwwHQdb0y_vMcFiqp5d2eTsE7l5emqkw==
expires: Thu, 19 Jun 2025 02:18:14 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 673 B
385 B 52ms
31ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4154363301202606&correlator=2673359333809492&eid=44809527%2C31083344%2C31084209%2C31084716%2C31084270%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406170101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=70114778%2CR2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1718763494142&lmt=1718763494&adxs=1080&adys=1097&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&vis=1&psz=320x907&msz=300x40&fws=132&ohw=300&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1718763492463&idt=1221&prev_scp=id%3D0000017e-2566-d854-ad7f-ffe7a1590000%26tags%3DCybersecurity%2CState%2520Government%26path%3Dsecurity%26slot%3DR4%26site%3Dwww.govtech.com%26URLName%3Dcyber%252C%2520attack%252C%2520hits%252C%2520agency%252C%2520that%252C%2520oversees%252C%2520illinois%252C%2520insurance&adks=1681125736&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js?cb=31084716

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

462e86ac1f36ccc0b1e8ffd80fd334cc2f8ed8c1fd7bc45dbd9d94700968f6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.govtech.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 505 B
241 B 62ms
42ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4154363301202606&correlator=1828525963687606&eid=44809527%2C31083344%2C31084209%2C31084716%2C31084270%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406170101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=70114778%2CI1&enc_prev_ius=%2F0%2F1&prev_iu_szs=640x480&ifi=2&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1718763494161&lmt=1718763494&adxs=480&adys=225&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&vis=1&psz=1600x-1&msz=640x-1&fws=644&ohw=640&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1718763492463&idt=1221&prev_scp=id%3D0000017e-2566-d854-ad7f-ffe7a1590000%26tags%3DCybersecurity%2CState%2520Government%26path%3Dsecurity%26slot%3DI1%26site%3Dwww.govtech.com%26URLName%3Dcyber%252C%2520attack%252C%2520hits%252C%2520agency%252C%2520that%252C%2520oversees%252C%2520illinois%252C%2520insurance&adks=3135770918&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js?cb=31084716

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

3c8d75d1d7db27c3e195d27eb31b01c828df637e80388b83e20d704c383bdfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 212
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.govtech.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f5058aa24d11363bbf941a4bdd5dc64e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6CF2 0
0 70ms
15ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f5058aa24d11363bbf941a4bdd5dc64e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js?cb=31084716

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.govtech.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jun 2024 02:18:14 GMT
expires: Wed, 19 Jun 2024 02:18:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
536 B 128ms
127ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 33976fb6-3aba-4569-a577-4e9f46e0cae2
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 33976fb6-3aba-4569-a577-4e9f46e0cae2
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-rx5cb
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 896006feb9973838-FRA

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
537 B 127ms
126ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6cce1929-74dc-47f1-ba67-6eca5bcc6036
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6cce1929-74dc-47f1-ba67-6eca5bcc6036
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-8jmrd
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 896006fee9ad3838-FRA

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
573 B 133ms
119ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 68b40183-ac81-478b-bf09-714dd9b99fd2
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 68b40183-ac81-478b-bf09-714dd9b99fd2
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-ztdvw
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 896006ff2aae190d-FRA

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 164 B
1 KB 182ms
137ms XHR
application/json 2606:4700::6812:f36c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=20544071

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f36c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b40aa5f44ef04d43b7f6e670ba4068ec31a1c896ed1dbf54e58dcfceb94cbe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 347bf0b3-ebe0-44fd-8b30-f348b7b31213
content-encoding: br
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 347bf0b3-ebe0-44fd-8b30-f348b7b31213
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.govtech.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-q6gqp
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vn%2FZd7pNCN3fYwtOCNhHsd9GkAlctLml8CQaBwDWyOl44tD%2BY6gO%2Bg9ivC7xKwL6RLlD6X%2BGq8qNtbx7BpAJXtvluln3WyFWB%2FHHhqhhrYV%2FKyGjW188THG%2BwSC1%2FF%2Bmt1QsM0VkIeqxHWcY"}],"group":"cf-nel","max_age":604800}
cf-ray: 896006ff5efb1d92-FRA
access-control-allow-headers: *

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.36.0/assets/ 10 KB
3 KB 33ms
21ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.36.0/assets/otFloatingFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.36.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b663ab6a199de613fa46b2c524da1bfb8a889234879c5ccdb239602468e5f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 19 Jun 2024 02:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: sWjckbdOvgydwUcvfWpTOw==
age: 57592
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2690
x-ms-lease-status: unlocked
last-modified: Tue, 07 Jun 2022 19:28:57 GMT
server: cloudflare
etag: 0x8DA48BBF739F02A
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: b56c12b6-501e-0040-5167-793ebb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 896006ff48899be8-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.36.0/assets/v2/ 60 KB
14 KB 26ms
18ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.36.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.36.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f909a5e70e295f988f59a91bfbf9a4717b6432a959be54dea955a2ee7e522ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 19 Jun 2024 02:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: A8S8V8ufBrkYMxOCv4z2Eg==
age: 60113
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13730
x-ms-lease-status: unlocked
last-modified: Tue, 07 Jun 2022 19:28:58 GMT
server: cloudflare
etag: 0x8DA48BBF85E2243
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ff3b5389-f01e-0066-302f-0d76a3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 896006ff488b9be8-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/6.36.0/assets/ 5 KB
2 KB 25ms
20ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.36.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.36.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 19 Jun 2024 02:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ApduCpj4FmzFcTCIQw6wEw==
age: 19353
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1767
x-ms-lease-status: unlocked
last-modified: Tue, 07 Jun 2022 19:28:58 GMT
server: cloudflare
etag: 0x8DA48BBF7E46FBD
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: b6d4b973-901e-0012-35d7-264253000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 896006ff588c9be8-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.36.0/assets/ 21 KB
4 KB 27ms
22ms Fetch
text/css 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.36.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.36.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 19 Jun 2024 02:18:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: /wtHD+oYY7dZRzCx50GZrQ==
age: 36148
x-ms-lease-status: unlocked
last-modified: Tue, 07 Jun 2022 19:29:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 7ad2b6c7-201e-003a-3dd1-9b2c8f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 896006ff588d9be8-FRA

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D1499%26pixelIndex%3D0%26r%3D583861%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252F...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D1499%2526pixelIndex%253D0%2526r%2...
https://a.dpmsrv.com/dpmpxl/index.php?id=1060575221409163253&zn=&sn=&q=xImp&v=1.x&cl=1499&pixelIndex=0&r=583861&tzOffset=-120&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency...

242 B
994 B

417ms
92ms

Script
text/javascript

52.44.173.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=1060575221409163253&zn=&sn=&q=xImp&v=1.x&cl=1499&pixelIndex=0&r=583861&tzOffset=-120&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Protocol: HTTP/1.1
Server: 52.44.173.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-173-20.compute-1.amazonaws.com
Software: /
Resource Hash: 09f52bcc208d4664e92023eb0b82cf61be7bfb512043c4a6acc3d66dac0fa38e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.govtech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 215
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 19 Jun 2024 02:18:14 GMT
an-x-request-uuid: 97ce0932-cd35-428e-8e3b-956e5b1623e0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://a.dpmsrv.com/dpmpxl/index.php?id=1060575221409163253&zn=&sn=&q=xImp&v=1.x&cl=1499&pixelIndex=0&r=583861&tzOffset=-120&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance
x-proxy-origin: 81.95.5.40; 81.95.5.40; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
536 B 158ms
113ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 73c0782c-9b11-41e6-a85f-84d7c88d34fb
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 73c0782c-9b11-41e6-a85f-84d7c88d34fb
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-md7fl
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 896006ffaa353838-FRA

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
812 B 222ms
168ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=747380&time=1718763494303&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: *
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:14 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 2268F67265554957A75189CED87F4EBD Ref B: FRAEDGE1917 Ref C: 2024-06-19T02:18:14Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYbNM+J5P4UjaFDjVonyA==
x-fs-uuid: 00061b34cf89e4fe148da1438d5a27c8

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=747380&time=1718763494303&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=747380&time=1718763494303&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D747380%26time%3D1718763494303%26url%3Dhttps%253A%252F%252Fwww.govtech.com%252Fsec...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=747380&time=1718763494303&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&cookiesTest=tru...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=747380&time=1718763494303&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&cookiesTest=tr...

0
266 B

234ms
194ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=747380&time=1718763494303&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&cookiesTest=true&liSync=true&e_ipv6=AQKY_CAvqEyTnAAAAZAuSZ5cO2erGdN31N__EvegcnRXnVGI75HELt9eNGx0F3aerA
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.govtech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 19 Jun 2024 02:18:15 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: C5CF29D010E74F25B54D2B38B3027857 Ref B: FRAEDGE1806 Ref C: 2024-06-19T02:18:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYbNM+WD06ANws+5gzSyQ==

Redirect headers

date: Wed, 19 Jun 2024 02:18:14 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 45DA878FC8AD4DC6A22A1E514371CB04 Ref B: DUS30EDGE0806 Ref C: 2024-06-19T02:18:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=747380&time=1718763494303&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&cookiesTest=true&liSync=true&e_ipv6=AQKY_CAvqEyTnAAAAZAuSZ5cO2erGdN31N__EvegcnRXnVGI75HELt9eNGx0F3aerA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYbNM+Sf1+4IQ3xIIZ95A==

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 20ms
20ms Image
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Requested by

Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 19 Jun 2024 02:18:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: LpuayL42jB78xRllx0vkOw==
age: 60478
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jun 2024 02:35:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c61c086c-d01e-00eb-01ac-bd6d76000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 896007002ebe5d66-FRA

GET
H2 200 script.js Show response
polo.feathr.co/v1/analytics/match/ 120 B
698 B 227ms
225ms Script
text/javascript 2606:4700:20::ac43:4415
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/analytics/match/script.js?a_id=61b37535300097efae7173bb&pk=feathr2&cb=1718763494449

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4415 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f728ead9efdc59a21ab9a4ee2c0376e0a40fe4023a5acab704fe0b33d8e1cda8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66723fe6f3241d000811350a"
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
content-type: text/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hTTsPdaUW0lZVIiC5DudzaPpocfBwIh0C4tudob5KtL7vIBL7MzMKIO0kwmNC4Eaw48Jj1icyiwdvG3ly75dgK%2BqZKQ8sDpDuGG1FboGHaRTjabGJ%2BiC6XnlHS1t3698Kx6xUUA%2BtQBvV7fZ"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, max-age=0
access-control-allow-credentials: true
cf-ray: 896007005f2cbbbf-FRA
access-control-allow-headers: AccountId, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Range, ReportObject, ReportType, User-Agent, X-API-Key, X-Requested-With

GET pixel.js
polo.feathr.co/v1/accounts/61b37535300097efae7173bb/ 0
0

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
0 0ms
0ms Script
application/javascript 2a02:26f0:780::210:ca3b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:ca3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jun 2024 16:46:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=65795
accept-ranges: bytes
content-length: 14004

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
621 B 188ms
187ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://www.govtech.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:13 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A73EC7ED818049F1B1C3187E0B3DF583 Ref B: DUS30EDGE0806 Ref C: 2024-06-19T02:18:14Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://www.govtech.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYbNM+L1Nlo/J5sKlVnGg==

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ 170 B
409 B 49ms
16ms Script
image/png 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=1060575221409163253&pixelIndex=0

Requested by

Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_37585335691c5a6647266cf0d14de500031ffb07.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

071d0a5d172af491aedca9041f20e830d25fd4d339a1006bca3bed949069aa30

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 02:18:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
98 B 50ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=1060575221409163253
Requested by: Host: www.govtech.com
URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:14 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 170ms
131ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3598200494&v=1.1&a=20544071&rcu=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&pu=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&t=Cyber+Attack+Hits+Agency+That+Oversees+Illinois+Insurance&cts=1718763495339&vi=2640db903e425214b12e3a47774076ae&nc=true&u=59400946.2640db903e425214b12e3a47774076ae.1718763495335.1718763495335.1718763495335.1&b=59400946.1.1718763495336&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 07c51127-8819-45b0-b986-001471dd9789
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 7
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 07c51127-8819-45b0-b986-001471dd9789
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3DhpOAtS0cAzEt5i3yQpq9VJyTwLfK2tmQOkQQ%2FWySNOYL9%2F92XOf%2FVxujxU2gf1qlD9HN8kZGXCjNSN16Ca4xNAHzbdTVWURurRzK1dohNa5oNUMDbABPgj75xpdKMW31QcWt3n4mUSjyKI3Chp"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-d8gbc
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 896007062e2b8edc-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
748 B 153ms
137ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=4b63ba82-f400-4842-b2e3-adbb676d735c&fci=f0d556a1-a632-426b-a4ed-26077c94fd51&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3598200494&v=1.1&a=20544071&rcu=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&pu=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&t=Cyber+Attack+Hits+Agency+That+Oversees+Illinois+Insurance&cts=1718763495344&vi=2640db903e425214b12e3a47774076ae&nc=true&u=59400946.2640db903e425214b12e3a47774076ae.1718763495335.1718763495335.1718763495335.1&b=59400946.1.1718763495336&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1e38ede3-7b96-4bad-bcf5-1c96cad8d643
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 13
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1e38ede3-7b96-4bad-bcf5-1c96cad8d643
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3O9r1pDbLayOjNyN%2B7pnuso1eqJ8odHNkA9BTHCOG7irU7HxjK1BWuXr0LmnZeHqHtR6u47pt0HSwZ6fQdep99KYjZgCOcW9di%2FxRq7AOBIt1Aw6gGwllV1jFM7pX40EY0gmBAyPPhxvH4HEMiLk"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-wmbn8
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 896007062e2e8edc-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 164ms
150ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=65ed2cb9-d1ef-4f39-b681-fb4e91129663&fci=f80967d9-389d-472e-8723-af16f4f02cc5&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3598200494&v=1.1&a=20544071&rcu=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&pu=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&t=Cyber+Attack+Hits+Agency+That+Oversees+Illinois+Insurance&cts=1718763495344&vi=2640db903e425214b12e3a47774076ae&nc=true&u=59400946.2640db903e425214b12e3a47774076ae.1718763495335.1718763495335.1718763495335.1&b=59400946.1.1718763495336&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 25264090-830f-4809-b720-5670c29a46df
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 17
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 25264090-830f-4809-b720-5670c29a46df
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NHjSlwuhokK9bCxrclNoeb%2F13cjDzPFDhPjtBb0V1oDJe%2FbRcsX5zPTe%2FEVFALzXdI%2B5NMSy6KotVW0mIZ27ELez8p6U8gXflHOdv7sfhlTmuKLXTx99iiuRHDwcM82oh8gwHAjlOAyXX2XTYWsE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-xnssc
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 896007062e2d8edc-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
758 B 156ms
142ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=4b63ba82-f400-4842-b2e3-adbb676d735c&fci=f0d556a1-a632-426b-a4ed-26077c94fd51&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3598200494&v=1.1&a=20544071&rcu=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&pu=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&t=Cyber+Attack+Hits+Agency+That+Oversees+Illinois+Insurance&cts=1718763495345&vi=2640db903e425214b12e3a47774076ae&nc=true&u=59400946.2640db903e425214b12e3a47774076ae.1718763495335.1718763495335.1718763495335.1&b=59400946.1.1718763495336&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 3ff63a65-d648-4fcf-9c85-b4f9507357ce
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 18
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3ff63a65-d648-4fcf-9c85-b4f9507357ce
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2FIQbEpV%2F%2BmU%2F3S4Orl%2BsPjM3%2BHV94SNXfZfFDuP0Yr49K5OF39G59g4pOn0jzt3HNmuIkP2HMj3t24q6WEJ7ouYgAlPfsimhPN%2BL%2BmFdosGhQTdiZ11N6UtGFaCGzWtnhLU2whipAlHzOIfHHJb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-xnssc
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 896007062e2f8edc-FRA
x-robots-tag: none

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
12 KB 58ms
58ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202406170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js?cb=31084716

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1cfa86db65397657780a455ab1abbaff6c8966723dd1d72459de3d2e3ceb7b5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12749
x-xss-protection: 0

GET
H/1.1 200
OK index.php Show response
a.dpmsrv.com/dpmpxl/ 5 B
1 KB 92ms
91ms Script
text/javascript 52.44.173.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?zn=&sn=&q=xSeg&v=1.x&ep%5Bids%5D=36787205%2C36964625&cl=1499&pixelIndex=0&r=183727&tzOffset=-120&url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&id=1060575221409163253
Requested by: Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_37585335691c5a6647266cf0d14de500031ffb07.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.173.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-173-20.compute-1.amazonaws.com
Software: /
Resource Hash: fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 31
Expires: 0

GET
H2 200 seg
ib.adnxs.com/ 43 B
1 KB 19ms
19ms Image
image/gif 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/seg?member=827&add=36787205,36964625

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 02:18:15 GMT
an-x-request-uuid: 800a6d8b-e29c-48ed-aa9b-f4aa0c1370b7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.40; 81.95.5.40; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 favicon-16x16.png
www.govtech.com/ 695 B
1 KB 13ms
11ms Other
image/png 18.66.122.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.govtech.com/favicon-16x16.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-73.fra60.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 5acbc2918d13eb890701fb47e5278316640777db82d8a3e22abd3e32e5c9a80c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:15:52 GMT
content-encoding: gzip
x-envoy-decorator-operation: brightspot-cms-verify.erepublic.svc.cluster.local:80/*
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA60-P2
age: 143
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png;charset=UTF-8
x-envoy-upstream-service-time: 54
content-length: 718
x-amz-cf-id: bEkACin6ruMFKeNHI1FRlFd6Bpr0XbS8n6bvsPVZjI2ZiWlfdDOKKw==

GET
H2 200 favicon-32x32.png
www.govtech.com/ 1 KB
2 KB 337ms
337ms Other
image/png 18.66.122.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.govtech.com/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-73.fra60.r.cloudfront.net
Software: istio-envoy /
Resource Hash: d858093046131f2fb7aba0561113e4a0e2ed5a67a00786b266d42269b466c06d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:15 GMT
content-encoding: gzip
x-envoy-decorator-operation: brightspot-cms-verify.erepublic.svc.cluster.local:80/*
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/png;charset=UTF-8
x-envoy-upstream-service-time: 42
content-length: 1420
x-amz-cf-id: c_S30obC_fiVgwSKONHlSsPGF7UKWt7ti5EjdkIUFXZ03bWqwOukGA==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 176ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js?cb=31084716

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 02:18:15 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4C69 0
0 29ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.govtech.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 2551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jun 2024 01:35:44 GMT
expires: Thu, 19 Jun 2025 01:35:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 crumb
polo.feathr.co/v1/analytics/ 43 B
376 B 124ms
123ms Image
image/gif 2606:4700:20::ac43:4415
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://polo.feathr.co/v1/analytics/crumb?cb=1718763499014&a_id=61b37535300097efae7173bb&ses_id=66723fe6a90ac374b2a85fcf&flvr=page_view&loc_url=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&s_w=1600&s_h=1200&b_w=1600&b_h=1200&cust_params=e30=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4415 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.govtech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:18:19 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vTG2ES5Of0PPEeB%2BXbERsdNVfAMe9NcqJxAE694gn3j7p4kSLGYkq5lKaGQtUGJ8uAu7GPl%2BrGuKhlmplAwBgc9HyoNHrm0VJF%2BpIZ1pOUjbbFJWCjU2xxgOLR1y%2BjKocsi50wO2tLCiU28p"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0,no-cache,no-store
access-control-allow-credentials: true
cf-ray: 8960071ce854bbbf-FRA
access-control-allow-headers: AccountId, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Range, ReportObject, ReportType, User-Agent, X-API-Key, X-Requested-With
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: polo.feathr.co
URL: https://polo.feathr.co/v1/accounts/61b37535300097efae7173bb/pixel.js?pk=feathr2

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202406170101&jk=4154363301202606&bg=!goGlgc7NAAb64txl2uI7ADQBe5WfOOkx2RsQY5xQsdQIp1OtED0TGH0TW4GhQl6zUAzUsllfU8iYUDbEeoye9DCLLoulAgAAALVSAAAABWgBB34ANcMdsur19F8vEHw1Bd5PyK6sOZhVYEBL2vymc_lh-lUp32Bpa93yUUubRjcHSJ2pR5vpik_XmQKPEEmkhafI8J_IDAh7seX6nbNmg5uvALe7AVgh0BSoUaQnYl9L7s2reN5YhluUjXaqXeG7mh3TPyAcnstcSOmI2JjRcp_mRXL997ZX2Q0rjV90YQHGvbkne8lw8UaQNiVSf3gp_CwmMgr2rVv2BiZmJPJQGaoFSLrLkEQfmiCl_n_JfLlG9P9wWBHawNVJvfNVJdUcZS9NQOYycOQJJusoPFN3Kr4ZU1TJeSUt37J5rdOLEcrlAiE6b28OtyPeT00b3iGGLThnAkCAerHSxbhF0HBSgI05uM7n-D73NDOYg8KoChu0L_VuV0IfoTJQpVRxgS8m6WU7N94GBg3fR72OYd4SblqkLEz7NZme8lrJW_0qP57lQkNlcHYqMl5e9YbFVBXB2aJIMK9oeR3TZqEJUVXfeSUFVpAdm_L-3bKA14BGKRfGcNr2LeztEcvUaYi8Cs8h0UZE1995xMTjpu6pEIME8Ng-M0mJ4uEI6u0hOmhxSd_pM__TkQzOPicvnDPPvFTn3rADkWuehkzQ90cvQtc0CsYSNRhjzFsQ7j_1g_zJN6n1uoXgKmsKuM9ThUfqdCJn4D85ezBnKpUJi0OYZi2mO4svtU4atVVZjX9W7-0n7PgBc7SSkQvER0Ky2J3heJe3MMjR2pig35-QR26Pe0xH9dVnp0R716l3Os2jvByHkPXAnadeII2x1zbvY_jhOVdXoxgSe0UiNLS7ssecLljCOGyeK2pt8tZBElcbok3QJ_F0iNlPwWW9Npn7Gzq56SBnxX1x1ZvXqWQOihvSjDgsQAnEMYx_AoMJVj-2unIWhiube_7lRzmb-peXvbkDfCPPgKtgPzTuyvM2cas9fc1INm7__Acp1kvXo3JMRw

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.govtech.com/security	1970-01-20 21:26:04	Name: adTakeOver Value: seen
.hsforms.net/	1970-01-20 21:26:05	Name: __cf_bm Value: 5XV4qDSiQVEWQ5OmgNO2ATpAp7HlzPViQTBhvOCi_WA-1718763492-1.0.1.1-OswZ32jbHA_7MC0yC9cq0wQr63cjgaqZK_bz2pvJ0ulyRhiz05h4X7gc9xA0oprV8lSuD4ljDgoPvskumxkMqA
.govtech.com/	1970-01-21 07:02:03	Name: _ga_DLKHJ6T8K5 Value: GS1.1.1718763493.1.0.1718763493.60.0.0
.ws.zoominfo.com/	1970-01-21 06:11:39	Name: visitorId Value: 058e2f4f1b07a13e3a1a2f277fbbd3175d8cbe9c31cedd03aeb24876f85fea18
.zoominfo.com/	1970-01-20 21:26:05	Name: __cf_bm Value: BLcT7tZ0p9sEdaUyiqdFQqeEj4mNI3xkAFGQJxntZrY-1718763493-1.0.1.1-nlg8GGQdBw4L1Gz62lrvxIG5nbHrfscaIGPEkg1Nhl7TzTuc8Y16zNcH2bOvju.GO2SoMDoCXBRvkSIKv7Jb0w
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: JFbQYobcQ3r78AGJiedlyzkwg19uFwOns6_HnB.Blgc-1718763493562-0.0.1.1-604800000
.govtech.com/	1970-01-21 07:02:03	Name: _ga Value: GA1.2.793058372.1718763493
.govtech.com/	1970-01-20 21:27:29	Name: _gid Value: GA1.2.1848471362.1718763494
.govtech.com/	1970-01-20 21:26:03	Name: _gat_gtag_UA_732206_2 Value: 1
.govtech.com/	1970-01-21 06:54:51	Name: _cb Value: BKUE2xBNOnbasJDTX
.govtech.com/	1970-01-21 06:54:51	Name: _chartbeat2 Value: .1718763493837.1718763493837.1.DmeFzaCxHcosBOQ_r8BzWgSwCf2c9U.1
.govtech.com/	1970-01-20 21:26:05	Name: _cb_svref Value: external
.govtech.com/	1970-01-21 06:11:39	Name: _hjSessionUser_3502518 Value: eyJpZCI6IjEwYzBiMWYyLTgyYTMtNTZmMC05MGUwLWNhNThjMGJkNzE4ZiIsImNyZWF0ZWQiOjE3MTg3NjM0OTM5NTksImV4aXN0aW5nIjpmYWxzZX0=
.govtech.com/	1970-01-20 21:26:05	Name: _hjSession_3502518 Value: eyJpZCI6IjRmYTEwNGRjLTBhYjctNDdmOS1iNjYzLTViZjg5YjgyODk5YyIsImMiOjE3MTg3NjM0OTM5NjEsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.www.govtech.com/	1970-01-20 21:26:07	Name: feathr_session_id Value: 66723fe6a90ac374b2a85fcf
.hsforms.com/	1970-01-20 21:26:05	Name: __cf_bm Value: DJgEbD0E4nl5qBY3IfLROhcsfnCaVsB3jsJdaagi50U-1718763494-1.0.1.1-4eHI98y4ws13Lq.fVlKHkbvplsELPHmaDCrWiFoLQoVMjmloLOm284L02uhHZ0f.mfXPlOPHX9pcodBhcFVLQw
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: esYvv6xSyRTFkD7a5MwK.bleI8Bbydqrb4_q.iTrkRM-1718763494040-0.0.1.1-604800000
www.govtech.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.govtech.com/	1970-01-21 01:45:15	Name: __eoi Value: ID=4dfef6a0b84766de:T=1718763494:RT=1718763494:S=AA-AfjZQIl3z2lWh_Q5R-8dh9-iY
.adnxs.com/	1970-01-20 23:35:39	Name: XANDR_PANID Value: wjnKG0D1GtS5RPrgWOKiq5ixQzA45UqHv9rGODLiGgt0zB3RY4wCzl-rgcxpE5pIr53-2pADKKxuWbkOkvZ1waIvXHnh9BgkAP_Rlo07Kok.
.adnxs.com/	1970-01-21 07:02:03	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 23:35:39	Name: uuid2 Value: 1060575221409163253
.feathr.co/	1970-01-21 06:11:39	Name: f_id Value: 66723fe6f3241d000811350a
.govtech.com/	1970-01-21 06:11:39	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Jun+19+2024+04%3A18%3A14+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=6.36.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.govtech.com%2Fsecurity%2Fcyber-attack-hits-agency-that-oversees-illinois-insurance&groups=C0004%3A0%2CC0003%3A0%2CC0001%3A1%2CC0002%3A0
.linkedin.com/	1970-01-20 23:35:39	Name: li_sugr Value: 4eddf755-4df7-4320-aea4-7949c9787188
.linkedin.com/	1970-01-20 21:27:29	Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2889:u=1:x=1:i=1718763494:t=1718849894:v=2:sig=AQETfIOUXpEjeBXoQZ2R0oN258TXpBEf"
.linkedin.com/	1970-01-20 22:09:15	Name: UserMatchHistory Value: AQIpMTyJvFMHywAAAZAuSZzJ3UWAJQaitmnwRdnzvbHdjr-YDRY55X452erDnedxyaONcDQ0j5tbBg
.linkedin.com/	1970-01-20 22:09:15	Name: AnalyticsSyncHistory Value: AQL73WXoZNZtUAAAAZAuSZzJ-REVo6j9rSf_Eialv9xGNHp7kysW99t9AQjRmjAtMFZHhHJnvFEOTQMSm82NiQ
.linkedin.com/	1970-01-21 06:11:39	Name: bcookie Value: "v=2&b9d93e3b-3ffd-4255-835b-fc99102fca17"
.dpmsrv.com/	1970-01-21 07:02:03	Name: dpm_pxl Value: 846fe7f5272424175fcd064bed3ae73430281ea4
.dpmsrv.com/	1970-01-21 07:02:03	Name: dpm_pxl_aid Value: 1060575221409163253
www.govtech.com/	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
.www.linkedin.com/	1970-01-21 06:11:39	Name: bscookie Value: "v=1&20240619021814468d5de5-716e-4441-8915-5be460ace022AQFK7Fi9ztQchGnOeVqPbcYznssT7z1_"
.linkedin.com/	1970-01-21 01:45:15	Name: li_gc Value: MTswOzE3MTg3NjM0OTQ7MjswMjFqALLRe52e1DXGA3VyLtjoov47hXgg6dti+bDi54It/Q==
.govtech.com/	1970-01-21 01:45:15	Name: __hstc Value: 59400946.2640db903e425214b12e3a47774076ae.1718763495335.1718763495335.1718763495335.1
.govtech.com/	1970-01-21 01:45:15	Name: hubspotutk Value: 2640db903e425214b12e3a47774076ae
.govtech.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.govtech.com/	1970-01-20 21:26:05	Name: __hssc Value: 59400946.1.1718763495336
.adnxs.com/	1970-01-20 23:35:39	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2E?kx5A*d!]tbP6j2F-XstGt!@Dz5$zYf)
.dpmsrv.com/	1970-01-21 07:02:03	Name: xdpm_segsid_1499 Value: 36787205%2C36964625
.dpmsrv.com/	1970-01-21 07:02:03	Name: xdpm_segs_1499 Value:
.hubspot.com/	1970-01-20 21:26:05	Name: __cf_bm Value: BcPYL5W2kk7jeMP5PbkCqtABmAxIgEPB1dd4KGBfaVE-1718763495-1.0.1.1-XwZxPJatUkgFGcuJ1vmhyWSc8kCrHte20jOlTFQ6kUCsIdXtUYxwsqVMOmuAA7NR_w8tZyyumdqH2vN8lRu9sQ
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 3prwKo76RpxFLg2r9X4i5RuEpDpU_g0uGC63i7tR6Pw-1718763495531-0.0.1.1-604800000
www.govtech.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 5.005

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.govtech.com/security/cyber-attack-hits-agency-that-oversees-illinois-insurance Message: Refused to execute script from 'https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=1060575221409163253&pixelIndex=0' because its MIME type ('image/png') is not executable.
network	error	URL: https://idsync.rlcdn.com/423396.gif?partner_uid=1060575221409163253 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dpmsrv.com
api.hubapi.com
cdn.cookielaw.org
cdn.feathr.co
cdn.tiny.cloud
cm.g.doubleclick.net
connect.facebook.net
erepublic.brightspotcdn.com
f5058aa24d11363bbf941a4bdd5dc64e.safeframe.googlesyndication.com
fonts.googleapis.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
geolocation.onetrust.com
ib.adnxs.com
idsync.rlcdn.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
marco.feathr.co
pagead2.googlesyndication.com
ping.chartbeat.net
polo.feathr.co
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s.dpmsrv.com
script.hotjar.com
securepubads.g.doubleclick.net
snap.licdn.com
sp.tinymce.com
static.chartbeat.com
static.hotjar.com
stats.g.doubleclick.net
tpc.googlesyndication.com
track.hubspot.com
ws.zoominfo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.govtech.com
www.linkedin.com
pagead2.googlesyndication.com
polo.feathr.co
104.16.117.43
104.18.141.119
104.18.80.204
13.107.42.14
13.32.27.19
13.32.99.71
142.250.185.226
142.250.185.67
142.250.186.104
142.250.186.162
157.240.252.13
18.245.46.29
18.66.102.106
18.66.122.73
18.66.147.96
185.89.211.84
2001:4860:4802:34::36
216.58.206.34
216.58.212.164
2600:9000:211e:e00:4:8ff3:780:93a1
2600:9000:2646:8800:18:1fcd:354:4b41
2606:4700:20::ac43:4415
2606:4700:4400::6812:2089
2606:4700:4400::6812:22e5
2606:4700::6810:6ffe
2606:4700::6810:7674
2606:4700::6810:89d1
2606:4700::6810:a0a8
2606:4700::6811:df98
2606:4700::6812:f36c
2606:4700::6813:b234
2620:1ec:21::14
2a00:1450:4001:806::200e
2a00:1450:4001:813::2001
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::200a
2a00:1450:4001:827::2001
2a00:1450:4001:829::2008
2a00:1450:400c:c06::9a
2a02:26f0:780::210:ca3b
2a03:2880:f084:105:face:b00c:0:3
34.202.136.61
35.244.174.68
52.44.173.20
65.9.66.96
00bab1a0ca70bae23e6e733c1b78045476a2d2688aa0c5cf26fc7efa81ccaa0b
022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5
028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6
071d0a5d172af491aedca9041f20e830d25fd4d339a1006bca3bed949069aa30
0896fd2604414c514c57e58a506872f11eeef3d78f21e434c434060d57191d50
09cc6f343c0c49a0ed3a85bd8669509f4995199ac002b701ab8b1be8b7c66a89
09f52bcc208d4664e92023eb0b82cf61be7bfb512043c4a6acc3d66dac0fa38e
0dbf45873924e8cbfe926dd92375d0385538d16ccef8a26c1d81b281cbd321a3
13b4db5ab3c753292fd73c63cf9ca663960d140d90316a2fcb6c239c7afd920a
1b40aa5f44ef04d43b7f6e670ba4068ec31a1c896ed1dbf54e58dcfceb94cbe7
1cfa86db65397657780a455ab1abbaff6c8966723dd1d72459de3d2e3ceb7b5e
1ffbcd2fb764bd207fe8469400ea6ff8b7f5e556c3d06ffce647802c74b6b7b9
2501458e0e2c22ec853c707f698d3958dfc9d54ecdba6dfd37bf6d1ede37786a
2b663ab6a199de613fa46b2c524da1bfb8a889234879c5ccdb239602468e5f8e
3329e7b951fe7c48f467231dce4f031ce597b49495460541cf3965068398e7b3
34a542361bb2e84a349db9afd6c0379e37e3e86e09b615d85ad774614b5aa588
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
3ad78747fbc9ba39fef134b1cbea24d199e953ff271cd40e3b6dbbda5d63c5b3
3c8d75d1d7db27c3e195d27eb31b01c828df637e80388b83e20d704c383bdfed
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
462e86ac1f36ccc0b1e8ffd80fd334cc2f8ed8c1fd7bc45dbd9d94700968f6e6
48c572c7f4b22623ec3852bf721f8d998b30a0546470bec93fdd366ab827e855
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8e86d86bde3098e04e472018122c51c388047ed623eaa1464143df92bd6250
51ed80e0ce7099dff0c5cde218d6ee9e28c36cfe67f39853ae45d0df1f365377
5386276d7b39f169894ac43f599ff63b5b8dbe70545e243dd30315367f227edf
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
54facedeac31183e8f620df740c641dd1999369d9a888c4b7c2bc55731617928
580dd03d6a10ab52741f799691d2ecba4ed069044970ae14457a64e5b2c598fe
5acbc2918d13eb890701fb47e5278316640777db82d8a3e22abd3e32e5c9a80c
5ca0a92f00666dc3e62a0406b07d789170655d27ff3e4a689c0403c0c790b6e8
5e193af561ebea22e588f5f525947a5b7f3f2aaca6f6fe8a40f6db8bd6f14ff0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
648d6f64dc1915418c85ef0d55c46ed54b804bdc5b2bf3bc666d8f54e99d6df6
66dc6095f84a6c9a37bb0c74422aee70fd6c03888ce365e17262fbcd11b6623e
67f511a9e8a24c17b509b6e3ba562b8428505a41466708c4091dc4b7d0f3fe7a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
7573cae10a3155ebe3f9c7e0f85a90bb89539d891d830a7db2ead27924471a3a
77e81ce3ba7e9446d8c7b28030a76fd14d8702904318065ddf808748b19f50f8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
a62f2c0519d7fd8026c2590579549f279211f0144ccc7cdd0142ced78c9f76d4
b568078c78ac35df8e94ce1e16e39b98d604ef7734ba9ed0291500205439a472
b742a2ad0df4a19ea153bf95610d286ca9e60fe9456f6950f2ee8ff5d83cc894
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
c114a5641b9988aecb7a00c47bd1d37d912883ff4ef9c3b9fe6ad21603ab1066
c50ba4d83599e60fe0a624ea9655d0a914d2ccf2ffc5d5e72c445d87a23f27fd
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc8adc8da618730d44f693c94526935e9973f2f150c41f4cbeb289e134a7ff9e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d858093046131f2fb7aba0561113e4a0e2ed5a67a00786b266d42269b466c06d
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dbd3ebe7dd8dd594fb11b5bda2c5ad4842b3bcd25bafcd46a86ce49ddbcff4b1
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87
e612909b3c747b97eff87998303d7e561d05cbdfc213639b8881af3cb974e682
e8317612abb9dec5aca64d9572326083026928f24218c830d6387e64aef8a2ea
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
eb7c4fb83a58c4959b9f1e1b8efa4b1a74818b66c631a3c7c245eaa5dba60151
ee3184f88b136b6ad521ec8d57fcf138b0c78172ee82e5d8773998bebac6486d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8c51ddade97595d1e723d370b1d756b0b7f8cf98bc06899a5fe9a79737dde2
f728ead9efdc59a21ab9a4ee2c0376e0a40fe4023a5acab704fe0b33d8e1cda8
f909a5e70e295f988f59a91bfbf9a4717b6432a959be54dea955a2ee7e522ebc
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

www.govtech.com Open in urlscan Pro 18.66.122.73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

90 Requests

94 %HTTPS

51 %IPv6

34 Domains

47 Subdomains

46 IPs

4 Countries

1523 kBTransfer

4969 kBSize

44 Cookies

26 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.govtech.com Open in urlscan Pro
18.66.122.73 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

94 %
HTTPS

51 %
IPv6

34
Domains

47
Subdomains

46
IPs

4
Countries

1523 kB
Transfer

4969 kB
Size

44
Cookies

90 HTTP transactions
4 data transactions