urlscan.io logo urlscan.io
SecurityTrails logo

www.point32health.org Open in urlscan Pro
20.232.218.239  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
Submission: On May 23 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 1 countries across 13 domains to perform 36 HTTP transactions. The main IP is 20.232.218.239, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.point32health.org. The Cisco Umbrella rank of the primary domain is 467785.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 17th 2023. Valid for: a year.
This is the only time www.point32health.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 20.232.218.239 8075 (MICROSOFT...)
6 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
3 2607:f8b0:400... 15169 (GOOGLE)
1 3 142.251.40.230 15169 (GOOGLE)
2 2600:141b:13:... 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 23.52.160.7 16625 (AKAMAI-AS)
2 2600:9000:21e... 16509 (AMAZON-02)
5 5 2620:1ec:21::14 8068 (MICROSOFT...)
2 13.107.42.14 8068 (MICROSOFT...)
1 1 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f10... 32934 (FACEBOOK)
1 184.29.129.73 16625 (AKAMAI-AS)
36 15
8    20.232.218.239 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.point32health.org
6    2600:141b:13::17d7:82ba (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2607:f8b0:400c:c32::5f (Charleston, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:400c:c0c::61 (Charleston, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:141b:13::17d7:82a8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
3    2607:f8b0:400c:c0a::8b (Charleston, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    142.251.40.230 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f6.1e100.net
4487958.fls.doubleclick.net
2    2600:141b:13::17d7:82bb (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    23.52.160.7 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-160-7.deploy.static.akamaitechnologies.com
p.teads.tv
cm.teads.tv
2    2600:9000:21ec:9000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2607:f8b0:400c:c0a::9b (Charleston, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    184.29.129.73 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-129-73.deploy.static.akamaitechnologies.com
t.teads.tv
Apex Domain
Subdomains		 Transfer
8 point32health.org
www.point32health.org — Cisco Umbrella Rank: 467785
107 KB
7 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 339
www.linkedin.com — Cisco Umbrella Rank: 603
px4.ads.linkedin.com — Cisco Umbrella Rank: 6328
4 KB
7 typekit.net
use.typekit.net — Cisco Umbrella Rank: 455
p.typekit.net — Cisco Umbrella Rank: 581
129 KB
3 teads.tv
p.teads.tv — Cisco Umbrella Rank: 5727
cm.teads.tv — Cisco Umbrella Rank: 6433
t.teads.tv — Cisco Umbrella Rank: 2731
8 KB
3 doubleclick.net
4487958.fls.doubleclick.net
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
261 B
2 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 825
737 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 157
115 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 725
10 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
160 KB
1 google.com
adservice.google.com — Cisco Umbrella Rank: 68
621 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
36 13
Domain Requested by
8 www.point32health.org www.point32health.org
6 use.typekit.net www.point32health.org
use.typekit.net
4 px.ads.linkedin.com 4 redirects
3 4487958.fls.doubleclick.net 1 redirects www.googletagmanager.com
4487958.fls.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.facebook.com www.point32health.org
2 px4.ads.linkedin.com www.point32health.org
4487958.fls.doubleclick.net
2 cdn.linkedin.oribi.io snap.licdn.com
2 connect.facebook.net www.point32health.org
connect.facebook.net
2 snap.licdn.com www.googletagmanager.com
4487958.fls.doubleclick.net
2 www.googletagmanager.com www.point32health.org
www.googletagmanager.com
1 t.teads.tv www.point32health.org
1 adservice.google.com 1 redirects
1 cm.teads.tv p.teads.tv
1 www.linkedin.com 1 redirects
1 p.teads.tv www.googletagmanager.com
1 p.typekit.net use.typekit.net
1 fonts.googleapis.com www.point32health.org
36 18
Subject Issuer Validity Valid
point32health.org
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-17 -
2024-04-16		 a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-02 -
2023-05-31		 3 months crt.sh
teads.tv
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-02-24 -
2023-08-06		 5 months crt.sh

This page contains 4 frames:

Primary Page: https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
Frame ID: ABFA8053C61FB79043114B94CAB9F803
Requests: 31 HTTP requests in this frame

Frame: https://4487958.fls.doubleclick.net/activityi;dc_pre=CM7M-NqNjP8CFXqBWgUdR7kBpQ;src=4487958;type=p32hlp00;cat=p32hlp01;ord=6239599509465;gtm=45He35h0;auiddc=1975954780.1684867811;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F
Frame ID: DF975369019FA8DA8E1685D32D383306
Requests: 1 HTTP requests in this frame

Frame: https://4487958.fls.doubleclick.net/ddm/fls/r/dc_pre=CM7M-NqNjP8CFXqBWgUdR7kBpQ;src=4487958;type=p32hlp00;cat=p32hlp01;ord=6239599509465;gtm=45He35h0;auiddc=1975954780.1684867811;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F
Frame ID: 8F33E5A99F2F766FBFE324C3C14A8308
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1865AA11C90C23B4B47966B7BDCB2ED0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Point32Health Ransomware Incident Update: Provider Impact - Point32Health Provider

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

36
Requests

94 %
HTTPS

69 %
IPv6

13
Domains

18
Subdomains

15
IPs

1
Countries

553 kB
Transfer

1573 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://4487958.fls.doubleclick.net/activityi;src=4487958;type=p32hlp00;cat=p32hlp01;ord=6239599509465;gtm=45He35h0;auiddc=1975954780.1684867811;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F HTTP 302
  • https://4487958.fls.doubleclick.net/activityi;dc_pre=CM7M-NqNjP8CFXqBWgUdR7kBpQ;src=4487958;type=p32hlp00;cat=p32hlp01;ord=6239599509465;gtm=45He35h0;auiddc=1975954780.1684867811;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F
Request Chain 25
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4646108&time=1684867810972&url=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F&tm=gtmv2 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4646108&time=1684867810972&url=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F&tm=gtmv2&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4646108%26time%3D1684867810972%26url%3Dhttps%253A%252F%252Fwww.point32health.org%252Fprovider%252Fsystem-update%252Fpoint32health-ransomware-incident-update-provider-impact%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4646108&time=1684867810972&url=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4646108&time=1684867810972&url=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKzVOECkTyMkQAAAYhJ8of4N4BQBUiOvo2bczNFA7-GZBakaIv0fNa5a2XPHMkLsOs
Request Chain 29
  • https://adservice.google.com/ddm/fls/i/dc_pre=CM7M-NqNjP8CFXqBWgUdR7kBpQ;src=4487958;type=p32hlp00;cat=p32hlp01;ord=6239599509465;gtm=45He35h0;auiddc=1975954780.1684867811;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F HTTP 302
  • https://4487958.fls.doubleclick.net/ddm/fls/r/dc_pre=CM7M-NqNjP8CFXqBWgUdR7kBpQ;src=4487958;type=p32hlp00;cat=p32hlp01;ord=6239599509465;gtm=45He35h0;auiddc=1975954780.1684867811;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F
Request Chain 34
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4646108&time=1684867811602&url=https%3A%2F%2F4487958.fls.doubleclick.net%2F HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4646108&time=1684867811602&url=https%3A%2F%2F4487958.fls.doubleclick.net%2F&e_ipv6=AQKtypeE7xNCfgAAAYhJ8okyikZUQxuzpPmUAgJ0F95Ffw1PmtnqSuv1l1I-qPYi2zE

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/ 		60 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.232.218.239 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.56 (Debian) /
Resource Hash
fff20052eaa128805ecc0f0521d8448a25f7d8cdc5710aad108eef5130990b2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
18308
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 May 2023 18:50:04 GMT
Expires
Tue, 23 May 2023 18:50:04 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Tue, 23 May 2023 17:35:55 GMT
Server
Apache/2.4.56 (Debian)
Vary
Accept-Encoding
ntm4esj.css
use.typekit.net/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/ntm4esj.css
Requested by
Host: www.point32health.org
URL: https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82ba New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
be7669e514c6cc6f1cd20ff230f3105746ed82f1749af79687d32d5984df2a42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Tue, 23 May 2023 18:50:10 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
961
css2
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Requested by
Host: www.point32health.org
URL: https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c32::5f Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a34acc028ee66107062677f9fa72567e5f62bd18af7fe466e8f11af6a8234589
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 May 2023 18:50:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 May 2023 18:23:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 May 2023 18:50:10 GMT
style.min.css
www.point32health.org/provider/wp-includes/css/dist/block-library/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.point32health.org/provider/wp-includes/css/dist/block-library/style.min.css?ver=6.2
Requested by
Host: www.point32health.org
URL: https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.232.218.239 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.56 (Debian) /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 18:50:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 May 2023 20:58:36 GMT
Server
Apache/2.4.56 (Debian)
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
12736
Expires
Wed, 22 May 2024 18:50:10 GMT
classic-themes.min.css
www.point32health.org/provider/wp-includes/css/ 		291 B
609 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.point32health.org/provider/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by
Host: www.point32health.org
URL: https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.232.218.239 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.56 (Debian) /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 18:50:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 May 2023 20:58:36 GMT
Server
Apache/2.4.56 (Debian)
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
210
Expires
Wed, 22 May 2024 18:50:10 GMT
style.css
www.point32health.org/provider/wp-content/themes/NewCo/assets/css/ 		123 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.point32health.org/provider/wp-content/themes/NewCo/assets/css/style.css?ver=5a21043c
Requested by
Host: www.point32health.org
URL: https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.232.218.239 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.56 (Debian) /
Resource Hash
46c5351f2dae04b5f4c7208938a557e5ecca5e8911003719927985723b756053

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 18:50:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 May 2023 19:13:19 GMT
Server
Apache/2.4.56 (Debian)
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
18779
Expires
Wed, 22 May 2024 18:50:10 GMT
provider_search.css
www.point32health.org/provider/wp-content/themes/NewCo/assets/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.point32health.org/provider/wp-content/themes/NewCo/assets/css/provider_search.css?ver=e5fb310d
Requested by
Host: www.point32health.org
URL: https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.232.218.239 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.56 (Debian) /
Resource Hash
33939353fe2fcafdee8811787ae4d317e022d7533cd549802caa1ade095179ed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 18:50:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 May 2023 19:13:19 GMT
Server
Apache/2.4.56 (Debian)
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1903
Expires
Wed, 22 May 2024 18:50:10 GMT
jquery.min.js
www.point32health.org/provider/wp-includes/js/jquery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.point32health.org/provider/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by
Host: www.point32health.org
URL: https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.232.218.239 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.56 (Debian) /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 18:50:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 May 2023 20:58:36 GMT
Server
Apache/2.4.56 (Debian)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
31049
Expires
Wed, 22 May 2024 18:50:10 GMT
jquery-migrate.min.js
www.point32health.org/provider/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.point32health.org/provider/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: www.point32health.org
URL: https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.232.218.239 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.56 (Debian) /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 18:50:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 May 2023 20:58:36 GMT
Server
Apache/2.4.56 (Debian)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4795
Expires
Wed, 22 May 2024 18:50:10 GMT
main.min.js
www.point32health.org/provider/wp-content/themes/NewCo/assets/js/build/ 		71 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.point32health.org/provider/wp-content/themes/NewCo/assets/js/build/main.min.js?ver=51f60e14
Requested by
Host: www.point32health.org
URL: https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.232.218.239 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.56 (Debian) /
Resource Hash
d7f0179beea72e06926ad1524eea73f68f552c7c72db4f7f86b974e0075df45d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 18:50:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 May 2023 19:13:19 GMT
Server
Apache/2.4.56 (Debian)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
18326
Expires
Wed, 22 May 2024 18:50:10 GMT
gtm.js
www.googletagmanager.com/ 		215 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5PZGSMZ
Requested by
Host: www.point32health.org
URL: https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c0c::61 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
43f37b343b7884e397f2a157493bd9bc931be175f11705fb2d730bc0dd40bc94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 18:50:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78306
x-xss-protection
0
last-modified
Tue, 23 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 May 2023 18:50:10 GMT
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=ntm4esj&ht=tk&f=18438.18439.18440.18441.18442.18443.18444.18445.22797&a=4616763&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ntm4esj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82a8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 18:50:10 GMT
last-modified
Sat, 02 Oct 2021 08:25:28 GMT
server
nginx
etag
"61581778-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
truncated
/ 		318 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88b864b219d74cc01c212aa8539ed032c962c6b1f52626528713d1d423459f5e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
l
use.typekit.net/af/9dc3b1/000000000000000000013f8f/27/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9dc3b1/000000000000000000013f8f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ntm4esj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82ba New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
52ce26ceeba83c537157f04873df47938240f2ce968f51aebac77a7b94249a5d

Request headers

Referer
https://use.typekit.net/ntm4esj.css
Origin
https://www.point32health.org
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 18:50:10 GMT
server
nginx
etag
"f61720dce904208de161e9db0106d12bad29b54a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
36072
l
use.typekit.net/af/0240fd/00000000000000007735a2df/30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/0240fd/00000000000000007735a2df/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ntm4esj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82ba New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bbb3fee6f6dc586fd9a7fca24146f479547cd0590e939813bffed8e08cb71248

Request headers

Referer
https://use.typekit.net/ntm4esj.css
Origin
https://www.point32health.org
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 18:50:10 GMT
server
nginx
etag
"e292cf1968043fe0fa7a3868c22ec8cfab865b3e"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19036
l
use.typekit.net/af/2759ad/00000000000000007735a2d2/30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2759ad/00000000000000007735a2d2/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ntm4esj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82ba New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7604eb70a19a3bcaf8a1ddf612e496b57d766f84680e41a1cabd22c9cb7bc229

Request headers

Referer
https://use.typekit.net/ntm4esj.css
Origin
https://www.point32health.org
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 18:50:10 GMT
server
nginx
etag
"ec46521336e75811ac83c0513c3f4d1d277053e2"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19124
l
use.typekit.net/af/9aa4fe/000000000000000000013f4e/27/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9aa4fe/000000000000000000013f4e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ntm4esj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82ba New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8aa1f94eb99d57cb3324efb1b537bc32d6a3b8d73adea5be680bcba2b1920975

Request headers

Referer
https://use.typekit.net/ntm4esj.css
Origin
https://www.point32health.org
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 18:50:10 GMT
server
nginx
etag
"5970eaf1cd05a7ca2366f3dcb4411265feec7581"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
36704
l
use.typekit.net/af/2fd54c/00000000000000007735a2d9/30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2fd54c/00000000000000007735a2d9/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ntm4esj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82ba New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
64b3c269f64331aaaac36315b278c55334cfa66f30cf34e12975d4e7eed22435

Request headers

Referer
https://use.typekit.net/ntm4esj.css
Origin
https://www.point32health.org
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 18:50:10 GMT
server
nginx
etag
"9f435a3844733375aea320ec7638117e3295855e"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19072
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PZGSMZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c0a::8b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 May 2023 17:28:26 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4904
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 23 May 2023 19:28:26 GMT
activityi;dc_pre=CM7M-NqNjP8CFXqBWgUdR7kBpQ;src=4487958;type=p32hlp00;cat=p32hlp01;ord=6239599509465;gtm=45He35h0;auiddc=1975954780.1684867811;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=ht...
4487958.fls.doubleclick.net/ Frame DF97
Redirect Chain
  • https://4487958.fls.doubleclick.net/activityi;src=4487958;type=p32hlp00;cat=p32hlp01;ord=6239599509465;gtm=45He35h0;auiddc=1975954780.1684867811;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=...
  • https://4487958.fls.doubleclick.net/activityi;dc_pre=CM7M-NqNjP8CFXqBWgUdR7kBpQ;src=4487958;type=p32hlp00;cat=p32hlp01;ord=6239599509465;gtm=45He35h0;auiddc=1975954780.1684867811;uaa=;uab=;uafvl=;u...
624 B
504 B 		Document
General
Check archive.org
Download Go to
Full URL
https://4487958.fls.doubleclick.net/activityi;dc_pre=CM7M-NqNjP8CFXqBWgUdR7kBpQ;src=4487958;type=p32hlp00;cat=p32hlp01;ord=6239599509465;gtm=45He35h0;auiddc=1975954780.1684867811;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PZGSMZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f6.1e100.net
Software
cafe /
Resource Hash
10af313983a0a9f5589d9e77a13c9af2eab9f4a1d29110565d088ad7d15b7f18
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.point32health.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
328
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 May 2023 18:50:11 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 May 2023 18:50:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://4487958.fls.doubleclick.net/activityi;dc_pre=CM7M-NqNjP8CFXqBWgUdR7kBpQ;src=4487958;type=p32hlp00;cat=p32hlp01;ord=6239599509465;gtm=45He35h0;auiddc=1975954780.1684867811;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PZGSMZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82bb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 18:50:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=12619
accept-ranges
bytes
content-length
4777
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.point32health.org
URL: https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8fbf7e16e3604db25ab37c4a496865033167bb550e3b2e92f1070424f48723a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 23 May 2023 18:50:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27497
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
2lOpkLAJOu4Fj1b+GtWlXgEHc6GXPiduAOMwcB8oS/Cw6UyzsJIDeK8hzHgB+tpxWdBuzcZ/G8lpoGlUfzpQQA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
teads-fellow.js
p.teads.tv/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.teads.tv/teads-fellow.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PZGSMZ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.160.7 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-7.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b0cc9a2cf38a0cc4dca290f198ff87deeaa70dbb397165d15b5e7a69efc018c2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 18:50:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Apr 2023 14:48:36 GMT
Server
AmazonS3
x-amz-request-id
WKQ89HQ1THMEXEGD
ETag
"923b974ca0644de79e6688ce2d4bbaab"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=496
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6433
x-amz-id-2
JkWMJSidGEyFPUdaGl8CyDr4qluCSJiLbSqLsC3HtRYFr/XuIKr+V8lFS8n1uWFiImxV0Pj6FV4=
js
www.googletagmanager.com/gtag/ 		243 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7WB29267LS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PZGSMZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c0c::61 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ea42fe0c5285f6eda8935396ec9308226011cde7136416563cabdc3eeec6b9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 18:50:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84986
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 May 2023 18:50:10 GMT
collect
www.google-analytics.com/g/ 		0
166 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-7WB29267LS&gtm=45je35h0h1&_p=957506680&cid=1331798030.1684867811&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684867810&sct=1&seg=0&dl=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F&dt=Point32Health%20Ransomware%20Incident%20Update%3A%20Provider%20Impact%20-%20Point32Health%20Provider&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7WB29267LS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c0a::8b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 18:50:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.point32health.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/4646108/domain/point32health.org/ 		36 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4646108/domain/point32health.org/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.point32health.org/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:53:44 GMT
content-encoding
gzip
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
age
21387
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=32187
x-amz-cf-id
tU66MaFRb4q7ZHYo2Xhb4rexVG1fDBBjWkR2Kby9m4HLrVqP5j0ivw==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4646108&time=1684867810972&url=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4646108&time=1684867810972&url=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4646108%26time%3D1684867810972%26url%3Dhttps%253A%252F%252Fwww.point32health.org%...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4646108&time=1684867810972&url=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4646108&time=1684867810972&url=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider...
0
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4646108&time=1684867810972&url=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKzVOECkTyMkQAAAYhJ8of4N4BQBUiOvo2bczNFA7-GZBakaIv0fNa5a2XPHMkLsOs
Requested by
Host: www.point32health.org
URL: https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 18:50:11 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 15CA6190E5874F23B5654FA8B0705FB9 Ref B: CHGEDGE1318 Ref C: 2023-05-23T18:50:11Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX8YNtl+WTPRvrYdSrKew==

Redirect headers

date
Tue, 23 May 2023 18:50:10 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: BD87CB74DD8646829B3EA7614C38DF4E Ref B: CHGEDGE1816 Ref C: 2023-05-23T18:50:11Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4646108&time=1684867810972&url=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKzVOECkTyMkQAAAYhJ8of4N4BQBUiOvo2bczNFA7-GZBakaIv0fNa5a2XPHMkLsOs
x-li-proto
http/2
content-length
0
x-li-uuid
AAX8YNtjDXK7aL7l0CGA1g==
collect
www.google-analytics.com/j/ 		3 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=957506680&t=pageview&_s=1&dl=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F&ul=en-us&de=UTF-8&dt=Point32Health%20Ransomware%20Incident%20Update%3A%20Provider%20Impact%20-%20Point32Health%20Provider&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1046014976&gjid=248134255&cid=1331798030.1684867811&tid=UA-90508706-14&_gid=121348078.1684867811&_r=1&_slc=1&gtm=45He35h0n815PZGSMZ&z=849039043
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c0a::8b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.point32health.org/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 May 2023 18:50:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.point32health.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
advertiser
cm.teads.tv/v2/ 		140 B
862 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F&buyer_pixel_id=8805
Requested by
Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.160.7 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
711b3c06141ca1a1eb9697c00375192b5eed1dd9c06cb83d2ce3442637233dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 May 2023 18:50:11 GMT
Observe-Browsing-Topics
?1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.point32health.org
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Origin-Trial
Az9xQo/imzWWuauBg0JngENQMoxulJzGzdGQ0VfUZDk7et2DJfmfUxfOWnHlwQiZRFG+Grc8bH8xWgOPW2ltjQQAAAB+eyJvcmlnaW4iOiJodHRwczovL3RlYWRzLnR2OjQ0MyIsImZlYXR1cmUiOiJQcml2YWN5U2FuZGJveEFkc0FQSXMiLCJleHBpcnkiOjE2ODA2NTI3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
Connection
keep-alive
Content-Length
140
Expires
Tue, 23 May 2023 18:50:11 GMT
1004479703795355
connect.facebook.net/signals/config/ 		301 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1004479703795355?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f031ceb252a5076441571828317229da6b6edb5510994f328775a58bad9bc128
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 23 May 2023 18:50:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88371
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
0LxJxkjEs5auAyw2peetAFSdHc2x08w55w3/hWzfr8Yu/TvgCgGQsRfAJonR29EWBscwmHHd6Cy6+4/MDjskpw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
dc_pre=CM7M-NqNjP8CFXqBWgUdR7kBpQ;src=4487958;type=p32hlp00;cat=p32hlp01;ord=6239599509465;gtm=45He35h0;auiddc=1975954780.1684867811;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%...
4487958.fls.doubleclick.net/ddm/fls/r/ Frame 8F33
Redirect Chain
  • https://adservice.google.com/ddm/fls/i/dc_pre=CM7M-NqNjP8CFXqBWgUdR7kBpQ;src=4487958;type=p32hlp00;cat=p32hlp01;ord=6239599509465;gtm=45He35h0;auiddc=1975954780.1684867811;uaa=;uab=;uafvl=;uam=;uam...
  • https://4487958.fls.doubleclick.net/ddm/fls/r/dc_pre=CM7M-NqNjP8CFXqBWgUdR7kBpQ;src=4487958;type=p32hlp00;cat=p32hlp01;ord=6239599509465;gtm=45He35h0;auiddc=1975954780.1684867811;uaa=;uab=;uafvl=;u...
950 B
381 B 		Document
General
Check archive.org
Download Go to
Full URL
https://4487958.fls.doubleclick.net/ddm/fls/r/dc_pre=CM7M-NqNjP8CFXqBWgUdR7kBpQ;src=4487958;type=p32hlp00;cat=p32hlp01;ord=6239599509465;gtm=45He35h0;auiddc=1975954780.1684867811;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F
Requested by
Host: 4487958.fls.doubleclick.net
URL: https://4487958.fls.doubleclick.net/activityi;dc_pre=CM7M-NqNjP8CFXqBWgUdR7kBpQ;src=4487958;type=p32hlp00;cat=p32hlp01;ord=6239599509465;gtm=45He35h0;auiddc=1975954780.1684867811;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f6.1e100.net
Software
cafe /
Resource Hash
72e3332bf1459d335a47fcfe64269b521c3121de9a0daf658d6dcd9afdd94286
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4487958.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
356
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 May 2023 18:50:11 GMT
expires
Tue, 23 May 2023 18:50:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 May 2023 18:50:11 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://4487958.fls.doubleclick.net/ddm/fls/r/dc_pre=CM7M-NqNjP8CFXqBWgUdR7kBpQ;src=4487958;type=p32hlp00;cat=p32hlp01;ord=6239599509465;gtm=45He35h0;auiddc=1975954780.1684867811;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1004479703795355&ev=PageView&dl=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F&rl=&if=false&ts=1684867811199&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1684867811198.548485490&it=1684867811041&coo=false&rqm=GET
Requested by
Host: www.point32health.org
URL: https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 23 May 2023 18:50:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=pageView&env=js-web&tag_version=6.13.2_6bb02dc&provider=tag&buyer_pixel_id=8805&referer=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F&user_session_id=317cfae6-dfa5-4241-9741-f8d26bf36300
Requested by
Host: www.point32health.org
URL: https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.129.73 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-73.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.point32health.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Tue, 23 May 2023 18:50:12 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame 8F33 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: 4487958.fls.doubleclick.net
URL: https://4487958.fls.doubleclick.net/ddm/fls/r/dc_pre=CM7M-NqNjP8CFXqBWgUdR7kBpQ;src=4487958;type=p32hlp00;cat=p32hlp01;ord=6239599509465;gtm=45He35h0;auiddc=1975954780.1684867811;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82bb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4487958.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 18:50:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=12618
accept-ranges
bytes
content-length
4777
token
cdn.linkedin.oribi.io/partner/4646108/domain/4487958.fls.doubleclick.net/ Frame 8F33 		36 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4646108/domain/4487958.fls.doubleclick.net/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://4487958.fls.doubleclick.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 12:51:59 GMT
content-encoding
gzip
via
1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
age
21492
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=39595
x-amz-cf-id
bUoia7ayWSGQlnZU_wMxjsc1HPgv1m5KCoh-9HFRMrgvTGyr7et4yw==
collect
px4.ads.linkedin.com/ Frame 8F33
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4646108&time=1684867811602&url=https%3A%2F%2F4487958.fls.doubleclick.net%2F
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4646108&time=1684867811602&url=https%3A%2F%2F4487958.fls.doubleclick.net%2F&e_ipv6=AQKtypeE7xNCfgAAAYhJ8okyikZUQxuzpPmUAgJ0F95Ffw1PmtnqSuv1l1I-qP...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4646108&time=1684867811602&url=https%3A%2F%2F4487958.fls.doubleclick.net%2F&e_ipv6=AQKtypeE7xNCfgAAAYhJ8okyikZUQxuzpPmUAgJ0F95Ffw1PmtnqSuv1l1I-qPYi2zE
Requested by
Host: 4487958.fls.doubleclick.net
URL: https://4487958.fls.doubleclick.net/ddm/fls/r/dc_pre=CM7M-NqNjP8CFXqBWgUdR7kBpQ;src=4487958;type=p32hlp00;cat=p32hlp01;ord=6239599509465;gtm=45He35h0;auiddc=1975954780.1684867811;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fwww.point32health.org%2Fprovider%2Fsystem-update%2Fpoint32health-ransomware-incident-update-provider-impact%2F
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4487958.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 18:50:11 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D9E9783CEAAB46DEA25BF90478F15C95 Ref B: CHGEDGE1318 Ref C: 2023-05-23T18:50:11Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX8YNtpGI8D33Oh2QWwcA==

Redirect headers

date
Tue, 23 May 2023 18:50:11 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 80E93DB90ACD46A6B96E1658A1B4A283 Ref B: CHGEDGE1816 Ref C: 2023-05-23T18:50:11Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4646108&time=1684867811602&url=https%3A%2F%2F4487958.fls.doubleclick.net%2F&e_ipv6=AQKtypeE7xNCfgAAAYhJ8okyikZUQxuzpPmUAgJ0F95Ffw1PmtnqSuv1l1I-qPYi2zE
x-li-proto
http/2
content-length
0
x-li-uuid
AAX8YNtn1OKGzWbm7ZLDMw==
/
www.facebook.com/tr/ Frame 1865 		0
76 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.point32health.org
URL: https://www.point32health.org/provider/system-update/point32health-ransomware-incident-update-provider-impact/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.point32health.org
Referer
https://www.point32health.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.point32health.org
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 23 May 2023 18:50:12 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| dataLayer undefined| $ function| jQuery function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig function| _typeof undefined| resizeTimer number| headerHeight boolean| headerSticky number| adminBarHeight number| height boolean| isDesktop boolean| switchedFromMobile boolean| isHome function| resizeWindow object| globalResize function| Scrollbox function| lity function| Waypoint string| waypointContextKey object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _linkedin_data_partner_ids boolean| _already_called_lintrk function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal function| lintrk object| gaplugins object| gaData object| teads_e number| teads_buyer_pixel_id boolean| first_party_cookie_allowed boolean| teads_tracking_allowed string| advertiser_domain string| teads_session_id object| teads_tracking_events_sent

15 Cookies

Domain/Path Name / Value
.point32health.org/ Name: _gcl_au
Value: 1.1.1975954780.1684867811
.point32health.org/ Name: _ga_7WB29267LS
Value: GS1.1.1684867810.1.0.1684867810.0.0.0
.point32health.org/ Name: _ga
Value: GA1.2.1331798030.1684867811
.point32health.org/ Name: _gid
Value: GA1.2.121348078.1684867811
.point32health.org/ Name: _gat_UA-90508706-14
Value: 1
.linkedin.com/ Name: li_sugr
Value: f42d7d60-0d3a-4a74-af49-72e5f9c7b30f
.linkedin.com/ Name: bcookie
Value: "v=2&bd933ba9-099a-4a55-859d-68e433edc4cf"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3017:u=1:x=1:i=1684867811:t=1684954211:v=2:sig=AQGUbzqdTMFJ-SmyYven3ziMcBic3_ke"
www.point32health.org/ Name: ln_or
Value: eyI0NjQ2MTA4IjoiZCJ9
.linkedin.com/ Name: UserMatchHistory
Value: AQLFHqyllN8WswAAAYhJ8odUG92yrZ-PlCpaJZOvtF1gGsZmkKl0XztSovyaJFykgRkmpibI0Xn19g
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLgidfe8H_wDgAAAYhJ8odUv_3BpVGbkJ8YtPCF8o5b74Z3DqC26JkgJx098xNwiQ29MfRZhrI8jUQiAXCMSw
.point32health.org/ Name: _fbp
Value: fb.1.1684867811198.548485490
.www.linkedin.com/ Name: bscookie
Value: "v=1&202305231850118eb3bf8b-8986-46ba-8273-0115ddad31bfAQGi0W_Ml6y4NhREiw2vsGC8SCt5i3-M"
.point32health.org/ Name: tfpsi
Value: 317cfae6-dfa5-4241-9741-f8d26bf36300
.doubleclick.net/ Name: IDE
Value: AHWqTUnw0_e8uGfJ-q3qD_0u3rlZwdGz80K0XthS3u-5uA-uhtqAnNtImVFlmCFJBv8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4487958.fls.doubleclick.net
adservice.google.com
cdn.linkedin.oribi.io
cm.teads.tv
connect.facebook.net
fonts.googleapis.com
p.teads.tv
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
t.teads.tv
use.typekit.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www.point32health.org
13.107.42.14
142.251.40.230
184.29.129.73
20.232.218.239
23.52.160.7
2600:141b:13::17d7:82a8
2600:141b:13::17d7:82ba
2600:141b:13::17d7:82bb
2600:9000:21ec:9000:2:53b2:240:93a1
2607:f8b0:400c:c0a::8b
2607:f8b0:400c:c0a::9b
2607:f8b0:400c:c0c::61
2607:f8b0:400c:c32::5f
2620:1ec:21::14
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
10af313983a0a9f5589d9e77a13c9af2eab9f4a1d29110565d088ad7d15b7f18
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ea42fe0c5285f6eda8935396ec9308226011cde7136416563cabdc3eeec6b9f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33939353fe2fcafdee8811787ae4d317e022d7533cd549802caa1ade095179ed
43f37b343b7884e397f2a157493bd9bc931be175f11705fb2d730bc0dd40bc94
46c5351f2dae04b5f4c7208938a557e5ecca5e8911003719927985723b756053
52ce26ceeba83c537157f04873df47938240f2ce968f51aebac77a7b94249a5d
64b3c269f64331aaaac36315b278c55334cfa66f30cf34e12975d4e7eed22435
711b3c06141ca1a1eb9697c00375192b5eed1dd9c06cb83d2ce3442637233dff
72e3332bf1459d335a47fcfe64269b521c3121de9a0daf658d6dcd9afdd94286
7604eb70a19a3bcaf8a1ddf612e496b57d766f84680e41a1cabd22c9cb7bc229
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
88b864b219d74cc01c212aa8539ed032c962c6b1f52626528713d1d423459f5e
8aa1f94eb99d57cb3324efb1b537bc32d6a3b8d73adea5be680bcba2b1920975
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
a34acc028ee66107062677f9fa72567e5f62bd18af7fe466e8f11af6a8234589
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b0cc9a2cf38a0cc4dca290f198ff87deeaa70dbb397165d15b5e7a69efc018c2
bbb3fee6f6dc586fd9a7fca24146f479547cd0590e939813bffed8e08cb71248
be7669e514c6cc6f1cd20ff230f3105746ed82f1749af79687d32d5984df2a42
d7f0179beea72e06926ad1524eea73f68f552c7c72db4f7f86b974e0075df45d
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
f031ceb252a5076441571828317229da6b6edb5510994f328775a58bad9bc128
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f8fbf7e16e3604db25ab37c4a496865033167bb550e3b2e92f1070424f48723a
fff20052eaa128805ecc0f0521d8448a25f7d8cdc5710aad108eef5130990b2d