www.aha.org Open in urlscan Pro
13.224.93.87 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://emails.sponsored.aha.org/d40n5BgXUb0OU00T02030Z0
Effective URL:
https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_so...
Submission: On November 09 via manual (November 9th 2020, 4:25:00 pm UTC) from US

Summary HTTP 63 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 28 domains to perform 63 HTTP transactions. The main IP is 13.224.93.87, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.aha.org.
TLS certificate: Issued by Amazon on November 4th 2020. Valid for: a year.

This is the only time www.aha.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	13.224.93.87 13.224.93.87	16509 (AMAZON-02) (AMAZON-02)
5	104.75.88.112 104.75.88.112	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
2	2a02:26f0:eb:... 2a02:26f0:eb:3b4::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.224.93.53 13.224.93.53	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1	130.211.5.208 130.211.5.208	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
2	88.221.60.75 88.221.60.75	16625 (AKAMAI-AS) (AKAMAI-AS)
2	209.18.65.216 209.18.65.216	14492 (DATAPIPE) (DATAPIPE)
3	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.93.65 13.224.93.65	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	107.178.240.159 107.178.240.159	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
1	151.139.237.11 151.139.237.11	33438 (HIGHWINDS2) (HIGHWINDS2)
1	104.108.145.172 104.108.145.172	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	13.224.93.88 13.224.93.88	16509 (AMAZON-02) (AMAZON-02)
1	52.51.24.70 52.51.24.70	16509 (AMAZON-02) (AMAZON-02)
2	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
63	32

1 104.17.74.206 (United States)

ASN13335 (CLOUDFLARENET, US)

emails.sponsored.aha.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 13.224.93.87 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-87.zrh50.r.cloudfront.net

www.aha.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.112 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:eb:3b4::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.93.53 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-53.zrh50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.5.208 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 208.5.211.130.bc.googleusercontent.com

cdn4.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.60.75 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.18.65.216 (United States)

ASN14492 (DATAPIPE, US)

tracking.magnetmail.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.93.65 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-65.zrh50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.240.159 (United States)

ASN15169 (GOOGLE, US)
PTR: 159.240.178.107.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

734-zto-041.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.237.11 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.145.172 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-172.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.93.88 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-88.zrh50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.24.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-24-70.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.147 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	aha.org emails.sponsored.aha.org www.aha.org	881 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	74 KB
4	google-analytics.com www.google-analytics.com	52 KB
4	addthis.com s7.addthis.com m.addthis.com	191 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
2	nr-data.net bam-cell.nr-data.net	1 KB
2	facebook.com www.facebook.com	360 B
2	mixpanel.com api-js.mixpanel.com	482 B
2	magnetmail.net tracking.magnetmail.net	2 KB
2	marketo.net munchkin.marketo.net	6 KB
2	facebook.net connect.facebook.net	91 KB
2	licdn.com snap.licdn.com	3 KB
1	newrelic.com js-agent.newrelic.com	11 KB
1	addthisedge.com v1.addthisedge.com	911 B
1	twitter.com analytics.twitter.com	652 B
1	moatads.com z.moatads.com	1 KB
1	rawgit.com cdn.rawgit.com	1 KB
1	mktoresp.com 734-zto-041.mktoresp.com	311 B
1	t.co t.co	449 B
1	google.de www.google.de	106 B
1	google.com www.google.com	117 B
1	ytimg.com s.ytimg.com	35 KB
1	doubleclick.net stats.g.doubleclick.net	85 B
1	youtube.com www.youtube.com	1 KB
1	mxpnl.com cdn4.mxpnl.com	27 KB
1	wistia.net fast.wistia.net	119 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	72 KB
63	28

	Domain	Requested by
18	www.aha.org	emails.sponsored.aha.org www.aha.org
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.aha.org
3	s7.addthis.com	www.aha.org s7.addthis.com
2	bam-cell.nr-data.net	js-agent.newrelic.com
2	www.facebook.com	www.aha.org connect.facebook.net
2	api-js.mixpanel.com	cdn4.mxpnl.com
2	px.ads.linkedin.com	1 redirects www.aha.org
2	tracking.magnetmail.net	www.googletagmanager.com tracking.magnetmail.net
2	munchkin.marketo.net	emails.sponsored.aha.org munchkin.marketo.net
2	connect.facebook.net	emails.sponsored.aha.org connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
1	js-agent.newrelic.com	www.aha.org
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	analytics.twitter.com	static.ads-twitter.com
1	z.moatads.com	s7.addthis.com
1	cdn.rawgit.com	www.aha.org
1	734-zto-041.mktoresp.com	munchkin.marketo.net
1	t.co	www.aha.org
1	www.google.de	www.aha.org
1	www.google.com	www.aha.org
1	s.ytimg.com	www.youtube.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.linkedin.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	www.youtube.com	www.googletagmanager.com
1	cdn4.mxpnl.com	emails.sponsored.aha.org
1	fast.wistia.net	emails.sponsored.aha.org
1	static.hotjar.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googletagmanager.com	www.aha.org
1	emails.sponsored.aha.org
63	34

This site contains links to these domains. Also see Links.

Domain
wecarewevote.aha.org
ifdhe.aha.org
recruiting.ultipro.com
trustees.aha.org
www.ahadata.com
ams.aha.org
ruralconference.aha.org
annualmeeting.aha.org
sponsor.aha.org
www.100millionmasks.org
enterprise.verizon.com
www.minister.defence.gov.au
connect.healthforum.com
www.hret.org
www.aonl.org
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
*.aha.org Amazon	`2020-11-04` - `2021-12-05`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.hotjar.com Amazon	`2020-01-22` - `2021-02-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-23` - `2021-05-07`	6 months	crt.sh
*.mxpnl.com RapidSSL RSA CA 2018	`2019-07-29` - `2021-07-28`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
*.magnetmail.net GeoTrust RSA CA 2018	`2018-01-12` - `2021-03-12`	3 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.mixpanel.com GeoTrust RSA CA 2018	`2020-04-20` - `2022-04-21`	2 years	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
rawgit.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-01-12`	2 years	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
Frame ID: 661A240BFAAA3413A41F52377C76719F
Requests: 60 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2D12FDB9579CD6DA0719C347CF27D95B
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: B2EF80EBB8194C1F05BF8646E851D00F
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 34CFBB04032F467F20639F48C78AF667
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://emails.sponsored.aha.org/d40n5BgXUb0OU00T02030Z0 Page URL
https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

63
Requests

97 %
HTTPS

41 %
IPv6

28
Domains

34
Subdomains

32
IPs

6
Countries

1574 kB
Transfer

5134 kB
Size

6
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://wecarewevote.aha.org/
Title: We Care, We Vote

Search URL Search Domain Scan URL

URL: https://ifdhe.aha.org/
Title: Institute for Diversity and Health Equity

Search URL Search Domain Scan URL

URL: https://recruiting.ultipro.com/AME1048AHA/JobBoard/375a6da6-5fac-4f86-a078-43c6fe0f78b8/?q=&o=postedDateDesc
Title: Current AHA Openings

Search URL Search Domain Scan URL

URL: https://trustees.aha.org/
Title: Governance

Search URL Search Domain Scan URL

URL: https://www.ahadata.com/
Title: AHA Data Products

Search URL Search Domain Scan URL

URL: https://ams.aha.org/EWEB/dynamicpage.aspx?Site=AHA&WebCode=StoreMainPage&AHABU=AHA
Title: AHA Online Store

Search URL Search Domain Scan URL

URL: https://ruralconference.aha.org/
Title: AHA Rural Health Care Leadership Conference

Search URL Search Domain Scan URL

URL: https://annualmeeting.aha.org/?utm_source=web&utm_medium=topbanner&utm_campaign=2020-AM&utm_term=ahahomepage&utm_content=registration
Title: AHA Annual Membership Meeting

Search URL Search Domain Scan URL

URL: https://sponsor.aha.org/
Title: Sponsorship Information

Search URL Search Domain Scan URL

URL: https://www.100millionmasks.org/
Title: 100 Million Mask Challenge

Search URL Search Domain Scan URL

URL: http://www.ahadata.com/
Title: Data & Analytics

Search URL Search Domain Scan URL

URL: https://enterprise.verizon.com/resources/reports/dbir/2019/healthcare/
Title: Verizon Breach Report

Search URL Search Domain Scan URL

URL: https://www.minister.defence.gov.au/minister/lreynolds/media-releases/offensive-against-covid-19-cyber-criminals
Title: On the offensive against COVID-19 cyber criminals

Search URL Search Domain Scan URL

URL: https://annualmeeting.aha.org/?utm_source=web&utm_medium=smallbanner&utm_campaign=2020-AM&utm_term=ahahomepage&utm_content=registration
Title: AHA Annual Membership Meeting

Search URL Search Domain Scan URL

URL: http://connect.healthforum.com/MSG-2020.html
Title: Sponsorship Information

Search URL Search Domain Scan URL

URL: http://www.hret.org/
Title: Health Research & Educational Trust

Search URL Search Domain Scan URL

URL: http://trustees.aha.org/
Title: AHA Trustee Services

Search URL Search Domain Scan URL

URL: http://www.aonl.org/
Title: American Organization for Nursing Leadership

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ahahospitals
Title: Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/ahahospitals
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/AHAhospitals
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ahahospitals/
Title: Instagram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://emails.sponsored.aha.org/d40n5BgXUb0OU00T02030Z0 Page URL
https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=272713&time=1604939067378&url=https%3A%2F%2Fwww.aha.org%2Fcenter%2Fcybersecurity-and-risk-advisory-services%2Fransomware-attacks-hospitals-have-changed%3Futm_source%3Ddarktrace%26utm_medium%3Demail%26utm_campaign%3Dlead-gen%26utm_term%3D2020-1109%26utm_content%3Darticle%26mkt_tok%3DeyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D272713%26time%3D1604939067378%26url%3Dhttps%253A%252F%252Fwww.aha.org%252Fcenter%252Fcybersecurity-and-risk-advisory-services%252Fransomware-attacks-hospitals-have-changed%253Futm_source%253Ddarktrace%2526utm_medium%253Demail%2526utm_campaign%253Dlead-gen%2526utm_term%253D2020-1109%2526utm_content%253Darticle%2526mkt_tok%253DeyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%253D%253D%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=272713&time=1604939067378&url=https%3A%2F%2Fwww.aha.org%2Fcenter%2Fcybersecurity-and-risk-advisory-services%2Fransomware-attacks-hospitals-have-changed%3Futm_source%3Ddarktrace%26utm_medium%3Demail%26utm_campaign%3Dlead-gen%26utm_term%3D2020-1109%26utm_content%3Darticle%26mkt_tok%3DeyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D&liSync=true

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set d40n5BgXUb0OU00T02030Z0
emails.sponsored.aha.org/ 741 B
2 KB 534ms
406ms Document
text/html 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://emails.sponsored.aha.org/d40n5BgXUb0OU00T02030Z0

Protocol

HTTP/1.1

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: emails.sponsored.aha.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 16:24:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=db3e5ea6d0d2328393de46d5f8cf2dbd61604939065; expires=Wed, 09-Dec-20 16:24:25 GMT; path=/; domain=.emails.sponsored.aha.org; HttpOnly; SameSite=Lax BIGipServersj_mailtracking_http=!kd2LJdO8lOA757PInuzRy4alk/3R/rsLjJslxbNuaUbut+NRyz48zP1ikXcOj1+ReyUIcJXrT3rb9/s=; path=/; Httponly __cf_bm=a2c7cb454954b926081d7c3119f1e76eaf926ffb-1604939065-1800-AYOE2Vta1r8aCqiDsYVl/SpsGmdSOzLrmCjrIwiiSuhOACUWFoZ2b/z1X+PZVDpOu/bWfEPV9UjMk6u9iA/jKTo=; path=/; expires=Mon, 09-Nov-20 16:54:25 GMT; domain=.emails.sponsored.aha.org; HttpOnly; SameSite=None
Cache-Control: private, no-cache, no-store, max-age=0
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
cf-request-id: 064f6bbfa200001e6960b70000000001
Server: cloudflare
CF-RAY: 5ef8e245c9a51e69-AMS
Content-Encoding: gzip

GET
H2 200 Primary Request ransomware-attacks-hospitals-have-changed Show response
www.aha.org/center/cybersecurity-and-risk-advisory-services/ 163 KB
39 KB 836ms
688ms Document
text/html 13.224.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D

Requested by

Host: emails.sponsored.aha.org
URL: http://emails.sponsored.aha.org/d40n5BgXUb0OU00T02030Z0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-87.zrh50.r.cloudfront.net

Software

Resource Hash

e82c0360c8fd9dedb39d70fdee2d2fe53268840d2a1f71ea9c0de9d0e9867f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.aha.org
:scheme: https
:path: /center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://emails.sponsored.aha.org/d40n5BgXUb0OU00T02030Z0
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://emails.sponsored.aha.org/d40n5BgXUb0OU00T02030Z0

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 39020
date: Mon, 09 Nov 2020 16:24:26 GMT
set-cookie: AWSALB=J4cveT5R4LNsdxEJXpavverSic5Tp5zgtKme6FfRBT3lmGOqSgGaLzn+lOjZFsAw8jGJm0j7JeYWuqGTjjsCvrzBb5tUmcR8vk2Xr+leKbkzlCZbFAOOzn672s4m; Expires=Mon, 16 Nov 2020 16:24:26 GMT; Path=/ AWSALBCORS=J4cveT5R4LNsdxEJXpavverSic5Tp5zgtKme6FfRBT3lmGOqSgGaLzn+lOjZFsAw8jGJm0j7JeYWuqGTjjsCvrzBb5tUmcR8vk2Xr+leKbkzlCZbFAOOzn672s4m; Expires=Mon, 16 Nov 2020 16:24:26 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff nosniff
cache-control: max-age=900, public
x-drupal-dynamic-cache: UNCACHEABLE
link: <https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed>; rel="canonical" <https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed>; rel="revision"
x-ua-compatible: IE=edge
content-language: en
x-frame-options: SAMEORIGIN
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Mon, 09 Nov 2020 16:24:18 GMT
etag: "1604939058-gzip"
x-generator: Drupal 8 (https://www.drupal.org)
x-drupal-cache: HIT
content-encoding: gzip
x-varnish-cache: MISS
accept-ranges: bytes
vary: Cookie,Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: X41VT1RQG6YS-3qlguv7FSsbEsKaSzZV439v7Qs4L40JS9ZvNRMxgg==
age: 0

GET
H2 200 google_tag.script.js Show response
www.aha.org/sites/default/files/google_tag/ 348 B
1 KB 526ms
525ms Script
text/javascript 13.224.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aha.org/sites/default/files/google_tag/google_tag.script.js?qimunv

Requested by

Host: www.aha.org
URL: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-87.zrh50.r.cloudfront.net

Software

Resource Hash

651392322043ac7fb39d54f4a1795e030a37c02aee5dc865eb9a74f516177e4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 09 Nov 2020 16:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307089
x-cache: Miss from cloudfront
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 282
x-varnish-cache-hits: 1769
last-modified: Fri, 23 Oct 2020 02:23:11 GMT
etag: "15c-5b24d4313f2c0-gzip"
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control: max-age=1209600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: jEIwR4FASGWpWhb1ihjbR6jlScct26-A3yRxtTsWCznFhdc9mUDU0Q==
expires: Fri, 20 Nov 2020 03:06:17 GMT

GET
H2 200 css_rEHaGCOHfOg7tsuqNkR2liz5rzv2RuJPMzbM-bQGraU.css
www.aha.org/sites/default/files/css/ 120 KB
19 KB 675ms
675ms Stylesheet
text/css 13.224.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aha.org/sites/default/files/css/css_rEHaGCOHfOg7tsuqNkR2liz5rzv2RuJPMzbM-bQGraU.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-87.zrh50.r.cloudfront.net

Software

Resource Hash

ac41da1823877ce83bb6cbaa364476962cf9af3bf646e24f3336ccf9b406ada5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 09 Nov 2020 16:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309055
x-cache: Miss from cloudfront
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 18141
x-varnish-cache-hits: 983
last-modified: Fri, 23 Oct 2020 01:09:37 GMT
etag: "46dd-5b24c3bfd6c60"
vary: Accept-encoding
content-type: text/css
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control: max-age=1209600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: p4MDdmDYCRfkJTTx1MsIOP8apMIZ8O6bu_VvlEZiuGV5YlbP7M4k_Q==
expires: Fri, 20 Nov 2020 02:33:31 GMT

GET
H2 200 css_xQZAcuDyohOLSYfV55uFKD2q2vnSSDuGqDmkZW-GoD4.css
www.aha.org/sites/default/files/css/ 233 KB
36 KB 552ms
551ms Stylesheet
text/css 13.224.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aha.org/sites/default/files/css/css_xQZAcuDyohOLSYfV55uFKD2q2vnSSDuGqDmkZW-GoD4.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-87.zrh50.r.cloudfront.net

Software

Resource Hash

c5064072e0f2a2138b4987d5e79b85283daadaf9d2483b86a839a4656f86a03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 09 Nov 2020 16:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309294
x-cache: Miss from cloudfront
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 35802
x-varnish-cache-hits: 1395
last-modified: Fri, 23 Oct 2020 01:09:37 GMT
etag: "8bda-5b24c3c034c48"
vary: Accept-encoding
content-type: text/css
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control: max-age=1209600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: ps7Jtyp3fw0DwvOCOXg5SLad_WS7wfVLQHuOm4Tmj4Po1usUE-2qvg==
expires: Fri, 20 Nov 2020 02:29:32 GMT

GET
H2 200 css_qxuivx9k0b49C2uUiTZ-kuhLmXZrjqu3sggbkMWPlk0.css
www.aha.org/sites/default/files/css/ 352 KB
37 KB 654ms
654ms Stylesheet
text/css 13.224.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aha.org/sites/default/files/css/css_qxuivx9k0b49C2uUiTZ-kuhLmXZrjqu3sggbkMWPlk0.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-87.zrh50.r.cloudfront.net

Software

Resource Hash

ab1ba2bf1f64d1be3d0b6b9489367e92e84b99766b8eabb7b2081b90c58f964d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 09 Nov 2020 16:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305733
x-cache: Miss from cloudfront
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 36962
x-varnish-cache-hits: 1895
last-modified: Fri, 23 Oct 2020 01:09:27 GMT
etag: "9062-5b24c3b6199c0"
vary: Accept-encoding
content-type: text/css
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control: max-age=1209600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: 0plnbGgF1c0A0y5Hi1mz_v9NFRqkM8_2FLSGWfs0Y3yGTnCB_IFvzQ==
expires: Fri, 20 Nov 2020 03:28:53 GMT

GET
H2 200 aha-brand-full.png
www.aha.org/themes/custom/aha/images/ 16 KB
17 KB 367ms
364ms Image
image/png 13.224.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aha.org/themes/custom/aha/images/aha-brand-full.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-87.zrh50.r.cloudfront.net

Software

Resource Hash

7703f053d1bf85cdd6fd87769040ac86d9bc3b14d436a30a08db296743dcf6d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 09 Nov 2020 16:24:27 GMT
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 308764
x-cache: Miss from cloudfront
status: 200
content-length: 16703
x-varnish-cache-hits: 1938
last-modified: Fri, 23 Oct 2020 01:04:21 GMT
etag: "413f-5b24c292d9bd1"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: 2kEeeiWbGRdgpXR6_JW-XMIrXs_VRVtqKFdqLU1SbT0X75R5S1qq1g==
expires: Fri, 20 Nov 2020 02:38:22 GMT

GET
H2 200 aha-brand.svg
www.aha.org/themes/custom/aha/images/ 25 KB
9 KB 647ms
645ms Image
image/svg+xml 13.224.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aha.org/themes/custom/aha/images/aha-brand.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-87.zrh50.r.cloudfront.net

Software

Resource Hash

c338bdab48722a94e9b6a034476334a7ac61f15c2a8cc967a7ef41d7798b5893

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 09 Nov 2020 16:24:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309190
x-cache: Miss from cloudfront
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-varnish-cache-hits: 1300
last-modified: Fri, 23 Oct 2020 01:04:02 GMT
etag: W/"6290-5b24c28080ca6"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control: max-age=1209600
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: biDLXdJORAuOu7g-SUI-e6kQrrDCZhfTymbT4uT7owt81sfzl8qomQ==
expires: Fri, 20 Nov 2020 02:31:16 GMT

GET
H2 200 logo-aha-innovation-center-color-60px.png
www.aha.org/sites/default/files/2020-09/ 15 KB
16 KB 93ms
91ms Image
image/png 13.224.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aha.org/sites/default/files/2020-09/logo-aha-innovation-center-color-60px.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-87.zrh50.r.cloudfront.net

Software

Resource Hash

d423608ea72b80c1c544efebb1d6fea6cda93cc53602ac9da2b8eab327278e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sun, 08 Nov 2020 17:15:35 GMT
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 83332
x-cache: Hit from cloudfront
status: 200
content-length: 15597
last-modified: Fri, 04 Sep 2020 19:33:33 GMT
etag: "3ced-5ae81f1c07368"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: KDeMuN7YmunYI0o9GDTv4KuoqhoghKEWsBYdhI9ylHM0Rs1qILyHwg==
expires: Sun, 22 Nov 2020 17:15:35 GMT

GET
H2 200 Cybersecurity_1170x250.jpg
www.aha.org/sites/default/files/2018-09/ 196 KB
197 KB 657ms
656ms Image
image/jpeg 13.224.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aha.org/sites/default/files/2018-09/Cybersecurity_1170x250.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-87.zrh50.r.cloudfront.net

Software

Resource Hash

3ae5d84b9e00de2bb35958148838b34e7d1e631b945227937bfc4e6fa9b4bf28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 09 Nov 2020 16:24:27 GMT
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 9484
x-cache: Miss from cloudfront
status: 200
content-length: 201092
x-varnish-cache-hits: 1
last-modified: Wed, 03 Oct 2018 11:19:09 GMT
etag: "31184-5775135030540"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=1209600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: AUYG_x60RqRIoAD-3zkYa8kftDnsx6bqNHgP8SzjwRJrimOUsVNYIQ==
expires: Mon, 23 Nov 2020 13:46:22 GMT

GET
H2 200 logo-ahia-horz-invert.svg
www.aha.org/themes/custom/aha/images/ 45 KB
16 KB 666ms
664ms Image
image/svg+xml 13.224.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aha.org/themes/custom/aha/images/logo-ahia-horz-invert.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-87.zrh50.r.cloudfront.net

Software

Resource Hash

c4314c7350bf5f8dbbb9cc8547e48cd6f44304236edfca60124b1146565d93cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 09 Nov 2020 16:24:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309248
x-cache: Miss from cloudfront
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-varnish-cache-hits: 1799
last-modified: Fri, 23 Oct 2020 01:04:02 GMT
etag: W/"b364-5b24c28080ca6"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control: max-age=1209600
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: kCe_HWIv2e9Tg4hhLh4Mo98bbbkn2JDvTvKBSLkZfpwTX__rmyvPvg==
expires: Fri, 20 Nov 2020 02:30:18 GMT

GET
H2 200 js_AJzFG7wTXzs0rxIf-3Ldj9JcS_dTrzXOc646BWumLRk.js Show response
www.aha.org/sites/default/files/js/ 1 MB
296 KB 652ms
649ms Script
text/javascript 13.224.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aha.org/sites/default/files/js/js_AJzFG7wTXzs0rxIf-3Ldj9JcS_dTrzXOc646BWumLRk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-87.zrh50.r.cloudfront.net

Software

Resource Hash

009cc51bbc135f3b34af121ffb72dd8fd25c4bf753af35ce73ae3a056ba62d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 09 Nov 2020 16:24:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309266
x-cache: Miss from cloudfront
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 301504
x-varnish-cache-hits: 1857
last-modified: Fri, 23 Oct 2020 01:09:37 GMT
etag: "499c0-5b24c3c078e20"
vary: Accept-encoding
content-type: text/javascript
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control: max-age=1209600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: EnreYNHZRAkEJFTfw5aFp8mAZIyxHAz0wJqbUTK8hkYo5W9bs3innQ==
expires: Fri, 20 Nov 2020 02:30:00 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 144ms
45ms Script
application/javascript 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
date: Mon, 09 Nov 2020 16:24:27 GMT
x-host: s7.addthis.com
content-length: 116325
x-akamai-path-stats: [2:144280:3720:-],[3:141270:4294820026:-],[3:145148:4294827148:-],[3:141687:4294821609:-],[2:143939:4294826357:-],[3:312714:4294814582:-],[3:165893:4294649403:-],[2:151360:4294815936:-],[2:150402:4294815894:-],[2:151695:4294815601:-]

GET
H2 200 js_4ZFg3I_X_mMB6p3TQFsjEkU7wnkdjy99KLWa6nyD0XA.js Show response
www.aha.org/sites/default/files/js/ 55 KB
16 KB 665ms
663ms Script
text/javascript 13.224.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aha.org/sites/default/files/js/js_4ZFg3I_X_mMB6p3TQFsjEkU7wnkdjy99KLWa6nyD0XA.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-87.zrh50.r.cloudfront.net

Software

Resource Hash

e19160dc8fd7fe6301ea9dd3405b2312453bc2791d8f2f7d28b59aea7c83d170

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 09 Nov 2020 16:24:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309147
x-cache: Miss from cloudfront
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 15762
x-varnish-cache-hits: 1207
last-modified: Fri, 23 Oct 2020 01:09:38 GMT
etag: "3d92-5b24c3c093bd0"
vary: Accept-encoding
content-type: text/javascript
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control: max-age=1209600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: 3KWn3-yuRNe28g0NMy4RWrFDHBbPalWSmep2h6kAMyTOHHVyjoGH3Q==
expires: Fri, 20 Nov 2020 02:31:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 317 KB
72 KB 22ms
20ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TL4XBQK

Requested by

Host: www.aha.org
URL: https://www.aha.org/sites/default/files/google_tag/google_tag.script.js?qimunv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d77b5bc063c8166f800804003030539e0da61471f09273f63490d63fef9b7d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 16:24:27 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73237
x-xss-protection: 0
last-modified: Mon, 09 Nov 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Nov 2020 16:24:27 GMT

GET
H2 200 css_bb4f2J-N0s6N1oFsrBFFk0nevGwo8I_U4LtHwc2RGLg.css
www.aha.org/sites/default/files/css/ 2 KB
1 KB 509ms
508ms Stylesheet
text/css 13.224.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aha.org/sites/default/files/css/css_bb4f2J-N0s6N1oFsrBFFk0nevGwo8I_U4LtHwc2RGLg.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-87.zrh50.r.cloudfront.net

Software

Resource Hash

6dbe1fd89f8dd2ce8dd6816cac11459349debc6c28f08fd4e0bb47c1cd9118b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 09 Nov 2020 16:24:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309352
x-cache: Miss from cloudfront
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 566
x-varnish-cache-hits: 1861
last-modified: Fri, 23 Oct 2020 01:09:26 GMT
etag: "236-5b24c3b5f7eb0"
vary: Accept-encoding
content-type: text/css
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control: max-age=1209600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: rkP2Fx5c2pzsZBkfl7LAur5bbHm1fvXWMHXzhi1nHPtoViyS8Uf6Bg==
expires: Fri, 20 Nov 2020 02:28:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL4XBQK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4119
date: Mon, 09 Nov 2020 15:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 09 Nov 2020 17:15:48 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 151ms
51ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL4XBQK
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 16:24:27 GMT
content-encoding: gzip
age: 67908
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1958
x-served-by: cache-hhn4046-HHN
last-modified: Wed, 21 Oct 2020 21:46:56 GMT
x-timer: S1604939067.240007,VS0,VE0
etag: "a4cc3f907681b24a3efd540acd5d2996+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 10ms
9ms Script
application/x-javascript 2a02:26f0:eb:3b4::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL4XBQK
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:3b4::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 16:24:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=49262
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 hotjar-32289.js Show response
static.hotjar.com/c/ 4 KB
2 KB 68ms
68ms Script
application/javascript 13.224.93.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-32289.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL4XBQK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.53 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-53.zrh50.r.cloudfront.net

Software

Resource Hash

a60ee9f8d6c2f5223e402fa014d1dcc538c07c47369341bc4dda08279fbbdf4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 16:23:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52
x-cache: Hit from cloudfront
status: 200
content-length: 1773
access-control-allow-origin: *
cache-control: max-age=60
etag: W/d20dc2005416571d6d3f2c041a0b282d
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
x-cache-hit: 1
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: mTF9tfu30_siZnytsxNTnBhsCiQKdCZ65AUS3u01SQyNZtZp8JARxw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: emails.sponsored.aha.org
URL: http://emails.sponsored.aha.org/d40n5BgXUb0OU00T02030Z0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 23070
x-xss-protection: 0
pragma: public
x-fb-debug: zVPWutIvKRVuik0WCJA3Uc5DCd2ZJhiSWDm6qUAn51ZQMHI6QbW6yloGRuvN2TAk0XdNKbZsovRGLJ8bogEIvg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 09 Nov 2020 16:24:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ 661 KB
119 KB 55ms
47ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: emails.sponsored.aha.org
URL: http://emails.sponsored.aha.org/d40n5BgXUb0OU00T02030Z0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

83f375aae5130f974003ffa0c5b7040142e7ed8ca2ee620b2faf1d7a944ea5dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 16:24:27 GMT
content-encoding: br
vary: Accept-Encoding
age: 664
x-cache: HIT, HIT
status: 200
content-length: 121877
x-served-by: cache-dca17751-DCA, cache-hhn4036-HHN
access-control-allow-origin: *
x-browser-version: 83
last-modified: Thu, 05 Nov 2020 13:27:25 GMT
x-timer: S1604939067.207357,VS0,VE0
etag: "5fa3fdbd-1dc15"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 63

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn4.mxpnl.com/libs/ 79 KB
27 KB 126ms
41ms Script
text/javascript 130.211.5.208
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: emails.sponsored.aha.org
URL: http://emails.sponsored.aha.org/d40n5BgXUb0OU00T02030Z0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.5.208 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 208.5.211.130.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4232e3c12b3860ed86f62ab38ee1a711ba7393218593d61cefa8100c28afdd6f

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 16:21:25 GMT
content-encoding: gzip
age: 182
x-guploader-uploadid: ABg5-UzsS4I-p58qhgihYqsmFw0GyzFhp-QnHYk18ci4SDzO1UHHz6llM17rLFFH1o8mdF42SKCoLf8w3OfKCmIIa8w
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 26928
last-modified: Mon, 17 Aug 2020 21:43:08 GMT
server: UploadServer
etag: "0f7532346a033260e6e905e6396195aa"
vary: Accept-Encoding
x-goog-hash: crc32c=AlJgbg==, md5=D3UyNGoDMmDm6QXmOWGVqg==
x-goog-generation: 1597700588364815
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 26928
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 09 Nov 2020 16:31:25 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
1 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL4XBQK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

105bf8b5f80c83937f34028781a20c16261ef0117cede1d9c54e8c06c3647ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 16:24:27 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
status: 200
cache-control: no-cache
content-type: application/javascript
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 53ms
52ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: emails.sponsored.aha.org
URL: http://emails.sponsored.aha.org/d40n5BgXUb0OU00T02030Z0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.60.75 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 16:24:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H/1.1 200
OK MagnetLeads.js Show response
tracking.magnetmail.net/ 3 KB
2 KB 860ms
125ms Script
application/javascript 209.18.65.216
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.magnetmail.net/MagnetLeads.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL4XBQK
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 209.18.65.216 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 621f5deb926e2b0bd1b6b19c1b3756ab41d2d53e3404d85b21204daefbe9c2bc

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 16:24:26 GMT
Content-Encoding: gzip
X-mID: 3265
X-Powered-By: ASP.NET
Content-Length: 1187
Last-Modified: Tue, 06 Jun 2017 18:19:15 GMT
Server: Microsoft-IIS/8.0
ETag: "80136067f1ded21:0"
Vary: Accept-Encoding,Origin
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Mon, 09 Nov 2020 16:25:27 GMT

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 10ms
10ms Script
application/x-javascript 2a02:26f0:eb:3b4::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:3b4::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 16:24:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=15452
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H3-Q050 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 15:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2510
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 09 Nov 2020 16:42:37 GMT

GET
H2 200 icon-search.svg
www.aha.org/themes/custom/aha/images/icons/ 1 KB
1 KB 213ms
213ms Image
image/svg+xml 13.224.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aha.org/themes/custom/aha/images/icons/icon-search.svg

Requested by

Host: www.aha.org
URL: https://www.aha.org/sites/default/files/css/css_qxuivx9k0b49C2uUiTZ-kuhLmXZrjqu3sggbkMWPlk0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-87.zrh50.r.cloudfront.net

Software

Resource Hash

b8c6f2e3e7539b58d6f08b6385885e51cd53cb58d0a92ab714c0cc80d18050fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha.org/sites/default/files/css/css_qxuivx9k0b49C2uUiTZ-kuhLmXZrjqu3sggbkMWPlk0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 09 Nov 2020 16:24:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309240
x-cache: Miss from cloudfront
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-varnish-cache-hits: 899
last-modified: Fri, 23 Oct 2020 01:04:06 GMT
etag: W/"532-5b24c283ed174"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cache-control: max-age=1209600
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: pm_nDTaQQ_OOK4EUmibdcYM2BgGNpU4jEczw8-Au2lNpFusegGbWyg==
expires: Fri, 20 Nov 2020 02:30:27 GMT

GET
H2 200 Univers-Bold.woff
www.aha.org/themes/custom/aha/assets/fonts/Univers/ 16 KB
17 KB 654ms
654ms Font
text/plain 13.224.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aha.org/themes/custom/aha/assets/fonts/Univers/Univers-Bold.woff

Requested by

Host: www.aha.org
URL: https://www.aha.org/sites/default/files/css/css_qxuivx9k0b49C2uUiTZ-kuhLmXZrjqu3sggbkMWPlk0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-87.zrh50.r.cloudfront.net

Software

Resource Hash

71ff6b706c0eed2ad9f8389bbea49d598e8b44583bc8179c91afb89b5a8ffb2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.aha.org
Referer: https://www.aha.org/sites/default/files/css/css_qxuivx9k0b49C2uUiTZ-kuhLmXZrjqu3sggbkMWPlk0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 09 Nov 2020 16:24:27 GMT
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 309361
x-cache: Miss from cloudfront
status: 200
content-length: 16708
x-varnish-cache-hits: 1805
last-modified: Fri, 23 Oct 2020 01:04:25 GMT
etag: "4144-5b24c296341de"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=1209600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: H-owIn_CmTdjruwO9ZwR2EFhv3AcghPFsk1U5zaZv-6piQL_FJ5ecQ==
expires: Fri, 20 Nov 2020 02:28:25 GMT

GET
H2 200 195849607715636 Show response
connect.facebook.net/signals/config/ 234 KB
68 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/195849607715636?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fc06ee221c035d2ed1a4e6b9f61348f1a58c8ef9a681b2c7347c7c23d2110ce

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 69916
x-xss-protection: 0
pragma: public
x-fb-debug: vbF22X9FEg6bBENHKEqmwSEcBe7nt+Rna/y5sqb9B32X3QnIM23LWbE/fMcoda7p02EHRfVtYbgSx0+UtwhAgg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 09 Nov 2020 16:24:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.8d61e969c7deff2570c5.js Show response
script.hotjar.com/ 362 KB
71 KB 75ms
74ms Script
application/javascript 13.224.93.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8d61e969c7deff2570c5.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-32289.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.65 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-65.zrh50.r.cloudfront.net

Software

Resource Hash

cffc573bb349054cbbe8ff16713e646774262ae4810202c7421dae2bf5f8a38e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 15:35:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 262150
x-cache: Hit from cloudfront
status: 200
content-length: 72516
access-control-allow-origin: *
last-modified: Fri, 06 Nov 2020 15:31:31 GMT
etag: "8a26168d6b1bbbe3b048a7e671a8ab78"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e8a7e21f51478f02a6e51b69e3450928.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Hdu_JkWEUXyQUBBTsyPVbKxRo-YZF536xcQt2qOvTYbHL_4_q9HuWA==

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=272713&time=1604939067378&url=https%3A%2F%2Fwww.aha.org%2Fcenter%2Fcybersecurity-and-risk-advisory-services%2Fransomware-attacks-hospitals-have-ch...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D272713%26time%3D1604939067378%26url%3Dhttps%253A%252F%252Fwww.aha.org%252Fcenter%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=272713&time=1604939067378&url=https%3A%2F%2Fwww.aha.org%2Fcenter%2Fcybersecurity-and-risk-advisory-services%2Fransomware-attacks-hospitals-have-ch...

0
45 B

177ms
177ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=272713&time=1604939067378&url=https%3A%2F%2Fwww.aha.org%2Fcenter%2Fcybersecurity-and-risk-advisory-services%2Fransomware-attacks-hospitals-have-changed%3Futm_source%3Ddarktrace%26utm_medium%3Demail%26utm_campaign%3Dlead-gen%26utm_term%3D2020-1109%26utm_content%3Darticle%26mkt_tok%3DeyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D&liSync=true
Requested by: Host: www.aha.org
URL: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 16:24:27 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: Y1C3LJTjRRaAFgewGysAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: wLYbJpTjRRbQTc0r4yoAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: 1B508F84D9164AE4A25C99217D1DB79E Ref B: FRAEDGE0713 Ref C: 2020-11-09T16:24:27Z
x-frame-options: sameorigin
date: Mon, 09 Nov 2020 16:24:27 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=272713&time=1604939067378&url=https%3A%2F%2Fwww.aha.org%2Fcenter%2Fcybersecurity-and-risk-advisory-services%2Fransomware-attacks-hospitals-have-changed%3Futm_source%3Ddarktrace%26utm_medium%3Demail%26utm_campaign%3Dlead-gen%26utm_term%3D2020-1109%26utm_content%3Darticle%26mkt_tok%3DeyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-47569936-1&cid=83519289.1604939067&jid=87289031&uid=(not%20set)&gjid=581355059&_gid=745797368.1604939067&_u=aGBAgEALQAAAAE~&z=314126698

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 09 Nov 2020 16:24:27 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.aha.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 80 KB
32 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-5ZZW2L6&t=gtm17&cid=83519289.1604939067

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

584255fe2fae08e10c2bef6a731512d8d20a78cf68bc8e50e781b4c73db89d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 16:24:27 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32355
x-xss-protection: 0
last-modified: Mon, 09 Nov 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Nov 2020 16:24:27 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
6ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1485338079&t=pageview&_s=1&dl=https%3A%2F%2Fwww.aha.org%2Fcenter%2Fcybersecurity-and-risk-advisory-services%2Fransomware-attacks-hospitals-have-changed%3Futm_source%3Ddarktrace%26utm_medium%3Demail%26utm_campaign%3Dlead-gen%26utm_term%3D2020-1109%26utm_content%3Darticle%26mkt_tok%3DeyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%253D%253D&dr=http%3A%2F%2Femails.sponsored.aha.org%2Fd40n5BgXUb0OU00T02030Z0&ul=en-us&de=UTF-8&dt=Ransomware%20Attacks%20on%20Hospitals%20Have%20Changed%20%7C%20Cybersecurity%20%7C%20Center%20%7C%20AHA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEALQ~&jid=87289031&gjid=581355059&cid=83519289.1604939067&uid=(not%20set)&tid=UA-47569936-1&_gid=745797368.1604939067&gtm=2wgas1TL4XBQK&cg4=AHA%20Center%20for%20Health%20Innovation%2CCybersecurity&cg5=(not%20set)&cd1=(not%20set)&cd2=www_aha_org&cd3=(not%20set)&cd4=anonymous&cd6=(not%20set)&cd7=(not%20set)&cd8=(not%20set)&cd9=(not%20set)&cd10=(not%20set)&cd11=(not%20set)&cd12=(not%20set)&cd13=(not%20set)&cd14=(not%20set)&cd16=AHA%20Center%20for%20Health%20Innovation%2CCybersecurity&cd17=(not%20set)&cd18=(not%20set)&cd19=(not%20set)&z=1155787645

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Nov 2020 09:14:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25768
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 59ms
59ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.60.75 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 16:24:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Wed, 17 Feb 2021 16:24:27 GMT

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflGYMLFw/ 97 KB
35 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflGYMLFw/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f67f05946c829047c5413fd55532a6025d8d6ad270a30cc6eb77a83c27d551d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 00:48:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56183
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35892
x-xss-protection: 0
last-modified: Fri, 06 Nov 2020 03:34:16 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 17 Nov 2020 00:48:04 GMT

GET
H2 200 fontawesome-webfont.woff2
www.aha.org/themes/custom/aha/dist/css/fonts/ 65 KB
66 KB 232ms
232ms Font
text/plain 13.224.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aha.org/themes/custom/aha/dist/css/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: www.aha.org
URL: https://www.aha.org/sites/default/files/css/css_xQZAcuDyohOLSYfV55uFKD2q2vnSSDuGqDmkZW-GoD4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-87.zrh50.r.cloudfront.net

Software

Resource Hash

670f9f133ae7b82f0b92b0b016879f59d2ebd885294c0d69f732860a9ecf609a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.aha.org
Referer: https://www.aha.org/sites/default/files/css/css_xQZAcuDyohOLSYfV55uFKD2q2vnSSDuGqDmkZW-GoD4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 09 Nov 2020 16:24:27 GMT
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 309296
x-cache: Miss from cloudfront
status: 200
content-length: 66624
x-varnish-cache-hits: 1205
last-modified: Fri, 23 Oct 2020 01:08:32 GMT
etag: "10440-5b24c381cd09a"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=1209600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: 0k6wP6OF9DEeynR3QKLaQypYa2MHLPYpsKz7P6FWU7y6IQ288BOixg==
expires: Fri, 20 Nov 2020 02:29:31 GMT

GET
H2 200 UniversLTStd-BoldCn.woff
www.aha.org/themes/custom/aha/assets/fonts/UniversLTStd/ 17 KB
18 KB 228ms
228ms Font
text/plain 13.224.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aha.org/themes/custom/aha/assets/fonts/UniversLTStd/UniversLTStd-BoldCn.woff

Requested by

Host: www.aha.org
URL: https://www.aha.org/sites/default/files/css/css_qxuivx9k0b49C2uUiTZ-kuhLmXZrjqu3sggbkMWPlk0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-87.zrh50.r.cloudfront.net

Software

Resource Hash

3c5f274f551c138921e0ec2e9d67343c87427d147904f86c0d108f39af67f013

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.aha.org
Referer: https://www.aha.org/sites/default/files/css/css_qxuivx9k0b49C2uUiTZ-kuhLmXZrjqu3sggbkMWPlk0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 09 Nov 2020 16:24:27 GMT
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 309429
x-cache: Miss from cloudfront
status: 200
content-length: 17756
x-varnish-cache-hits: 1239
last-modified: Fri, 23 Oct 2020 01:04:13 GMT
etag: "455c-5b24c28b7a02a"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=1209600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: p1k6mTAKx9r72i6hDYdCvkAmUVwKT9O-4NU3hdK26kp02qURQtFKMQ==
expires: Fri, 20 Nov 2020 02:27:18 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
117 B 31ms
31ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-47569936-1&cid=83519289.1604939067&jid=87289031&_u=aGBAgEALQAAAAE~&z=408459856

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Nov 2020 16:24:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 30ms
30ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-47569936-1&cid=83519289.1604939067&jid=87289031&_u=aGBAgEALQAAAAE~&z=408459856

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Nov 2020 16:24:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
api-js.mixpanel.com/decide/ 65 B
324 B 140ms
54ms XHR
application/json 107.178.240.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=802e76be2ff76775853972abfa35c432&ip=1&_=1604939067560
Requested by: Host: cdn4.mxpnl.com
URL: https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.240.159 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 159.240.178.107.bc.googleusercontent.com
Software: gunicorn/19.9.0 /
Resource Hash: 5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 16:24:27 GMT
via: 1.1 google
server: gunicorn/19.9.0
access-control-allow-headers: X-Requested-With
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.aha.org
cache-control: no-cache, no-store
access-control-allow-credentials: true
alt-svc: clear

GET
H2 200 /
www.facebook.com/tr/ 44 B
257 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=195849607715636&ev=PageView&dl=https%3A%2F%2Fwww.aha.org%2Fcenter%2Fcybersecurity-and-risk-advisory-services%2Fransomware-attacks-hospitals-have-changed%3Futm_source%3Ddarktrace%26utm_medium%3Demail%26utm_campaign%3Dlead-gen%26utm_term%3D2020-1109%26utm_content%3Darticle%26mkt_tok%3DeyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%253D%253D&rl=http%3A%2F%2Femails.sponsored.aha.org%2Fd40n5BgXUb0OU00T02030Z0&if=false&ts=1604939067579&cd[content_topics]=AHA%20Center%20for%20Health%20Innovation%2CCybersecurity&cd[content_category]=(not%20set)&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1604939067578.1313444446&it=1604939067251&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 16:24:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 09 Nov 2020 16:24:27 GMT

GET
H2 200 adsct
t.co/i/ 43 B
449 B 269ms
163ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nvhbh&events=%5B%5B%22pageview%22%2C%7B%22content_name%22%3A%22Ransomware%20Attacks%20on%20Hospitals%20Have%20Changed%20%7C%20Cybersecurity%20%7C%20Center%20%7C%20AHA%22%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.aha.org%2Fcenter%2Fcybersecurity-and-risk-advisory-services%2Fransomware-attacks-hospitals-have-changed%3Futm_source%3Ddarktrace%26utm_medium%3Demail%26utm_campaign%3Dlead-gen%26utm_term%3D2020-1109%26utm_content%3Darticle%26mkt_tok%3DeyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%253D%253D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 16:24:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 110
pragma: no-cache
last-modified: Mon, 09 Nov 2020 16:24:27 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e8b533e03925f13073c55612370975ce
x-transaction: 00f0ab47005c3f47
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK visitWebPage Show response
734-zto-041.mktoresp.com/webevents/ 2 B
311 B 840ms
206ms XHR
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://734-zto-041.mktoresp.com/webevents/visitWebPage?_mchNc=1604939067584&_mchCn=&_mchId=734-ZTO-041&_mchTk=_mch-aha.org-1604939067583-18835&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D&_mchHo=www.aha.org&_mchPo=&_mchRu=%2Fcenter%2Fcybersecurity-and-risk-advisory-services%2Fransomware-attacks-hospitals-have-changed&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=http%3A%2F%2Femails.sponsored.aha.org%2Fd40n5BgXUb0OU00T02030Z0&_mchQp=utm_source%3Ddarktrace__-__utm_medium%3Demail__-__utm_campaign%3Dlead-gen__-__utm_term%3D2020-1109__-__utm_content%3Darticle__-__mkt_tok%3DeyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 16:24:28 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 41a265c8-f556-47d9-bd02-fc96f2b4d479

GET
H2 200 fontawesome-webfont.woff2
www.aha.org/modules/contrib/we_megamenu/assets/fonts/fontawesome/ 75 KB
76 KB 232ms
231ms Font
text/plain 13.224.93.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aha.org/modules/contrib/we_megamenu/assets/fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.aha.org
URL: https://www.aha.org/sites/default/files/css/css_rEHaGCOHfOg7tsuqNkR2liz5rzv2RuJPMzbM-bQGraU.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-87.zrh50.r.cloudfront.net

Software

Resource Hash

42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.aha.org
Referer: https://www.aha.org/sites/default/files/css/css_rEHaGCOHfOg7tsuqNkR2liz5rzv2RuJPMzbM-bQGraU.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Mon, 09 Nov 2020 16:24:27 GMT
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 309402
x-cache: Miss from cloudfront
status: 200
content-length: 77160
x-varnish-cache-hits: 1727
last-modified: Fri, 23 Oct 2020 01:03:25 GMT
etag: "12d68-5b24c25d5204a"
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=1209600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: NHNrY6iTHMs1rbaufAK9WaYq40OHAgmI4EuXjteKGOzs37oFTybuRQ==
expires: Fri, 20 Nov 2020 02:27:45 GMT

GET
H/1.1 200
OK visit-page Show response
tracking.magnetmail.net/LTj9xKyeekhJbHbnpaJyA/ 0
574 B 129ms
128ms Script
application/javascript 209.18.65.216
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.magnetmail.net/LTj9xKyeekhJbHbnpaJyA/visit-page?_=1604939068036
Requested by: Host: tracking.magnetmail.net
URL: https://tracking.magnetmail.net/MagnetLeads.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 209.18.65.216 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Nov 2020 16:24:27 GMT
X-mID: 3265
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Origin
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Content-Length: 0
Expires: -1

POST
H2 200 /
www.facebook.com/tr/ 0
103 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryQiJKo486RfStKoD3

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 09 Nov 2020 16:24:28 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.aha.org
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 prettify.css
cdn.rawgit.com/google/code-prettify/master/loader/ 655 B
1 KB 174ms
50ms Stylesheet
text/css 151.139.237.11
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rawgit.com/google/code-prettify/master/loader/prettify.css

Requested by

Host: www.aha.org
URL: https://www.aha.org/sites/default/files/js/js_AJzFG7wTXzs0rxIf-3Ldj9JcS_dTrzXOc646BWumLRk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.237.11 Dallas, United States, ASN33438 (HIGHWINDS2, US),

Reverse DNS

Software

NetDNA-cache/2.2 /

Resource Hash

e3b0f209e58b0d412b1e37d9468ab6674dad3860077ad9a918a7462ca67d033d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 16:24:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
status: 200
vary: Accept-Encoding
cf-request-id: 064bbf15a8000027983101e000000001
rawgit-cache-status: HIT
x-robots-tag: none
content-type: text/css;charset=utf-8
server: NetDNA-cache/2.2
etag: W/"5842f98557e7787e109bdd666c770913847522bd780247fea210267b419c13c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UESumhn%2FL2UasD1qoZqP6LFyE2DfSmyyjRGaIZOSWf0ao%2B2kNwvHCajlWjSuF34dHC7Em7oJRH8sau2wAHwnU5JNNKJUnfArt9xqYCwFd4lZpnNHcNo%3D"}],"group":"cf-nel","max_age":604800}
sunset: Tue, 01 Oct 2019 00:00:00 GMT
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 5ef30135dda92798-PRG
link: <https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 190ms
63ms Script
application/x-javascript 104.108.145.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.172 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 16:24:28 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 191C384BD08D2989
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=46727
accept-ranges: bytes
content-length: 948
x-amz-id-2: /Y8Yj/DqLNS2pI1SPlp4cWcg3IlspJAynuwPI5L3vSGxaNJQvodByoZJc97qcmeVSMm8xcdrWW0=

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
652 B 265ms
167ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nvhbh&events=%5B%5B%22pageview%22%2C%7B%22content_name%22%3A%22Ransomware%20Attacks%20on%20Hospitals%20Have%20Changed%20%7C%20Cybersecurity%20%7C%20Center%20%7C%20AHA%22%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.aha.org%2Fcenter%2Fcybersecurity-and-risk-advisory-services%2Fransomware-attacks-hospitals-have-changed%3Futm_source%3Ddarktrace%26utm_medium%3Demail%26utm_campaign%3Dlead-gen%26utm_term%3D2020-1109%26utm_content%3Darticle%26mkt_tok%3DeyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%253D%253D

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 16:24:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 118
pragma: no-cache
last-modified: Mon, 09 Nov 2020 16:24:28 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 9ef5fba27e7cba17a8be3dda51143624
x-transaction: 00897f8d00f5b695
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-511d0eeb2ee0c580/ 3 KB
911 B 76ms
74ms Script
application/javascript 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-511d0eeb2ee0c580/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4591e11dac61401b5ee5cfc038465fcc1a16dcd622ab6af5adcbd9126251180e

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 16:24:28 GMT
content-encoding: gzip
etag: -2048545347--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=11, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 734

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 88 B
248 B 178ms
176ms Script
application/javascript 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5fa96d3c3550d641&bkl=0&bl=1&pdt=871&sid=5fa96d3c3550d641&pub=ra-511d0eeb2ee0c580&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.aha.org&dr=emails.sponsored.aha.org&fp=center%2Fcybersecurity-and-risk-advisory-services%2Fransomware-attacks-hospitals-have-changed&fr=d40n5BgXUb0OU00T02030Z0&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=2&gen=100&chr=UTF-8&colc=1604939068305&jsl=8193&uvs=5fa96d3ca4dd18dd000&skipb=1&callback=addthis.cbs.jsonp__8072446561825350
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c7453e365c1ff8cb4e024d59cd2f477f45b6b83d9275c8f91acf9b24177c993b

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Mon, 09 Nov 2020 16:24:28 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 88
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2D12 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame B2EF 0
0 52ms
51ms Document
text/html 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 09 Nov 2020 16:24:28 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 34CF 0
0 64ms
64ms Document
text/html 13.224.93.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-32289.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-88.zrh50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D

Response headers

status: 200
content-type: text/html
content-length: 851
date: Mon, 05 Oct 2020 13:02:45 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 05 Oct 2020 11:02:22 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: JoX7YmmdYqV9dBawHuZCdqRwSP1XT3ziAF48babN9LuKcrkJKUKpWQ==
age: 3036103

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 56ms
56ms Script
application/javascript 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Mon, 09 Nov 2020 16:24:28 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617
x-akamai-path-stats: [1:5774:226],[1:61500:29500]

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/32289/ 178 B
320 B 74ms
74ms XHR
application/json 52.51.24.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/32289/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8d61e969c7deff2570c5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.24.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-24-70.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 09 Nov 2020 16:24:28 GMT
content-encoding: br
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H2 200 nr-1184.min.js Show response
js-agent.newrelic.com/ 27 KB
11 KB 46ms
46ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1184.min.js
Requested by: Host: www.aha.org
URL: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 16:24:28 GMT
content-encoding: gzip
x-amz-request-id: A21809B1C987C063
x-cache: HIT
status: 200
content-length: 10624
x-amz-id-2: 5/0iWHe8AbcxZN6Jo3BmJ2Q+tztfRSNwr+lcNTrsM79nJm6KurTN6rNwf14f8ELquc1TIDOjlf4=
x-served-by: cache-hhn4036-HHN
last-modified: Mon, 28 Sep 2020 16:34:45 GMT
server: AmazonS3
x-timer: S1604939069.563741,VS0,VE0
etag: "3d7f312be60d08a2568e311e4762f3af"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 34880

GET
H/1.1 200
OK ef0243a3c2 Show response
bam-cell.nr-data.net/1/ 57 B
651 B 571ms
469ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/ef0243a3c2?a=392991312&v=1184.ab39b52&to=blYDZBECWEQEWkdbXlccIFMXCllZSklSVVRmUABTCwY%3D&rst=2928&ck=1&ref=https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed&ap=24&be=851&fe=2875&dc=2606&perf=%7B%22timing%22:%7B%22of%22:1604939065662,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:3,%22c%22:3,%22s%22:27,%22ce%22:150,%22rq%22:150,%22rp%22:838,%22rpe%22:870,%22dl%22:841,%22di%22:2605,%22ds%22:2605,%22de%22:2650,%22dc%22:2873,%22l%22:2874,%22le%22:2876%7D,%22navigation%22:%7B%7D%7D&fp=1753&fcp=1753&at=QhEAElkYS0o%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 16:24:29 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 5ef8e25b8967c765-AMS
cf-request-id: 064f6bcd310000c765899b7000000001
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
158 B 61ms
60ms XHR
application/json 107.178.240.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1604939072554
Requested by: Host: cdn4.mxpnl.com
URL: https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.240.159 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 159.240.178.107.bc.googleusercontent.com
Software: envoy /
Resource Hash: e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 09 Nov 2020 16:24:32 GMT
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.aha.org
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
alt-svc: clear
content-length: 25

POST
H/1.1 200
OK ef0243a3c2 Show response
bam-cell.nr-data.net/events/1/ 24 B
487 B 293ms
292ms XHR
image/gif 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/ef0243a3c2?a=392991312&v=1184.ab39b52&to=blYDZBECWEQEWkdbXlccIFMXCllZSklSVVRmUABTCwY%3D&rst=12927&ck=1&ref=https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed?utm_source=darktrace&utm_medium=email&utm_campaign=lead-gen&utm_term=2020-1109&utm_content=article&mkt_tok=eyJpIjoiTVdaaU9EazNNRGsxTldJNCIsInQiOiIrR1ZQRnprK0IrR3k0WEZqcEZLNDNRc3hSMDBTcEhLU1JoUjU1eGQ3aGZUb2RsVktGdlFkam5EWVwvWEJjZHNwTWdoZ3YxZHUzc2hacTFPZkhkMUtCRmZDd0tuTjVZdCs1em90STdtUFY2OEo2Ylp4SHB6QmdIMVlIMXBER2tYU00ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 09 Nov 2020 16:24:38 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.aha.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
CF-Ray: 5ef8e2995c57c765-AMS
Content-Length: 24
cf-request-id: 064f6bf3d90000c76535344000000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.aha.org/	1970-01-19 13:49:00	Name: __atuvs Value: 5fa96d3ca4dd18dd000
.aha.org/	1970-01-19 13:49:00	Name: _hjAbsoluteSessionInProgress Value: 0
www.aha.org/	1970-01-19 13:48:59	Name: _hjIncludedInPageviewSample Value: 1
.addthis.com/	1970-01-19 23:17:47	Name: uvc Value: 1%7C46
.addthis.com/	1970-01-19 23:17:47	Name: loc Value: MDAwMDBFVVBMMTIyMzAxMTk5OTAwMDAwMDBDSA==
www.aha.org/	1970-01-19 23:17:47	Name: __atuvc Value: 1%7C46

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: *** cookie 'fonce_current_session' set (all pages): AWSALB=WAUb5H5SGnFlcEORD28J2U29fn3BjddKs7Z4+06bQXUkwP9NWNzokHDSvXQqg5OBNolY0/8Ww6lhA1o/5mwigpOzRtKzfYLIMFQW+uMMhImUmcEk8iCqBkx5YBBG; AWSALBCORS=WAUb5H5SGnFlcEORD28J2U29fn3BjddKs7Z4+06bQXUkwP9NWNzokHDSvXQqg5OBNolY0/8Ww6lhA1o/5mwigpOzRtKzfYLIMFQW+uMMhImUmcEk8iCqBkx5YBBG; _gcl_au=1.1.1490408648.1604939067; fonce_current_session=0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

734-zto-041.mktoresp.com
analytics.twitter.com
api-js.mixpanel.com
bam-cell.nr-data.net
cdn.rawgit.com
cdn4.mxpnl.com
connect.facebook.net
emails.sponsored.aha.org
fast.wistia.net
in.hotjar.com
js-agent.newrelic.com
m.addthis.com
munchkin.marketo.net
px.ads.linkedin.com
s.ytimg.com
s7.addthis.com
script.hotjar.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tracking.magnetmail.net
v1.addthisedge.com
vars.hotjar.com
www.aha.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.youtube.com
z.moatads.com
s7.addthis.com
104.108.145.172
104.17.74.206
104.244.42.195
104.244.42.197
104.75.88.112
107.178.240.159
13.224.93.53
13.224.93.65
13.224.93.87
13.224.93.88
130.211.5.208
151.101.112.157
151.101.114.110
151.139.237.11
162.247.243.147
192.28.147.68
209.18.65.216
2620:1ec:21::14
2a00:1450:4001:801::200e
2a00:1450:4001:803::200e
2a00:1450:4001:806::2003
2a00:1450:4001:809::2004
2a00:1450:4001:81a::200e
2a00:1450:4001:81f::200e
2a00:1450:4001:820::2008
2a00:1450:400c:c00::9d
2a02:26f0:eb:3b4::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
52.51.24.70
88.221.60.75
009cc51bbc135f3b34af121ffb72dd8fd25c4bf753af35ce73ae3a056ba62d19
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
105bf8b5f80c83937f34028781a20c16261ef0117cede1d9c54e8c06c3647ae9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2fc06ee221c035d2ed1a4e6b9f61348f1a58c8ef9a681b2c7347c7c23d2110ce
3ae5d84b9e00de2bb35958148838b34e7d1e631b945227937bfc4e6fa9b4bf28
3c5f274f551c138921e0ec2e9d67343c87427d147904f86c0d108f39af67f013
4232e3c12b3860ed86f62ab38ee1a711ba7393218593d61cefa8100c28afdd6f
42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b
4591e11dac61401b5ee5cfc038465fcc1a16dcd622ab6af5adcbd9126251180e
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
584255fe2fae08e10c2bef6a731512d8d20a78cf68bc8e50e781b4c73db89d7c
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
621f5deb926e2b0bd1b6b19c1b3756ab41d2d53e3404d85b21204daefbe9c2bc
651392322043ac7fb39d54f4a1795e030a37c02aee5dc865eb9a74f516177e4a
670f9f133ae7b82f0b92b0b016879f59d2ebd885294c0d69f732860a9ecf609a
6dbe1fd89f8dd2ce8dd6816cac11459349debc6c28f08fd4e0bb47c1cd9118b8
71ff6b706c0eed2ad9f8389bbea49d598e8b44583bc8179c91afb89b5a8ffb2b
7703f053d1bf85cdd6fd87769040ac86d9bc3b14d436a30a08db296743dcf6d0
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f375aae5130f974003ffa0c5b7040142e7ed8ca2ee620b2faf1d7a944ea5dc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
a60ee9f8d6c2f5223e402fa014d1dcc538c07c47369341bc4dda08279fbbdf4a
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
ab1ba2bf1f64d1be3d0b6b9489367e92e84b99766b8eabb7b2081b90c58f964d
ac41da1823877ce83bb6cbaa364476962cf9af3bf646e24f3336ccf9b406ada5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b8c6f2e3e7539b58d6f08b6385885e51cd53cb58d0a92ab714c0cc80d18050fc
c338bdab48722a94e9b6a034476334a7ac61f15c2a8cc967a7ef41d7798b5893
c4314c7350bf5f8dbbb9cc8547e48cd6f44304236edfca60124b1146565d93cd
c5064072e0f2a2138b4987d5e79b85283daadaf9d2483b86a839a4656f86a03e
c7453e365c1ff8cb4e024d59cd2f477f45b6b83d9275c8f91acf9b24177c993b
cffc573bb349054cbbe8ff16713e646774262ae4810202c7421dae2bf5f8a38e
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d423608ea72b80c1c544efebb1d6fea6cda93cc53602ac9da2b8eab327278e0f
d77b5bc063c8166f800804003030539e0da61471f09273f63490d63fef9b7d45
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e19160dc8fd7fe6301ea9dd3405b2312453bc2791d8f2f7d28b59aea7c83d170
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b0f209e58b0d412b1e37d9468ab6674dad3860077ad9a918a7462ca67d033d
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e82c0360c8fd9dedb39d70fdee2d2fe53268840d2a1f71ea9c0de9d0e9867f44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f67f05946c829047c5413fd55532a6025d8d6ad270a30cc6eb77a83c27d551d5

www.aha.org Open in urlscan Pro 13.224.93.87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

97 %HTTPS

41 %IPv6

28 Domains

34 Subdomains

32 IPs

6 Countries

1574 kBTransfer

5134 kBSize

6 Cookies

22 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.aha.org Open in urlscan Pro
13.224.93.87 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

97 %
HTTPS

41 %
IPv6

28
Domains

34
Subdomains

32
IPs

6
Countries

1574 kB
Transfer

5134 kB
Size

6
Cookies

63 HTTP transactions
0 data transactions