Submitted URL: https://beckershealthcare-news.com/portal/wts/ucmcnkm%7C-VaqBCmgeO060cFB79bgj2TwFcBHYJb
Effective URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-...
Submission: On June 22 via api from US

Summary

This website contacted 61 IPs in 5 countries across 44 domains to perform 196 HTTP transactions. The main IP is 67.227.242.177, located in United States and belongs to LIQUIDWEB, US. The main domain is www.beckershospitalreview.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 20th 2021. Valid for: 3 months.
This is the only time www.beckershospitalreview.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 205.162.40.203 53866 (QTS-AS)
18 67.227.242.177 32244 (LIQUIDWEB)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 2606:2800:234... 15133 (EDGECAST)
1 65.9.86.61 16509 (AMAZON-02)
6 209.59.186.75 32244 (LIQUIDWEB)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
15 204.180.130.159 53866 (QTS-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 199.232.196.134 54113 (FASTLY)
14 142.250.184.226 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 34.231.207.29 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a03:2880:f01... 32934 (FACEBOOK)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 204.180.130.165 53866 (QTS-AS)
13 2600:9000:20e... 16509 (AMAZON-02)
4 151.101.64.134 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 50.28.99.4 53824 (LIQUIDWEB)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 104.244.42.136 13414 (TWITTER)
1 7 2a03:2880:f11... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2a03:2880:f01... 32934 (FACEBOOK)
1 5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
14 17 54.74.23.153 16509 (AMAZON-02)
2 151.101.114.49 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.28.254.214 16509 (AMAZON-02)
1 2 2.18.234.21 16625 (AKAMAI-AS)
1 69.173.144.138 26667 (RUBICONPR...)
1 2 64.202.112.191 23352 (SERVERCEN...)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 141.226.228.48 200478 (TABOOLA-AS)
1 2 35.157.83.29 16509 (AMAZON-02)
1 2 35.157.13.31 16509 (AMAZON-02)
1 2 185.33.221.90 29990 (ASN-APPNEX)
1 2 34.98.64.218 15169 (GOOGLE)
1 1 142.250.184.194 15169 (GOOGLE)
7 204.180.130.190 53866 (QTS-AS)
2 205.162.42.5 53866 (QTS-AS)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 209.10.197.53 394968 (QTS-CHI)
1 2a00:1450:400... 15169 (GOOGLE)
196 61
Apex Domain
Subdomains
Transfer
23 googlesyndication.com
pagead2.googlesyndication.com
651919a5e1205433fe222fbf8057c66f.safeframe.googlesyndication.com
tpc.googlesyndication.com
417 KB
21 adroll.com
s.adroll.com
d.adroll.com
27 KB
21 omeda.com
olytics.omeda.com
oqs.omeda.com
cdn.omeda.com
171 KB
18 beckershospitalreview.com
www.beckershospitalreview.com
150 KB
16 doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
152 KB
15 disquscdn.com
c.disquscdn.com
a.disquscdn.com
519 KB
9 google.com
adservice.google.com
www.google.com
apis.google.com
accounts.google.com
41 KB
8 facebook.com
www.facebook.com
web.facebook.com
14 KB
8 googletagservices.com
www.googletagservices.com
198 KB
7 dragonforms.com
beckers.dragonforms.com
50 KB
7 hubspot.com
track.hubspot.com
api.hubspot.com
4 KB
7 asccommunications.com
ads.asccommunications.com
processor.asccommunications.com
processor2.asccommunications.com
6 KB
6 facebook.net
connect.facebook.net
250 KB
6 disqus.com
beckershospitalreview.disqus.com
disqus.com
referrer.disqus.com
57 KB
6 twitter.com
platform.twitter.com
syndication.twitter.com
148 KB
4 hsforms.com
forms.hsforms.com
6 KB
3 google-analytics.com
www.google-analytics.com
39 KB
2 openx.net
us-u.openx.net
480 B
2 adnxs.com
ib.adnxs.com
2 KB
2 bidswitch.net
x.bidswitch.net
875 B
2 3lift.com
eb2.3lift.com
736 B
2 outbrain.com
sync.outbrain.com
832 B
2 casalemedia.com
dsum-sec.casalemedia.com
2 KB
2 fbcdn.net
static.xx.fbcdn.net
134 KB
2 parsely.com
cdn.parsely.com
srv-2021-06-22-15.pixel.parsely.com
18 KB
2 googletagmanager.com
www.googletagmanager.com
69 KB
1 omedastaging.com
cdn.omedastaging.com
9 KB
1 jquery.com
code.jquery.com
29 KB
1 taboola.com
sync.taboola.com
247 B
1 yahoo.com
ads.yahoo.com
298 B
1 pubmatic.com
simage2.pubmatic.com
547 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 advertising.com
pixel.advertising.com
125 B
1 gstatic.com
ssl.gstatic.com
40 KB
1 consensu.org
d.adroll.mgr.consensu.org
137 B
1 hs-banner.com
js.hs-banner.com
14 KB
1 usemessages.com
js.usemessages.com
19 KB
1 hs-scripts.com
js-na1.hs-scripts.com
622 B
1 google.de
adservice.google.de
165 B
1 googleadservices.com
partner.googleadservices.com
270 B
1 hs-analytics.net
js.hs-analytics.net
19 KB
1 linkedin.com
platform.linkedin.com
55 KB
1 hsforms.net
js.hsforms.net
134 KB
1 beckershealthcare-news.com
beckershealthcare-news.com
437 B
196 44
Domain Requested by
18 www.beckershospitalreview.com www.beckershospitalreview.com
16 d.adroll.com 13 redirects
15 olytics.omeda.com www.beckershospitalreview.com
olytics.omeda.com
beckers.dragonforms.com
13 c.disquscdn.com beckershospitalreview.disqus.com
disqus.com
c.disquscdn.com
13 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.beckershospitalreview.com
12 pagead2.googlesyndication.com www.beckershospitalreview.com
pagead2.googlesyndication.com
olytics.omeda.com
tpc.googlesyndication.com
www.googletagservices.com
10 tpc.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
8 www.googletagservices.com www.beckershospitalreview.com
pagead2.googlesyndication.com
olytics.omeda.com
securepubads.g.doubleclick.net
7 beckers.dragonforms.com olytics.omeda.com
beckers.dragonforms.com
code.jquery.com
7 www.facebook.com 1 redirects connect.facebook.net
www.beckershospitalreview.com
c.disquscdn.com
6 connect.facebook.net www.beckershospitalreview.com
connect.facebook.net
c.disquscdn.com
d.adroll.com
5 s.adroll.com 1 redirects www.beckershospitalreview.com
s.adroll.com
5 track.hubspot.com
5 processor.asccommunications.com www.beckershospitalreview.com
4 www.google.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 disqus.com beckershospitalreview.disqus.com
c.disquscdn.com
4 oqs.omeda.com olytics.omeda.com
4 forms.hsforms.com js.hsforms.net
4 platform.twitter.com www.beckershospitalreview.com
platform.twitter.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.omeda.com beckers.dragonforms.com
2 us-u.openx.net 1 redirects
2 ib.adnxs.com 1 redirects
2 x.bidswitch.net 1 redirects
2 eb2.3lift.com 1 redirects
2 sync.outbrain.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 accounts.google.com apis.google.com
ssl.gstatic.com
2 apis.google.com c.disquscdn.com
apis.google.com
2 api.hubspot.com js.usemessages.com
2 static.xx.fbcdn.net www.facebook.com
2 a.disquscdn.com c.disquscdn.com
2 syndication.twitter.com platform.twitter.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.googletagmanager.com www.beckershospitalreview.com
beckers.dragonforms.com
1 cdn.omedastaging.com beckers.dragonforms.com
1 code.jquery.com beckers.dragonforms.com
1 referrer.disqus.com
1 cm.g.doubleclick.net 1 redirects
1 sync.taboola.com
1 ads.yahoo.com
1 simage2.pubmatic.com
1 pixel.rubiconproject.com
1 pixel.advertising.com
1 ssl.gstatic.com accounts.google.com
1 d.adroll.mgr.consensu.org 1 redirects
1 js.hs-banner.com js-na1.hs-scripts.com
1 js.usemessages.com js-na1.hs-scripts.com
1 web.facebook.com 1 redirects
1 js-na1.hs-scripts.com js.hs-analytics.net
1 651919a5e1205433fe222fbf8057c66f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 processor2.asccommunications.com www.beckershospitalreview.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 srv-2021-06-22-15.pixel.parsely.com www.beckershospitalreview.com
1 beckershospitalreview.disqus.com www.beckershospitalreview.com
1 js.hs-analytics.net www.beckershospitalreview.com
1 ads.asccommunications.com www.beckershospitalreview.com
1 cdn.parsely.com www.beckershospitalreview.com
1 platform.linkedin.com www.beckershospitalreview.com
1 js.hsforms.net www.beckershospitalreview.com
1 beckershealthcare-news.com 1 redirects
196 63
Subject Issuer Validity Valid
beckershospitalreview.com
cPanel, Inc. Certification Authority
2021-04-20 -
2021-07-19
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-16 -
2021-08-16
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA
2020-07-03 -
2022-07-08
2 years crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-05 -
2021-11-09
a year crt.sh
*.parsely.com
Amazon
2020-08-02 -
2021-09-02
a year crt.sh
ads.asccommunications.com
cPanel, Inc. Certification Authority
2021-05-07 -
2021-08-05
3 months crt.sh
*.omeda.com
SSL.com RSA SSL subCA
2020-07-31 -
2021-08-18
a year crt.sh
processor.asccommunications.com
cPanel, Inc. Certification Authority
2021-06-02 -
2021-09-01
3 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA
2020-04-20 -
2022-05-09
2 years crt.sh
*.pixel.parsely.com
R3
2021-05-27 -
2021-08-25
3 months crt.sh
*.google.de
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.google.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-05-26 -
2021-08-24
3 months crt.sh
a.disquscdn.com
Amazon
2020-11-30 -
2021-12-29
a year crt.sh
processor2.asccommunications.com
R3
2021-05-24 -
2021-08-22
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
www.google.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2021-06-10 -
2022-06-09
a year crt.sh
adroll.com
R3
2021-06-14 -
2021-09-12
3 months crt.sh
adroll.mgr.consensu.org
Amazon
2020-10-08 -
2021-11-07
a year crt.sh
*.disquscdn.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-03-22 -
2022-04-23
a year crt.sh
*.apis.google.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
accounts.google.com
GTS CA 1O1
2021-05-24 -
2021-08-16
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA
2021-03-01 -
2021-08-24
6 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2020-12-18 -
2022-01-18
a year crt.sh
*.outbrain.com
Thawte RSA CA 2018
2019-10-29 -
2021-11-23
2 years crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2020-12-07 -
2021-12-14
a year crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-06-03 -
2021-07-21
2 months crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
*.3lift.com
Amazon
2021-06-12 -
2022-07-11
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2020-04-23 -
2022-05-04
2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2020-06-18 -
2021-08-17
a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA
2020-10-06 -
2021-10-16
a year crt.sh

This page contains 17 frames:

Primary Page: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Frame ID: DE34A254394C3A069AB9A4E3BE61F6BB
Requests: 107 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210617/r20190131/zrt_lookup.html
Frame ID: 72320F0B5015D8A698B08242CFCFCB08
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.beckershospitalreview.com
Frame ID: B42B7908BEB68CB32856F0F5E1D02BA9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7852275301938124&output=html&adk=1812271804&adf=3025194257&lmt=1624376247&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624376389115&bpp=339&bdt=294&idt=589&shv=r20210617&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8330703806822&frm=20&pv=2&ga_vid=577947625.1624376390&ga_sid=1624376390&ga_hid=1292963830&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3716705843279120&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1288
Frame ID: 2859BA9C2014ABE1906EA14326B73D8B
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=184686&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&t_d=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&t_t=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&s_o=default
Frame ID: C6807C67722EF952AE4AF72D309F86D3
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfkbGk0UVqBykMZ03j94R4QY3aSp6AuCIwtW4ls5TGtr9y-xFtMgLZH9022qtFIbsnIbYClNf1RvyF6Hzi_7cNN8QM7xQX81gbY3zz5UJdSJaMZPXgq9XzXeiQ8sY3LRzltz0j1oFEQ9rWbX70pI0_R4hnbyaB-l4wQmfVnUSPP6Mc4s2P2P-utZOTuxEGBREGtyU1YKWpFZAALCi0T_eEBHhxMWiPVKTx6klwStMcp-UzOOyPJ8hLbdoXEfjZxkL10q6GPVbCEl_MV7f9LsK-_ZQvZuT4ENECJNH_U9JyAaQ_mw5Xq_RlP1sJigmAMH1rsV_vfoh1mCglc85DoGSATOiieZb5&sig=Cg0ArKJSzMmWwHdmpYhZEAE&adurl=
Frame ID: B5F63B757A6B78931E2AC33773807792
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspNL5br8xdSsRvUU4nMO-wTm6WxDnhBqWfaNJQYJX7KWUNsUEw1jkmX0iK_pv_QOoENDh6ofRuJtM7oQ8icqMsrtkjP4PWrVsF2LasirsxXLnOq4l5bVPhBrGPFPSWa8X9xcKFXe7leABH8O14SnrV8BHGPgNUhhozX7BLbNa7szw_zZGOhgWl9NpHDx-bqIb1yUFgBE-HvOGvJPuF6dMWVjx5jf3EVnGH6nlAcnJWsFRvr8wDaggWIGo9LEonCumVzQA8c70wN0oZ_CtZ57W7IoGLz5u3Lb4RtTRRKe3sZdS0w27xwwNEvi_nSqUbIddKUAOB78z0EDiYtbT2XmB1Y4DTlxo&sig=Cg0ArKJSzG9HnCAEePbkEAE&adurl=
Frame ID: 30C8490B5640EF731BA1CA9666DE3ABE
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIEq06cRrYLzma3UAAKdlNh7lz0Klxar34Z0-WK1qrIr4Go-HdMHWvbApguyImJMypQ5KtWjprumi3tDLWU4rBiLd6ynW-4INCF87yqCwDDMDzncT__4VFRRRm7CaVnahU1xKC0OtlWFksZnYf5pE8nq9IJzAktoyXi336P3ng1zB4gmg8ofpfUmOx797_KqXmEVT3DbaDCuKOqhC2RITmPMMGhFAeIK0R7EFoMVZbO9QR4F_5Va2hooEKDs_bcaUDBA4i6WZSaxAgvuSMvSDAD9XcLL0da88hzIyQh4z7RoNBBY3t1TbVQ9k2vSr_mRnk6t0f3Ig1O-u_7n3WAdLURGWyUjI&sig=Cg0ArKJSzCTz9TUg5hhfEAE&adurl=
Frame ID: B3B651F159207B76A9035F9AADCC5152
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQrjr9kbYRWPLa_p2wOX8eqQH6UM2U3wTGgmpbQrjvboHyxtTwUY1FL2ihEFqKonuzj09VOOvTtHSHF1vexGiDJpgV1_lqCROjh_ANeTuFOUochELa1FBmsN6wGjfAawl8NRGIwSjKnrzNNLw7AEqKD_BJ-or0u14pYJeEhbxpsaSlViBO0XVAhLSqdBmYrlFsOaZZTQeO-imKy854Htl5ikQvmbK4rcRLFqTMDwPuvM-L0K67sqQCsq1roM6WcoAW5Yubnpn_wGbLQ_A6EG56z107ipSugPMPWGRbjAaNDvw6qBqe7j9-VadsYIknl2KhTDgopHlqhbVU61IjPM-Ek_mcAQZh&sig=Cg0ArKJSzGzyce6WtrIdEAE&adurl=
Frame ID: 1C774A4ED0D81C21CEDCABF96FF82F03
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/v8.0/plugins/share_button.php?app_id=670888390172600&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17c28ed4f392fc%26domain%3Dwww.beckershospitalreview.com%26origin%3Dhttps%253A%252F%252Fwww.beckershospitalreview.com%252Ff170495ceda6168%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial&layout=button_count&locale=en_US&sdk=joey&size=large&_rdc=1&_rdr
Frame ID: 8AA7CB9AE04F95F972574440573422A2
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 544237D92799B9638F26B0DACAC269F7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 38A07709AA35E9CB9FC29FAFAC319077
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.en.html
Frame ID: E27F484D1ECA68B096091EB3583201C7
Requests: 2 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 0940E555D130AE208A8C0E9554DCCE04
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 9FAF2C1CBF3CACCE8411A2AFAF60C78B
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 2BB825DC8856C124D22A6C4ABAF8DA68
Requests: 3 HTTP requests in this frame

Frame: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalreview&pk=modal
Frame ID: 07C75089C201E775DAAE8B5FDCD27444
Requests: 18 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://beckershealthcare-news.com/portal/wts/ucmcnkm%7C-VaqBCmgeO060cFB79bgj2TwFcBHYJb HTTP 302
    https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillio... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

196
Requests

100 %
HTTPS

56 %
IPv6

44
Domains

63
Subdomains

61
IPs

5
Countries

2784 kB
Transfer

7371 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://beckershealthcare-news.com/portal/wts/ucmcnkm%7C-VaqBCmgeO060cFB79bgj2TwFcBHYJb HTTP 302
    https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109
  • https://web.facebook.com/v8.0/plugins/share_button.php?app_id=670888390172600&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17c28ed4f392fc%26domain%3Dwww.beckershospitalreview.com%26origin%3Dhttps%253A%252F%252Fwww.beckershospitalreview.com%252Ff170495ceda6168%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial&layout=button_count&locale=en_US&sdk=joey&size=large HTTP 302
  • https://www.facebook.com/v8.0/plugins/share_button.php?app_id=670888390172600&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17c28ed4f392fc%26domain%3Dwww.beckershospitalreview.com%26origin%3Dhttps%253A%252F%252Fwww.beckershospitalreview.com%252Ff170495ceda6168%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial&layout=button_count&locale=en_US&sdk=joey&size=large&_rdc=1&_rdr
Request Chain 121
  • https://s.adroll.com/j/exp/JQYF3N5JPJGL3IXYVZYR5C/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 123
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/JQYF3N5JPJGL3IXYVZYR5C?_s=1477fa4f71a1555c16d83a0716a65c2c&_b=2 HTTP 302
  • https://d.adroll.com/consent/check/JQYF3N5JPJGL3IXYVZYR5C/?_s=1477fa4f71a1555c16d83a0716a65c2c&_b=2
Request Chain 146
  • https://d.adroll.com/pixel/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&xid_ch=f&pv=48068190855.758575&cookie=&adroll_s_ref=&keyw= HTTP 302
  • https://s.adroll.com/pixel/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7/E5Z5CE3QIZFWDO32KJIMW5.js
Request Chain 159
  • https://d.adroll.com/cm/aol/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&xid_ch=f&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 160
  • https://d.adroll.com/cm/index/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&xid_ch=f&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&expiration=1655912392 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&expiration=1655912392&C=1
Request Chain 161
  • https://d.adroll.com/cm/n/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&xid_ch=f&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&expires=365
Request Chain 162
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&xid_ch=f&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&rdrctExp=true
Request Chain 163
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&xid_ch=f&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 164
  • https://d.adroll.com/cm/r/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&xid_ch=f&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 165
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&xid_ch=f&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA
Request Chain 166
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&xid_ch=f&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Request Chain 167
  • https://d.adroll.com/cm/b/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&xid_ch=f&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA
Request Chain 168
  • https://d.adroll.com/cm/x/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&xid_ch=f&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA
Request Chain 170
  • https://d.adroll.com/cm/o/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&xid_ch=f&advertisable=JQYF3N5JPJGL3IXYVZYR5C HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=a0137b7dc1385d1f73db9486cc3ad6f0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a0137b7dc1385d1f73db9486cc3ad6f0
Request Chain 171
  • https://d.adroll.com/cm/g/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&xid_ch=f&advertisable=JQYF3N5JPJGL3IXYVZYR5C&google_nid=adroll5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=oBN7fcE4XR9z25SGzDrW8A HTTP 302
  • https://d.adroll.com/cm/g/in
Request Chain 176
  • https://www.facebook.com/tr/?id=187952941924941&ev=PageView&dl=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&rl=&if=false&ts=1624376392438&cd[segment_eid]=E5Z5CE3QIZFWDO32KJIMW5&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=29&fbp=fb.1.1624376392424.653814402&it=1624376392341&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET HTTP 302
  • https://www.facebook.com/tr/?cd[segment_eid]=E5Z5CE3QIZFWDO32KJIMW5&coo=false&dl=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&dpo=LDU&dpoco=0&dpost=0&ec=0&ev=PageView&fbp=fb.1.1624376392424.653814402&id=187952941924941&if=false&it=1624376392341&o=29&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1624376392438&v=2.9.41

196 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html
www.beckershospitalreview.com/cybersecurity/
Redirect Chain
  • https://beckershealthcare-news.com/portal/wts/ucmcnkm%7C-VaqBCmgeO060cFB79bgj2TwFcBHYJb
  • https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_co...
66 KB
15 KB
Document
General
Full URL
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web02.beckersasc.com
Software
Apache /
Resource Hash
a627bd64ca5cccaeb42f0a7e11052abd2f4701c8349571c75b0764a0bda0bf1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Host
www.beckershospitalreview.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:48 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires
Wed, 17 Aug 2005 00:00:00 GMT
Pragma
no-cache
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 Jun 2021 15:37:27 GMT
ETag
"ae5cdb3c3f45a71483316a619c397367-gzip"
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000
Content-Length
14756
Keep-Alive
timeout=2, max=500
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8

Redirect headers

X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Location
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Content-Length
0
Date
Tue, 22 Jun 2021 17:39:47 CEST
Server
Apache
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
136 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24a3c7c4cad84c95ad73b83e4bcaff7541d25240dc20a7877e673a2c07a94c4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49221
x-xss-protection
0
server
cafe
etag
255747752990914736
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 22 Jun 2021 15:39:48 GMT
olytics.css
www.beckershospitalreview.com/templates/beckers/assets/css/
28 KB
3 KB
Stylesheet
General
Full URL
https://www.beckershospitalreview.com/templates/beckers/assets/css/olytics.css
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web02.beckersasc.com
Software
Apache /
Resource Hash
d17c5960d10953cc9057006480986d62c352bfd9fa78db9cf222307b414bc747
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.beckershospitalreview.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Connection
keep-alive
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 22 Nov 2020 17:38:02 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
max-age=1
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=499
Content-Length
2809
Expires
Tue, 22 Jun 2021 15:39:49 GMT
jquery-3.3.1.min.js
www.beckershospitalreview.com/templates/beckers/assets/javascript/
85 KB
30 KB
Script
General
Full URL
https://www.beckershospitalreview.com/templates/beckers/assets/javascript/jquery-3.3.1.min.js
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web02.beckersasc.com
Software
Apache /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.beckershospitalreview.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Connection
keep-alive
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 21 Jan 2019 16:34:29 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Cache-Control
max-age=1
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=500
Content-Length
30307
Expires
Tue, 22 Jun 2021 15:39:50 GMT
jquery.cookie.js
www.beckershospitalreview.com/templates/beckers/assets/javascript/
3 KB
2 KB
Script
General
Full URL
https://www.beckershospitalreview.com/templates/beckers/assets/javascript/jquery.cookie.js
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web02.beckersasc.com
Software
Apache /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.beckershospitalreview.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Connection
keep-alive
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 31 May 2018 01:41:08 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Cache-Control
max-age=1
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=500
Content-Length
1365
Expires
Tue, 22 Jun 2021 15:39:50 GMT
common.js
www.beckershospitalreview.com/templates/beckers/assets/javascript/
70 KB
15 KB
Script
General
Full URL
https://www.beckershospitalreview.com/templates/beckers/assets/javascript/common.js
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web02.beckersasc.com
Software
Apache /
Resource Hash
9b85726dffc772c161231ea3f834d412a77116ff75150749aad4dc3162e47ad1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.beckershospitalreview.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Connection
keep-alive
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 08 Jun 2021 17:19:07 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Cache-Control
max-age=1
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=500
Content-Length
14941
Expires
Tue, 22 Jun 2021 15:39:50 GMT
master.css
www.beckershospitalreview.com/templates/beckers/assets/css/
122 KB
14 KB
Stylesheet
General
Full URL
https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=17
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web02.beckersasc.com
Software
Apache /
Resource Hash
17f6dadfd5311a88dc6b5d1dd92a47a6c3702124aef9ed4c7bd5dbeb1af07eb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.beckershospitalreview.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Connection
keep-alive
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 08 Jun 2021 17:32:21 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
max-age=1
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=498
Content-Length
13465
Expires
Tue, 22 Jun 2021 15:39:50 GMT
v2.js
js.hsforms.net/forms/
573 KB
134 KB
Script
General
Full URL
https://js.hsforms.net/forms/v2.js
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f6592d446d11744a9d56fa9417d2e55eff24afc2024b13a1646787eafca1243
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:48 GMT
via
1.1 199fd61d7551d8868317c5b53cc7d24d.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
397
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad5f9c4de0000325863b32000000001
last-modified
Fri, 18 Jun 2021 09:16:49 UTC
server
cloudflare
etag
W/"d8bda2f635eb20c29b24f1bf7299f999"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VseGwm2dRYE9T7GjqC94rQG3riowOMqxvKz8DfLVKPeOSzfJJ8eFK25EA2Bvvsdd70ETiLQeRSGym0tNmjfEN4%2FZk7HgxwY309WG3DFzCmUJ3TqH6ljZOXTXiydjsTfTqYWDJP09XA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
KZdvE9K10zUbVM20D2dLnJYW5L434Hav
access-control-allow-origin
*
cache-control
s-maxage=600, max-age=0
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-C3
cf-ray
6636924e28b23258-FRA
x-amz-cf-id
ikLnzqXJadAAHXZl8REB3S_ifKldWVMMDkJ6gO8lhsOZZZv1QJS7Zg==
x-hs-target-asset
FormsNext/static-5.321/bundles/project_with_deps.js
js
www.googletagmanager.com/gtag/
89 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-5366982-1
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6911172eb21d970b18d95601dcc7aca00d5a15d484990847409133012f46f7a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36258
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 22 Jun 2021 15:39:49 GMT
health-it-logo.png
www.beckershospitalreview.com/templates/beckers/assets/images/
4 KB
5 KB
Image
General
Full URL
https://www.beckershospitalreview.com/templates/beckers/assets/images/health-it-logo.png
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web02.beckersasc.com
Software
Apache /
Resource Hash
d635525e019c41dc7afd21e3dfb2e44af7b53470fd648b0b40d05ff2098fc4d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.beckershospitalreview.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Connection
keep-alive
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:49 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Sat, 14 Mar 2020 21:59:38 GMT
Server
Apache
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=499
Content-Length
4534
Expires
Thu, 22 Jul 2021 15:39:49 GMT
COVID-19_Button_1.jpg
www.beckershospitalreview.com/images/site/
12 KB
13 KB
Image
General
Full URL
https://www.beckershospitalreview.com/images/site/COVID-19_Button_1.jpg
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web02.beckersasc.com
Software
Apache /
Resource Hash
1d7a802b8e9e175ebe671d6c3989d75576acae8fbff407650f59902cbeab3b1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.beckershospitalreview.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Connection
keep-alive
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:49 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Wed, 01 Apr 2020 21:39:51 GMT
Server
Apache
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=499
Content-Length
12658
Expires
Thu, 22 Jul 2021 15:39:49 GMT
in.js
platform.linkedin.com/
181 KB
55 KB
Script
General
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
28bcb4f0306800cf4c3706d53203e0d016f6493cbb70043b819bf5f4a48d4e0c

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-LI-UUID
znuAvWTxihbw2YMAOCsAAA==
Date
Tue, 22 Jun 2021 15:39:49 GMT
Content-Encoding
gzip
X-CDN-CLIENT-IP-VERSION
IPV6
Server
Play
X-Li-Pop
prod-edc2
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=3600
Connection
keep-alive
X-LI-Proto
http/1.1
Content-Length
55604
X-CDN
AKAM
X-Li-Fabric
prod-lva1
Expires
Tue, 22 Jun 2021 16:33:50 GMT
widgets.js
platform.twitter.com/
95 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6763) /
Resource Hash
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
Server
ECS (frb/6763)
Age
1327
Etag
"9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28779
p.js
cdn.parsely.com/keys/beckershospitalreview.com/
45 KB
17 KB
Script
General
Full URL
https://cdn.parsely.com/keys/beckershospitalreview.com/p.js
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
16eb3771501078a5c2b3c0b1c09fd127abc7dc2e945526dce9c5ce5f3b8e8e2e

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 22 Jun 2021 07:57:20 GMT
content-encoding
gzip
last-modified
Mon, 12 Oct 2020 20:13:27 GMT
server
nginx
age
50790
etag
W/"5f84b8e7-b52e"
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
jKGcuDFxiGekH8EWo8cGpB7lPgm_arKH8cr9ScfUjzECstldU7mqQQ==
expires
Wed, 23 Jun 2021 01:33:18 GMT
asyncjs.php
ads.asccommunications.com/www/delivery/
10 KB
4 KB
Script
General
Full URL
https://ads.asccommunications.com/www/delivery/asyncjs.php
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.186.75 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
dev02.beckersasc.com
Software
Apache /
Resource Hash
d993da21f665c2de3ee71ae2e6844e58109b578b6529e529e2bf60b6496934d4

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
gzip
server
Apache
p3p
CP="CUR ADM OUR NOR STA NID"
etag
19d993847e8f680667fa7baf636da235
vary
Accept-Encoding,User-Agent
content-type
text/javascript;charset=UTF-8
cache-control
private, max-age=3600, max-age=2592000
expire
Tue, 22 Jun 2021 16:39:50 GMT
content-length
3551
expires
Thu, 22 Jul 2021 15:39:50 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210617/r20190131/
233 KB
86 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210617/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7852275301938124&plah=www.beckershospitalreview.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfb8f00b4846926f6fe0a8c4b8cc20aa01aaac5a5c93b2a0910b9d8dc69cce30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88008
x-xss-protection
0
server
cafe
etag
2634391079124348748
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 22 Jun 2021 15:39:49 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210617/r20190131/ Frame 7232
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210617/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210617/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.beckershospitalreview.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.beckershospitalreview.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 22 Jun 2021 02:14:06 GMT
expires
Tue, 06 Jul 2021 02:14:06 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
48343
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gpt.js
www.googletagservices.com/tag/js/
63 KB
21 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ef94413c47856f116c379bcf4c9aa2d0c7134fbcfd3f163cda41753777f94cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"909 / 168 of 1000 / last-modified: 1624360238"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21790
x-xss-protection
0
expires
Tue, 22 Jun 2021 15:39:49 GMT
olytics.min.js
olytics.omeda.com/olytics/js/v3/p/
272 KB
73 KB
Script
General
Full URL
https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/common.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
9d2ef0a0c4dd09893e5685bc0aaddede0f7f2eb297c61c5bf0f6e047bea6b804
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 05 May 2021 16:06:56 GMT
Server
Apache
ETag
W/"278905-1620230816000"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Accept-Ranges
bytes
vary
accept-encoding
X-XSS-Protection
1; mode=block
Expires
Tue, 22 Jun 2021 21:39:49 GMT
498900.js
js.hs-analytics.net/analytics/1624376400000/
66 KB
19 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1624376400000/498900.js
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bba75bc48a61a8ee5902376e52742b30a527fb65d122a5cc0295badd0893468d

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:49 GMT
content-encoding
br
cf-cache-status
HIT
age
224
x-amz-server-side-encryption
AES256
x-amz-request-id
KRN1CCJZ40648YRG
x-amz-id-2
a9mnd5vT8mJM3fmoSpGC9FEDmG4HGs5V13SpK5BAOd3Gu9qfJl7HCm4Uq8AIPXFY3CKTQ+LVVb8=
last-modified
Wed, 12 May 2021 19:01:00 GMT
server
cloudflare
etag
W/"7b0741a227f51414bda06f82af33b0e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
x-amz-version-id
null
cf-request-id
0ad5f9c73f00004e0e13829000000001
cf-ray
66369251ff5e4e0e-FRA
expires
Tue, 22 Jun 2021 15:41:05 GMT
updateHits.php
www.beckershospitalreview.com/
0
349 B
XHR
General
Full URL
https://www.beckershospitalreview.com/updateHits.php?articleId=184686
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/jquery-3.3.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web02.beckersasc.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.beckershospitalreview.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Connection
keep-alive
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Accept
*/*
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:49 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=1
Connection
Keep-Alive
Vary
User-Agent
Content-Length
0
Keep-Alive
timeout=2, max=498
Expires
Tue, 22 Jun 2021 15:39:50 GMT
hutk-analyze.php
processor.asccommunications.com/
0
150 B
XHR
General
Full URL
https://processor.asccommunications.com/hutk-analyze.php?hash=
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.186.75 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
dev02.beckersasc.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
server
Apache
vary
User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.beckershospitalreview.com
cache-control
max-age=600
content-length
0
expires
Tue, 22 Jun 2021 15:49:50 GMT
hutk-clicks.php
processor.asccommunications.com/
0
30 B
XHR
General
Full URL
https://processor.asccommunications.com/hutk-clicks.php?hash=&referer=
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.186.75 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
dev02.beckersasc.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
server
Apache
vary
User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.beckershospitalreview.com
cache-control
max-age=600
content-length
0
expires
Tue, 22 Jun 2021 15:49:50 GMT
embed.js
beckershospitalreview.disqus.com/
74 KB
25 KB
Script
General
Full URL
https://beckershospitalreview.disqus.com/embed.js
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
c004ca481416c1de5fe683927bb8d80176af55e735b5a5e9a44454880e55e742
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:49 GMT
Content-Encoding
gzip
Server
openresty
Age
64
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
24657
get-assets-bhr.php
processor.asccommunications.com/widgets/
3 KB
1 KB
XHR
General
Full URL
https://processor.asccommunications.com/widgets/get-assets-bhr.php?count=10&type=whitepaper&cssClass=undefined&url=https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/common.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.186.75 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
dev02.beckersasc.com
Software
Apache /
Resource Hash
5cf1164ecb46421e80ba72e18c8846f265ea2a5acc0aa0887bb4bc34a4925dbc

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.beckershospitalreview.com
cache-control
max-age=600
content-length
1005
expires
Tue, 22 Jun 2021 15:49:50 GMT
get-assets-bhr.php
processor.asccommunications.com/widgets/
3 KB
1 KB
XHR
General
Full URL
https://processor.asccommunications.com/widgets/get-assets-bhr.php?count=10&type=webinar&cssClass=undefined&url=https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/common.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.186.75 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
dev02.beckersasc.com
Software
Apache /
Resource Hash
092c0eee57e58ed2b1614b0acc5aeb05ef405223798273713807a50921cd105f

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.beckershospitalreview.com
cache-control
max-age=600
content-length
1131
expires
Tue, 22 Jun 2021 15:49:50 GMT
rss.png
www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/
2 KB
2 KB
Image
General
Full URL
https://www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/rss.png
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web02.beckersasc.com
Software
Apache /
Resource Hash
44333b43b6193e3b13ea2d8253464ac87b5a13b51df406a1e2f3d8498da38db0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.beckershospitalreview.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=17
Connection
keep-alive
Referer
https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=17
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:49 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Sun, 06 Nov 2016 02:31:09 GMT
Server
Apache
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=498
Content-Length
1943
Expires
Thu, 22 Jul 2021 15:39:49 GMT
linkedin.png
www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/
2 KB
2 KB
Image
General
Full URL
https://www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/linkedin.png
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web02.beckersasc.com
Software
Apache /
Resource Hash
6d2d7df168329692db78d767ec9d036acf3a8c5504fbe6100b963f0dad3d5503
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.beckershospitalreview.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=17
Connection
keep-alive
Referer
https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=17
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:49 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Sun, 06 Nov 2016 02:31:08 GMT
Server
Apache
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=497
Content-Length
1657
Expires
Thu, 22 Jul 2021 15:39:49 GMT
twitter.png
www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/
2 KB
2 KB
Image
General
Full URL
https://www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/twitter.png
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web02.beckersasc.com
Software
Apache /
Resource Hash
ee97deb871f1fdc91ff3363932be46c0fe0a3cc7e72f7d297c0fb229afd37e87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.beckershospitalreview.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=17
Connection
keep-alive
Referer
https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=17
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:49 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Sun, 06 Nov 2016 02:31:09 GMT
Server
Apache
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=499
Content-Length
1945
Expires
Thu, 22 Jul 2021 15:39:49 GMT
facebook.png
www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/
1 KB
2 KB
Image
General
Full URL
https://www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/facebook.png
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web02.beckersasc.com
Software
Apache /
Resource Hash
6449898e8b0c4047b3ff73d3274e616acc3849f6c5fad709ffa8010f91bdb4a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.beckershospitalreview.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=17
Connection
keep-alive
Referer
https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=17
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:49 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Sun, 06 Nov 2016 02:31:08 GMT
Server
Apache
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=500
Content-Length
1518
Expires
Thu, 22 Jul 2021 15:39:49 GMT
youtube.png
www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/
2 KB
3 KB
Image
General
Full URL
https://www.beckershospitalreview.com/templates/beckers/assets/images/social-icons/youtube.png
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=17
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web02.beckersasc.com
Software
Apache /
Resource Hash
8b85e9af1927bb7e92829d026f9f3b4854d24e6f942235e5931e390ac54a490f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.beckershospitalreview.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=17
Connection
keep-alive
Referer
https://www.beckershospitalreview.com/templates/beckers/assets/css/master.css?version=17
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:49 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Sun, 06 Nov 2016 02:31:09 GMT
Server
Apache
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=500
Content-Length
2272
Expires
Thu, 22 Jul 2021 15:39:49 GMT
pubads_impl_2021061703.js
securepubads.g.doubleclick.net/gpt/
326 KB
114 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
9ac3d5c3304b0bea0841274d96097a2ce348bc46e544499ef4e9803211816638
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Jun 2021 23:53:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116094
x-xss-protection
0
expires
Tue, 22 Jun 2021 15:39:49 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5366982-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
4509
date
Tue, 22 Jun 2021 14:24:40 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Tue, 22 Jun 2021 16:24:40 GMT
/
srv-2021-06-22-15.pixel.parsely.com/plogger/
43 B
258 B
Image
General
Full URL
https://srv-2021-06-22-15.pixel.parsely.com/plogger/?rand=1624376389657&plid=26985285&idsite=beckershospitalreview.com&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&sref=&sts=1624376389650&slts=0&title=UVM+Health+still+calculating+losses+8+months+after+multimillion-dollar+ransomware+attack&date=Tue+Jun+22+2021+17%3A39%3A49+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=96565240&u=pid%3Ded12f6ff57c06868d4d2072e37a5029a
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.207.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-207-29.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:49 GMT
Cache-Control
no-cache
Last-Modified
Tuesday, 22-Jun-2021 15:39:49 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
widget_iframe.06c6ee58c3810956b7509218508c7b56.html
platform.twitter.com/widgets/ Frame B42B
319 KB
103 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.beckershospitalreview.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.beckershospitalreview.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.beckershospitalreview.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
35222
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 22 Jun 2021 15:39:50 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67BA)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
cookie.js
partner.googleadservices.com/gampad/
215 B
270 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.beckershospitalreview.com&callback=_gfp_s_&client=ca-pub-7852275301938124
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210617/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7852275301938124&plah=www.beckershospitalreview.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c0a2bf926df755006dd2ae8c6c8d051bfaaec3d022e95693b5515162264bc81e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.beckershospitalreview.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210617/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7852275301938124&plah=www.beckershospitalreview.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.beckershospitalreview.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210617/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7852275301938124&plah=www.beckershospitalreview.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2859
603 B
68 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7852275301938124&output=html&adk=1812271804&adf=3025194257&lmt=1624376247&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624376389115&bpp=339&bdt=294&idt=589&shv=r20210617&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8330703806822&frm=20&pv=2&ga_vid=577947625.1624376390&ga_sid=1624376390&ga_hid=1292963830&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3716705843279120&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1288
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210617/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7852275301938124&plah=www.beckershospitalreview.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7852275301938124&output=html&adk=1812271804&adf=3025194257&lmt=1624376247&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624376389115&bpp=339&bdt=294&idt=589&shv=r20210617&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8330703806822&frm=20&pv=2&ga_vid=577947625.1624376390&ga_sid=1624376390&ga_hid=1292963830&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3716705843279120&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1288
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.beckershospitalreview.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.beckershospitalreview.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 22 Jun 2021 15:39:50 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 22-Jun-2021 15:54:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 22 Jun 2021 15:39:50 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210617/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7852275301938124&plah=www.beckershospitalreview.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea36e0ae829a1787f304bafbbfa15b5b46896ba5e0149f800f6ed8c9767aa0f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624274983153827"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27713
x-xss-protection
0
expires
Tue, 22 Jun 2021 15:39:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-7852275301938124&c=7&e=2570847921467975139&n=0&t=0&w=416&x=6
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 15:39:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
70e5cb6d8593a2ca27ef1b7873962ca558ddfbf9c1d597aed663505b214abede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
QvKbZzUu43o+Tf0yH68yJA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
JwAv20v7Rb7zD4E4XpZmgP6qC87nbhZbt6m7W9M/6JRl3qGhEIw3xfmASkJWMSsbfghkGWrjIVAagsjcas9uzA==
x-fb-trip-id
686109401
x-fb-content-md5
2ef0304f05bd3ae2ee4414d47610a7b7
x-frame-options
DENY
date
Tue, 22 Jun 2021 15:39:50 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"1fee8d9d1b7ad0fd7c393a57cf39f616"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 22 Jun 2021 15:42:13 GMT
7dcacd71-8aa3-4d69-8929-c2a110c47927
forms.hsforms.com/embed/v3/form/498900/
2 KB
1 KB
Script
General
Full URL
https://forms.hsforms.com/embed/v3/form/498900/7dcacd71-8aa3-4d69-8929-c2a110c47927?callback=hs_reqwest_0&hutk=
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e395bde854ccf04efc18ddbcf638f9d2a14057a7007ec90df078c3e14531d79e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
ee0534ef-3010-410c-96cc-28aa0277f86e
content-disposition
attachment; filename=no-rfd.txt
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad5f9cb2c00004e1fe99b0000000001
server
cloudflare
x-trace
2B894D411D9EB20910D317CB50DFCF65C5280FC1B3000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
6636925848394e1f-FRA
f30a4301-3d92-43a0-9e22-a609707527b4
forms.hsforms.com/embed/v3/form/498900/
6 KB
2 KB
Script
General
Full URL
https://forms.hsforms.com/embed/v3/form/498900/f30a4301-3d92-43a0-9e22-a609707527b4?callback=hs_reqwest_1&hutk=
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b0629c1d7b5bb99a7cca82669320a5bdfb0f73c868d101511ecd191c86eccc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
c72b1768-e4d9-4bce-a826-36c60013d70a
content-disposition
attachment; filename=no-rfd.txt
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad5f9cb2c00004e1fb4330000000001
server
cloudflare
x-trace
2BB5CE4743C623891ECA7348DA9D63F99FB3894B87000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
66369258483e4e1f-FRA
7dcacd71-8aa3-4d69-8929-c2a110c47927
forms.hsforms.com/embed/v3/form/498900/
2 KB
1 KB
Script
General
Full URL
https://forms.hsforms.com/embed/v3/form/498900/7dcacd71-8aa3-4d69-8929-c2a110c47927?callback=hs_reqwest_2&hutk=
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de21a3bf5e8307091b5c72e71ce53900869e0c797882986999a3c8097a1316b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
6eb77465-658b-48ad-af4c-2e2001227762
content-disposition
attachment; filename=no-rfd.txt
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad5f9cb2d00004e1f1f856000000001
server
cloudflare
x-trace
2BC8F6AA205F17B826009B518F9A640BC8654B7B8C000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
6636925848424e1f-FRA
f30a4301-3d92-43a0-9e22-a609707527b4
forms.hsforms.com/embed/v3/form/498900/
6 KB
2 KB
Script
General
Full URL
https://forms.hsforms.com/embed/v3/form/498900/f30a4301-3d92-43a0-9e22-a609707527b4?callback=hs_reqwest_3&hutk=
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd9c695fff1864ba3d750e1a0302e7f09bc52f5d5623bb85fdf24f2d72d1f8f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
194ebe79-d190-4c88-b6cf-2c2c16944092
content-disposition
attachment; filename=no-rfd.txt
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ad5f9cb3000004e1ff1018000000001
server
cloudflare
x-trace
2B011A033E0E6F037AC8BE5F13E2E4B824942F0CDA000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
66369258484e4e1f-FRA
olytics
oqs.omeda.com/oqs/rest/ Frame
0
0
Preflight
General
Full URL
https://oqs.omeda.com/oqs/rest/olytics
Protocol
HTTP/1.1
Server
204.180.130.165 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.beckershospitalreview.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Access-Control-Max-Age
600
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Content-Type
text/plain
Content-Length
0
Date
Tue, 22 Jun 2021 15:39:49 GMT
Server
Apache
olytics
oqs.omeda.com/oqs/rest/
15 B
307 B
XHR
General
Full URL
https://oqs.omeda.com/oqs/rest/olytics
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.165 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
68330f6767efe4ea90f23cb4bb722810d19758395bc24f59c7c893c0d4ae69ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 22 Jun 2021 15:39:50 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49221
x-xss-protection
0
server
cafe
etag
255747752990914736
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 22 Jun 2021 15:39:50 GMT
olytics
oqs.omeda.com/oqs/rest/ Frame
0
0
Preflight
General
Full URL
https://oqs.omeda.com/oqs/rest/olytics
Protocol
HTTP/1.1
Server
204.180.130.165 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.beckershospitalreview.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Access-Control-Max-Age
600
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Content-Type
text/plain
Content-Length
0
Date
Tue, 22 Jun 2021 15:39:49 GMT
Server
Apache
olytics
oqs.omeda.com/oqs/rest/
15 B
307 B
XHR
General
Full URL
https://oqs.omeda.com/oqs/rest/olytics
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.165 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
8fed0359a978607741335672c13815cef49036c52f9d3c3173d365840a967ccb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 22 Jun 2021 15:39:49 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
605a8c2e-ba45-4ac9-8b30-55de4c46113b
olytics.omeda.com/olytics/segments/o/3c975d3141e541ff8197a5a3b2d3fde9/c/3514E0597189F5X/a/
61 B
354 B
XHR
General
Full URL
https://olytics.omeda.com/olytics/segments/o/3c975d3141e541ff8197a5a3b2d3fde9/c/3514E0597189F5X/a/605a8c2e-ba45-4ac9-8b30-55de4c46113b
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
e654b41c3ca0f782a3c2ccc5a2a7a8f77f3bcf928789501b9cb742e9de137ebf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:49 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
lounge.567531e1abfac5c88f2ef94b952d12ba.css
c.disquscdn.com/next/embed/styles/
0
26 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
Requested by
Host: beckershospitalreview.disqus.com
URL: https://beckershospitalreview.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:30:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1285774
x-cache
Hit from cloudfront
content-length
25570
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 07 Jun 2021 17:13:02 GMT
server
nginx
etag
"60be539e-63e2"
content-type
text/css; charset=utf-8
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
expires
Tue, 07 Jun 2022 18:30:16 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C1
timing-allow-origin
*
x-amz-cf-id
EigNspuhlBsmnoiPrwFLKaZk4T-B1c6f_w1lQhENgsWgwuduQisoTA==
x-cache-hits
0
common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
c.disquscdn.com/next/embed/
0
93 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Requested by
Host: beckershospitalreview.disqus.com
URL: https://beckershospitalreview.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:30:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1285774
x-cache
Hit from cloudfront
content-length
94800
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 07 Jun 2021 17:13:02 GMT
server
nginx
etag
"60be539e-17250"
content-type
application/javascript; charset=utf-8
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
expires
Tue, 07 Jun 2022 18:30:16 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C1
timing-allow-origin
*
x-amz-cf-id
ImvFWVxV1G58BwIQTB4ovo18F3O5F5znETLaxEEIfGbfJncZQzqxTg==
x-cache-hits
0
lounge.bundle.56cd48e5a629f9154816339b3fb2942a.js
c.disquscdn.com/next/embed/
0
118 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.56cd48e5a629f9154816339b3fb2942a.js
Requested by
Host: beckershospitalreview.disqus.com
URL: https://beckershospitalreview.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 21:59:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409232
x-cache
Hit from cloudfront
content-length
120373
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 17 Jun 2021 21:48:37 GMT
server
nginx
etag
"60cbc335-1d635"
content-type
application/javascript; charset=utf-8
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
expires
Fri, 17 Jun 2022 21:59:17 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C1
timing-allow-origin
*
x-amz-cf-id
OnXDMYICUnrNwraL7--CnrRb0ARyiqiubpKNYwOxUz1X__YEnrKv9g==
x-cache-hits
0
config.js
disqus.com/next/
0
12 KB
Other
General
Full URL
https://disqus.com/next/config.js
Requested by
Host: beckershospitalreview.disqus.com
URL: https://beckershospitalreview.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:50 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
10
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
12020
X-XSS-Protection
1; mode=block
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1292963830&t=pageview&_s=1&dl=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&ul=en-us&de=UTF-8&dt=UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1568228654&gjid=110669302&cid=577947625.1624376390&tid=UA-5366982-1&_gid=707426166.1624376391&_r=1&gtm=2ou6g0&cd2=Cybersecurity&cd3=Health%20IT&cd4=Jackie%20Drees&cd6=2021-06-21%2014%3A26%3A50&cd7=&cd8=&z=656650500
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 15:39:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.beckershospitalreview.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analyze-url.php
processor2.asccommunications.com/
1 B
275 B
XHR
General
Full URL
https://processor2.asccommunications.com/analyze-url.php?url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/jquery-3.3.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
50.28.99.4 , United States, ASN53824 (LIQUIDWEB, US),
Reverse DNS
host.beckersasc.com
Software
Apache /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept
*/*
Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.beckershospitalreview.com
Date
Tue, 22 Jun 2021 15:39:51 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=500
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
ads
securepubads.g.doubleclick.net/gampad/
16 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3716705843279120&correlator=3370166647976387&output=ldjh&impl=fif&vrg=2021061703&ptt=17&sc=1&sfv=1-0-38&ecs=20210622&iu_parts=30116360%2CHIT_Cybersecurity_Channel_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cust_params=category%3DCybersecurity&cookie_enabled=1&bc=31&abxe=1&lmt=1624376247&dt=1624376390746&dlt=1624376388820&idt=1879&frm=20&biw=1600&bih=1200&oid=3&adxs=100&adys=234&adks=3250472666&ucis=1&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1019x126&msz=1019x126&ga_vid=577947625.1624376390&ga_sid=1624376390&ga_hid=1292963830&ga_fc=false&fws=4&ohw=1019&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
38fe54b023383b7dc6d509138a7720632a0e5ff3df402a4c06ee412231867b2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7700
x-xss-protection
0
google-lineitem-id
5694185209
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138351259891
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.beckershospitalreview.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
651919a5e1205433fe222fbf8057c66f.safeframe.googlesyndication.com/safeframe/1-0-38/html/
0
0
Other
General
Full URL
https://651919a5e1205433fe222fbf8057c66f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ads
securepubads.g.doubleclick.net/gampad/
18 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3716705843279120&correlator=3370166647976387&output=ldjh&impl=fif&vrg=2021061703&ptt=17&sc=1&sfv=1-0-38&ecs=20210622&iu_parts=30116360%2CHIT_Cybersecurity_Channel_600x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=600x90&cust_params=category%3DCybersecurity&cookie_enabled=1&bc=31&abxe=1&lmt=1624376247&dt=1624376390754&dlt=1624376388820&idt=1879&frm=20&biw=1600&bih=1200&oid=3&adxs=115&adys=483&adks=842546752&ucis=2&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&vis=1&dmc=8&scr_x=0&scr_y=0&psz=950x136&msz=840x126&ga_vid=577947625.1624376390&ga_sid=1624376390&ga_hid=1292963830&ga_fc=false&fws=4&ohw=840&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
6a86f12a4d41b4c741fd4a16cc523cfd2061d4333e6f3ca5b49a176986fcf539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9050
x-xss-protection
0
google-lineitem-id
5694185209
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138351261712
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.beckershospitalreview.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
16 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3716705843279120&correlator=3370166647976387&output=ldjh&impl=fif&vrg=2021061703&ptt=17&sc=1&sfv=1-0-38&ecs=20210622&iu_parts=30116360%2CHIT_Cybersecurity_Channel_500x350&enc_prev_ius=%2F0%2F1&prev_iu_szs=500x350&cust_params=category%3DCybersecurity&cookie_enabled=1&bc=31&abxe=1&lmt=1624376247&dt=1624376390757&dlt=1624376388820&idt=1879&frm=20&biw=1600&bih=1200&oid=3&adxs=115&adys=1349&adks=2327316116&ucis=3&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&vis=1&dmc=8&scr_x=0&scr_y=0&psz=965x1373&msz=700x490&ga_vid=577947625.1624376390&ga_sid=1624376390&ga_hid=1292963830&ga_fc=false&fws=4&ohw=700&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
42a1b3c6455657f873e9e2ce0c2f4a644865629c8ff92ba33b74fab0233bb8a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7848
x-xss-protection
0
google-lineitem-id
5694185209
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138350921952
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.beckershospitalreview.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
18 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3716705843279120&correlator=3370166647976387&output=ldjh&impl=fif&vrg=2021061703&ptt=17&sc=1&sfv=1-0-38&ecs=20210622&iu_parts=30116360%2CHIT_Cybersecurity_Channel_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cust_params=category%3DCybersecurity&cookie_enabled=1&bc=31&abxe=1&lmt=1624376247&dt=1624376390760&dlt=1624376388820&idt=1879&frm=20&biw=1600&bih=1200&oid=3&adxs=1095&adys=491&adks=2176011322&ucis=4&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&vis=1&dmc=8&scr_x=0&scr_y=0&psz=390x0&msz=390x0&ga_vid=577947625.1624376390&ga_sid=1624376390&ga_hid=1292963830&ga_fc=false&fws=4&ohw=1400&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
9165e8f802b50149128cde0b8667caba5650927edc320316d953866ba2a66ecb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9103
x-xss-protection
0
google-lineitem-id
5694185209
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138350912730
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.beckershospitalreview.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=beckershospitalreview.com&host=www.beckershospitalreview.com&success=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210617/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7852275301938124&plah=www.beckershospitalreview.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 15:39:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/
0
0
Fetch
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"909 / 975 of 1000 / last-modified: 1624360238"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21790
x-xss-protection
0
expires
Tue, 22 Jun 2021 15:39:50 GMT
/
disqus.com/embed/comments/ Frame C680
7 KB
4 KB
Document
General
Full URL
https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=184686&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&t_d=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&t_t=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&s_o=default
Requested by
Host: beckershospitalreview.disqus.com
URL: https://beckershospitalreview.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
259954dff3175b8bca160966f22eebe099569123d4c5cd8e87f73649e125f5da
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.beckershospitalreview.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.beckershospitalreview.com/

Response headers

Connection
keep-alive
Content-Length
2888
Server
nginx
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Type
text/html; charset=utf-8
Last-Modified
Tue, 22 Jun 2021 12:58:30 GMT
ETag
W/"lounge:view:8606536404.9b2f50725e9f0a5a116a7bd77e25a915.2"
Referrer-Policy
no-referrer-when-downgrade
Content-Encoding
gzip
Date
Tue, 22 Jun 2021 15:39:50 GMT
Age
24
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
sdk.js
connect.facebook.net/en_US/
251 KB
74 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=adaf2b53cd2517d7fdf2193a4108b9dc
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d3622dbac9efe07bb1e3f118f078261eee2bdd19e125a926f3d3546268d931b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.beckershospitalreview.com
Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
BbzlLbvVUYLA5+/gWF/DHQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75865
x-fb-rlafr
0
x-fb-debug
F+FaM5LzSsHXi3Cn6pc4nXW70Qn8Vi0sPjboEB78yhUsdusHGuQBbPoHohAdiSnj7VejlpdJtAdJAr1eWFoNVw==
x-fb-content-md5
f99f15140a2becee111bb68b7876eee4
x-frame-options
DENY
date
Tue, 22 Jun 2021 15:39:50 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"afb67e97ae7ac77d305383cbf3394d27"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 22 Jun 2022 12:51:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B5F6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfkbGk0UVqBykMZ03j94R4QY3aSp6AuCIwtW4ls5TGtr9y-xFtMgLZH9022qtFIbsnIbYClNf1RvyF6Hzi_7cNN8QM7xQX81gbY3zz5UJdSJaMZPXgq9XzXeiQ8sY3LRzltz0j1oFEQ9rWbX70pI0_R4hnbyaB-l4wQmfVnUSPP6Mc4s2P2P-utZOTuxEGBREGtyU1YKWpFZAALCi0T_eEBHhxMWiPVKTx6klwStMcp-UzOOyPJ8hLbdoXEfjZxkL10q6GPVbCEl_MV7f9LsK-_ZQvZuT4ENECJNH_U9JyAaQ_mw5Xq_RlP1sJigmAMH1rsV_vfoh1mCglc85DoGSATOiieZb5&sig=Cg0ArKJSzMmWwHdmpYhZEAE&adurl=
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Jun 2021 15:39:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210617/r20110914/client/ Frame B5F6
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210617/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Jul 2021 15:38:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B5F6
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
490407845cbcf0b8b85cef4e0b80de6777ee5473b8840a83c7e555cb3484309e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624274989777919"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38141
x-xss-protection
0
expires
Tue, 22 Jun 2021 15:39:50 GMT
l
www.google.com/ads/measurement/ Frame B5F6
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQflYzsG0SLeULIs0U7cqNGNm7LqUP-NNy81YvfrW8Qho7W3aMEk8N34kVKhEftjNJ9azAe-p--ggURJMI8pmZna31W4Q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

3361173227506222316
tpc.googlesyndication.com/simgad/ Frame B5F6
63 KB
63 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3361173227506222316
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8514815057a4d15936c3384c2b41d43856ae6ca0d7822545fed34e32bd4eb2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 13:30:11 GMT
x-content-type-options
nosniff
age
7779
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64512
x-xss-protection
0
last-modified
Thu, 27 May 2021 18:58:48 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 13:30:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 30C8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspNL5br8xdSsRvUU4nMO-wTm6WxDnhBqWfaNJQYJX7KWUNsUEw1jkmX0iK_pv_QOoENDh6ofRuJtM7oQ8icqMsrtkjP4PWrVsF2LasirsxXLnOq4l5bVPhBrGPFPSWa8X9xcKFXe7leABH8O14SnrV8BHGPgNUhhozX7BLbNa7szw_zZGOhgWl9NpHDx-bqIb1yUFgBE-HvOGvJPuF6dMWVjx5jf3EVnGH6nlAcnJWsFRvr8wDaggWIGo9LEonCumVzQA8c70wN0oZ_CtZ57W7IoGLz5u3Lb4RtTRRKe3sZdS0w27xwwNEvi_nSqUbIddKUAOB78z0EDiYtbT2XmB1Y4DTlxo&sig=Cg0ArKJSzG9HnCAEePbkEAE&adurl=
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Jun 2021 15:39:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210617/r20110914/client/ Frame 30C8
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210617/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
298
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Jul 2021 15:34:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 30C8
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
490407845cbcf0b8b85cef4e0b80de6777ee5473b8840a83c7e555cb3484309e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624274989777919"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38141
x-xss-protection
0
expires
Tue, 22 Jun 2021 15:39:50 GMT
l
www.google.com/ads/measurement/ Frame 30C8
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8qG3GesubZuUMObrIx15yb3YvGdf82O07_7nMXI_1Xc3T4-rW6ia6L8BJqtHtSdVTw2PLMaSKMh5tmgKkLbd5pD-DQA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

10603951424654759041
tpc.googlesyndication.com/simgad/ Frame 30C8
36 KB
36 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/10603951424654759041
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d915e966efd772bb319b6b978c296ea8b8ad81aaf89473e77e8ee564ef0dde9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 17:05:45 GMT
x-content-type-options
nosniff
age
254045
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37028
x-xss-protection
0
last-modified
Thu, 27 May 2021 18:58:33 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Jun 2022 17:05:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B3B6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIEq06cRrYLzma3UAAKdlNh7lz0Klxar34Z0-WK1qrIr4Go-HdMHWvbApguyImJMypQ5KtWjprumi3tDLWU4rBiLd6ynW-4INCF87yqCwDDMDzncT__4VFRRRm7CaVnahU1xKC0OtlWFksZnYf5pE8nq9IJzAktoyXi336P3ng1zB4gmg8ofpfUmOx797_KqXmEVT3DbaDCuKOqhC2RITmPMMGhFAeIK0R7EFoMVZbO9QR4F_5Va2hooEKDs_bcaUDBA4i6WZSaxAgvuSMvSDAD9XcLL0da88hzIyQh4z7RoNBBY3t1TbVQ9k2vSr_mRnk6t0f3Ig1O-u_7n3WAdLURGWyUjI&sig=Cg0ArKJSzCTz9TUg5hhfEAE&adurl=
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Jun 2021 15:39:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210617/r20110914/client/ Frame B3B6
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210617/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
298
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Jul 2021 15:34:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B3B6
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
490407845cbcf0b8b85cef4e0b80de6777ee5473b8840a83c7e555cb3484309e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624274989777919"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38141
x-xss-protection
0
expires
Tue, 22 Jun 2021 15:39:50 GMT
10283586644908891925
tpc.googlesyndication.com/simgad/ Frame B3B6
38 KB
38 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/10283586644908891925
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f4c190c68007d80dd9091fe41dda8f19945f8352b7c9af4f961fefc681e0772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 17:05:45 GMT
x-content-type-options
nosniff
age
254045
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39159
x-xss-protection
0
last-modified
Thu, 27 May 2021 18:57:15 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Jun 2022 17:05:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1C77
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQrjr9kbYRWPLa_p2wOX8eqQH6UM2U3wTGgmpbQrjvboHyxtTwUY1FL2ihEFqKonuzj09VOOvTtHSHF1vexGiDJpgV1_lqCROjh_ANeTuFOUochELa1FBmsN6wGjfAawl8NRGIwSjKnrzNNLw7AEqKD_BJ-or0u14pYJeEhbxpsaSlViBO0XVAhLSqdBmYrlFsOaZZTQeO-imKy854Htl5ikQvmbK4rcRLFqTMDwPuvM-L0K67sqQCsq1roM6WcoAW5Yubnpn_wGbLQ_A6EG56z107ipSugPMPWGRbjAaNDvw6qBqe7j9-VadsYIknl2KhTDgopHlqhbVU61IjPM-Ek_mcAQZh&sig=Cg0ArKJSzGzyce6WtrIdEAE&adurl=
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Jun 2021 15:39:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 22 Jun 2021 15:39:51 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210617/r20110914/client/ Frame 1C77
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210617/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Jul 2021 15:34:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1C77
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
490407845cbcf0b8b85cef4e0b80de6777ee5473b8840a83c7e555cb3484309e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:51 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624274989777919"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38141
x-xss-protection
0
expires
Tue, 22 Jun 2021 15:39:51 GMT
l
www.google.com/ads/measurement/ Frame 1C77
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPHoDP9ETNJdFFi5hS5vic7A4aKUN0XWeRSxg-iUP-cfnZ3Hz1Oy3xGF0zmmwpd2x7fVdy2ki6VRbEs28lYMAqUz68ZA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

1920955153990837636
tpc.googlesyndication.com/simgad/ Frame 1C77
115 KB
115 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1920955153990837636
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da9f8a71fd29620e2eee0e639d983e22a84f269cfda511ac377046d2287a31fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 17:05:46 GMT
x-content-type-options
nosniff
age
254045
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117461
x-xss-protection
0
last-modified
Thu, 27 May 2021 18:58:13 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Jun 2022 17:05:46 GMT
InviteLarge.png
www.beckershospitalreview.com/templates/beckers/assets/images/
39 KB
39 KB
Image
General
Full URL
https://www.beckershospitalreview.com/templates/beckers/assets/images/InviteLarge.png
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web02.beckersasc.com
Software
Apache /
Resource Hash
a88f91e8d23c1d485aff76f635a59a4a809435e22afbdf75ace116ca39b502c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.beckershospitalreview.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Cookie
__gads=ID=2704f74c2b3ee6e1:T=1624376390:S=ALNI_MbFUMkGhKnLr3x8jUYbAJBPivz2DA
Connection
keep-alive
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:51 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Thu, 13 Aug 2020 12:24:02 GMT
Server
Apache
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=497
Content-Length
39990
Expires
Thu, 22 Jul 2021 15:39:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B5F6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxJvCC_y6jDxPmbuZg91Ru2suWwPeLxk4mCduoU7xnkO3VrlukXuNF7Uxnrd1U_N_Mxmu3b_5vEBAxjIfOUYjDsELcEHMmejN88wDn-LvbpnVnMf5oP0JVa8Ae0MC77uD1CXh90A6WZsarssazTelLaihB6G0HsbE2HWgp3theblH2kbmXfaJgkjOUIiNMfiBWOTy01DVj8CllaVi0IhRbqMtunFCNd01zSxg04sX5BuPOC3btKpFDI7Zp9EBs3u9plnVbM8ZlQFo5JxPTJi0v-jrYA8r5MK2WlSD5qaSez0GlHIT2lGBFjdQMu9wbD8Bhd_KlqQqWWd6Sl_B6Qi-Pw2Jf7xEcBK0&sig=Cg0ArKJSzB9gKliAgWXPEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Jun 2021 15:39:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 22 Jun 2021 15:39:51 GMT
truncated
/ Frame B5F6
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bcc90325186dd57c77d4f8453e1b76475130e5c2f24e41a666ff480048f7e204

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B3B6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNBVH_0OZ93XoY8oU2Eq-dm3H94vnt3iR1GroTtdQGCj0Uo8o8oNDq89onc6LnhLg5LF2fYNFDn_R7PskQJ3KDQaID6fYSTmoz3HSQsU5oG_77cyfLn3-_XE8PQtGETb2269QOBox4bFsViFuIIzTz30dErcVkMj0VrXnCIp_f26_g7_cLw90qFduZ-BiSNcrq4V53LPbg-rIR43jb6osinYJ4g2-bdGxJbJ7URD_-nyuzQ7HWo9ZBtdNKydadTgjdB1-Cee6m9bWOPaqjn6BqeKbYjhSjXCdySi5NI3S4zrn0EFo3OlRucL_6XrVy9GxVgTS_s3UjQ9xYsbQ_Y9H3q4Nw2I7XMw&sig=Cg0ArKJSzPQ9VrmCeXGrEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Jun 2021 15:39:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 22 Jun 2021 15:39:51 GMT
truncated
/ Frame B3B6
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58adbe7ac38ae3a6e7e1e283abced34aacf45c9c487f4fec193ad01c5655e231

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 1C77
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSbdbIDc-c8GZLcuPYPs_XilNzgVZ9j3m6NE72qIs4lVppV95jPItuWoKdK4JCswOtD1nxDnCDKQvGWTbDqRBjdTnQMlDDmtPgFaIVEXJtlbLsYhbNdM1x4VfeQ5ta-WbSYg2qgBa2N2kU85XjRIHbMX_PiIXwehTcxfIwzHjwTsvH6W5drfqTwwSsx9sU72kuXROjQoxRA4u5kT8CzVOEpITJwH-PRM5-fD3-nxF6wPOIvOXu2mB6CwlGqcYngHBZgxR7fYVunIVlaC6sxICZV5E_xC9LA9fgqV5tsXMI-4M5RA06uTK4Q8Ijau0wAjw_C92iluUCKYmmHxEFlDZzlCwfUZXisFw&sig=Cg0ArKJSzHu6NyHkBVu6EAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Jun 2021 15:39:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 22 Jun 2021 15:39:51 GMT
truncated
/ Frame 1C77
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c66f25b855381ad71142f71958713f7543796d20d6f42d7c6d4629a5130b26a7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 30C8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOt-QP1Brk3VvdPTcdPpdnjJAA2EUfB1n1Y0tt7wnI5ZfeSw1G3E_gyPLmi6gn6wotIDvnADDvS6Yr_xm5mlXKZOCRJKtz5nPZVp2TExtkYd14rhWfczlCTjUG8xZsr2tz2eBevutTOk_eIU8Ah6iKY_wtD1v0Fo_4hqFyQsYKBgPwTbjpYt2TFdre1e0gYApu7uevbuW0ntz7to13Tk0_kkgMNNia-YOgCKXveN5LxLDZClAbNsP1Br4CiBaoJJSxSP-cpAq6J2hAeKoSBIqn7O8_rRPCiu96LFE4pn02ADap25zN22BYS6vu9vwXlAfRjOOxUJpzaY7cQ3GBXJGGGUoKjG9MEA&sig=Cg0ArKJSzNuOCkyZOxYmEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Jun 2021 15:39:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 22 Jun 2021 15:39:51 GMT
truncated
/ Frame 30C8
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
415af85578780d4f196d497d908374a3787ffd72c4d4f57547031f0293235664

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
settings
syndication.twitter.com/ Frame B42B
256 B
441 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=e1126781346e019e5fc8aa46c4906d22b3ea67e2
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.beckershospitalreview.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:50 GMT
content-encoding
gzip
last-modified
Tue, 22 Jun 2021 15:39:51 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
a17721b3aab0e1fbfdb448528ff3aeaa9c3a7f8c71dcf81faee2f60411931af9
content-length
176
lounge.load.d540fd3421e2252f4918b57237dfe813.js
c.disquscdn.com/next/embed/ Frame C680
1 KB
1 KB
Script
General
Full URL
https://c.disquscdn.com/next/embed/lounge.load.d540fd3421e2252f4918b57237dfe813.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=184686&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&t_d=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&t_t=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6963499aab5ee1eae71b078d0576ac74a910dfd8090553b83241374224543fc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://disqus.com
Referer
https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=184686&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&t_d=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&t_t=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 21:59:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409233
x-cache
Hit from cloudfront
content-length
534
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 17 Jun 2021 21:48:36 GMT
server
nginx
etag
"60cbc334-216"
content-type
application/javascript; charset=utf-8
via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
expires
Fri, 17 Jun 2022 21:59:18 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C1
timing-allow-origin
*
x-amz-cf-id
vYVCaN6rzVBLNSM5Q0XExjzY9febPpAevdprM4wRaKIwl-AYXJAuug==
x-cache-hits
0
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=670888390172600&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=adaf2b53cd2517d7fdf2193a4108b9dc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
LAtaFmA7ErRSNos6/vr4kP/OFwJJ6x0NabL41vYzftT5sEmusWntQiI/u1FVSF4UZTQpumAucE0dgFfWDTTCKQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 22 Jun 2021 15:39:51 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.beckershospitalreview.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
147 B
Image
General
Full URL
https://www.facebook.com/tr/?id=670888390172600&ev=fb_page_view&dl=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&rl=&if=false&ts=1624376391406&sw=1600&sh=1200&at=
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 22 Jun 2021 15:39:51 GMT
common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
c.disquscdn.com/next/embed/ Frame C680
282 KB
93 KB
Script
General
Full URL
https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.d540fd3421e2252f4918b57237dfe813.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2025b295509745f39f42f941f1f806395a81e23e146febbff2e85e00df651b93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=184686&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&t_d=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&t_t=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:30:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1285775
x-cache
Hit from cloudfront
content-length
94800
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 07 Jun 2021 17:13:02 GMT
server
nginx
etag
"60be539e-17250"
content-type
application/javascript; charset=utf-8
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
expires
Tue, 07 Jun 2022 18:30:16 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C1
timing-allow-origin
*
x-amz-cf-id
cVk5bGrfWQeCsQo_60f4gg3Q2V2H07RdtV7GAzHrvjD8S5kglRvxeQ==
x-cache-hits
0
getArticleRelated.php
www.beckershospitalreview.com/
2 KB
992 B
XHR
General
Full URL
https://www.beckershospitalreview.com/getArticleRelated.php?articleId=184686
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/common.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web02.beckersasc.com
Software
Apache /
Resource Hash
4f6d7104c4b1bff7d332b38563da725674273217ff0fcd5f8122c88b1ce7279a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.beckershospitalreview.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Cookie
__gads=ID=2704f74c2b3ee6e1:T=1624376390:S=ALNI_MbFUMkGhKnLr3x8jUYbAJBPivz2DA
Connection
keep-alive
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=1
Connection
Keep-Alive
Vary
Accept-Encoding,User-Agent
Content-Length
601
Keep-Alive
timeout=2, max=496
Expires
Tue, 22 Jun 2021 15:39:52 GMT
get-hubspot-related.php
www.beckershospitalreview.com/
341 B
688 B
XHR
General
Full URL
https://www.beckershospitalreview.com/get-hubspot-related.php?type=promoted&article-id=184686
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/common.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web02.beckersasc.com
Software
Apache /
Resource Hash
fd785b496be76627d74f94e7b15bc7b88fa9c4b1a09179d21b4b91e9d2d110f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.beckershospitalreview.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Cookie
__gads=ID=2704f74c2b3ee6e1:T=1624376390:S=ALNI_MbFUMkGhKnLr3x8jUYbAJBPivz2DA
Connection
keep-alive
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=31536000
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1
Connection
Keep-Alive
Keep-Alive
timeout=2, max=499
Content-Length
265
Expires
Tue, 22 Jun 2021 15:39:52 GMT
get-latest-articles-by-category.php
www.beckershospitalreview.com/
2 KB
1012 B
XHR
General
Full URL
https://www.beckershospitalreview.com/get-latest-articles-by-category.php?catid=226
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/common.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.227.242.177 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web02.beckersasc.com
Software
Apache /
Resource Hash
48ee7a6f0d169f0f02832b2fc8d56ee3ef45d8f2865346deef4404506b1ad3ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.beckershospitalreview.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Cookie
__gads=ID=2704f74c2b3ee6e1:T=1624376390:S=ALNI_MbFUMkGhKnLr3x8jUYbAJBPivz2DA
Connection
keep-alive
Referer
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=1
Connection
Keep-Alive
Vary
Accept-Encoding,User-Agent
Content-Length
621
Keep-Alive
timeout=2, max=499
Expires
Tue, 22 Jun 2021 15:39:52 GMT
498900.js
js-na1.hs-scripts.com/
1 KB
622 B
Script
General
Full URL
https://js-na1.hs-scripts.com/498900.js
Requested by
Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1624376400000/498900.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2525a053afb82960b8732adebd48ccd860f316e06bccd8cdd80c033ce28a59b2

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:51 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
13
cf-polished
origSize=1469
cf-request-id
0ad5f9cf610000d6cdbb155000000001
x-hubspot-correlation-id
1df378ac-6417-4987-80a2-e92037ecdc11
cf-bgj
minify
server
cloudflare
x-trace
2B07A3682732DBC614F57BE73F366CFF6B90C7B05E000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.beckershospitalreview.com
cache-control
public, max-age=30
access-control-allow-credentials
true
cf-ray
6636925f0b77d6cd-FRA
__ptq.gif
track.hubspot.com/
45 B
388 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=498900&rcu=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&pu=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&t=UVM+Health+still+calculating+losses+8+months+after+multimillion-dollar+ransomware+attack&cts=1624376391510&vi=6aeb131306e8ae6de5056645aece6fca&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:51 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
9fcb48de-9c3c-41ef-a55f-cf4dfb5f3376
cf-ray
6636925f1fffd6c9-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45
cf-request-id
0ad5f9cf740000d6c95c1b1000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1RX3F6WavnUq1xqU1Z%2FaKlZWfrWZYALRv8Kf0%2FkELQHB8%2BOzffPKoOzmgrIpYlQ3I%2BZg2BVoKP9ijeAjqN4tMm1BSx91PzvreyFGIGka8D2Wj%2FDpZLpUt%2BqNvPSFqER7oSNJXnxhAfBDAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
408 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=f30a4301-3d92-43a0-9e22-a609707527b4&fci=88a934a7-81bf-49f6-b590-3a6eba05a4ba&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=498900&rcu=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&pu=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&t=UVM+Health+still+calculating+losses+8+months+after+multimillion-dollar+ransomware+attack&cts=1624376391525&vi=6aeb131306e8ae6de5056645aece6fca&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:51 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
392d1464-f13a-44d0-8c6a-73e996d6c2a9
cf-ray
6636925f1800d6c9-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45
cf-request-id
0ad5f9cf740000d6c98eb2e000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oGQpAJZcj8D5%2BNgDoov0Fkv7rjgcU11legD6GexkokfVmdC7HmuZc%2FsdgfkC2%2BpY7yjc2LBNg992gytyHIkVIxpQlXLQ%2BH6M0EnSGS69laHSj0ms%2BdGrrjxNiuqhqNFlrGLNO%2FUOW7CsQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
385 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=f30a4301-3d92-43a0-9e22-a609707527b4&fci=a5c0f2f4-892d-444b-8883-9f463b65e032&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=498900&rcu=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&pu=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&t=UVM+Health+still+calculating+losses+8+months+after+multimillion-dollar+ransomware+attack&cts=1624376391529&vi=6aeb131306e8ae6de5056645aece6fca&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:51 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
c67c7687-cf78-4a24-a770-478fe9926ddd
cf-ray
6636925f2802d6c9-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45
cf-request-id
0ad5f9cf7a0000d6c9ae37f000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PxEDlSMz8ft%2BdP0w4tYkALo7ste%2FdvYckKLIRkLe4KOzaBRu43PT3sngTYxn%2B7L2dIkOQOiOU6o8FwLvJxPuWn7%2FZ9nNLKBKW1jW%2B0aGySSNhXemGA87swsyHrHtQNudPEJ5JgN7l4PjGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
385 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=7dcacd71-8aa3-4d69-8929-c2a110c47927&fci=06eb491c-5c3b-47bb-b6bf-f7bf6b08ae47&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=498900&rcu=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&pu=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&t=UVM+Health+still+calculating+losses+8+months+after+multimillion-dollar+ransomware+attack&cts=1624376391532&vi=6aeb131306e8ae6de5056645aece6fca&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:51 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
beffce5d-4797-4cc4-914c-ef21e991da0f
cf-ray
6636925f2805d6c9-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45
cf-request-id
0ad5f9cf750000d6c987104000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Fw%2F7paUr%2Ft5z%2FASmtFTMBTtWLjnMCVdwoF4UBppcMUrg3Dt%2BhK7sM0IAJfo9RpQLnNaHhrHMTTWLQ2eRNe5yZDTUpYqS0BQUlFEmMiBs6Phr4RzlYgQiTXe%2FPh1%2Fiqy3yD4n981UnjfppA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
755 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=7dcacd71-8aa3-4d69-8929-c2a110c47927&fci=a9384ff7-a859-4863-9102-4ac198f26be1&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=498900&rcu=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&pu=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&t=UVM+Health+still+calculating+losses+8+months+after+multimillion-dollar+ransomware+attack&cts=1624376391536&vi=6aeb131306e8ae6de5056645aece6fca&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:51 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
204c595e-8979-41ec-9017-a24c9a81d4b4
cf-ray
6636925f2806d6c9-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
45
cf-request-id
0ad5f9cf750000d6c97c291000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=L2Gl08tbSXqP0YyNT0GQ%2BlOnN0LkQHvdVclf4s2bN%2FFdbnh4YUyOoHpv4RZHTfQUi1TEk4ookoiYqXozyw8mMF30RHWhgKY4e6R7Ff%2FknSUh0mMPvFvlGzpEFHIXuc1g6nTqUZ%2FVyfsm5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
sodar
pagead2.googlesyndication.com/getconfig/
10 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210617&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210617/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7852275301938124&plah=www.beckershospitalreview.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26f273c0ccff1e1ce776a6a9d2d2a8c223fe9ac9a66cf569a51c4ba6dadcc0a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Jun 2021 15:39:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7860
x-xss-protection
0
share_button.php
www.facebook.com/v8.0/plugins/ Frame 8AA7
Redirect Chain
  • https://web.facebook.com/v8.0/plugins/share_button.php?app_id=670888390172600&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17c28ed4f392fc%26domai...
  • https://www.facebook.com/v8.0/plugins/share_button.php?app_id=670888390172600&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17c28ed4f392fc%26domai...
42 KB
13 KB
Document
General
Full URL
https://www.facebook.com/v8.0/plugins/share_button.php?app_id=670888390172600&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17c28ed4f392fc%26domain%3Dwww.beckershospitalreview.com%26origin%3Dhttps%253A%252F%252Fwww.beckershospitalreview.com%252Ff170495ceda6168%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial&layout=button_count&locale=en_US&sdk=joey&size=large&_rdc=1&_rdr
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=adaf2b53cd2517d7fdf2193a4108b9dc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1ba384334a639e358d6aae725ea3c0c2f44b39d2ecb80a5d973140b7f35fdcfa
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v8.0/plugins/share_button.php?app_id=670888390172600&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17c28ed4f392fc%26domain%3Dwww.beckershospitalreview.com%26origin%3Dhttps%253A%252F%252Fwww.beckershospitalreview.com%252Ff170495ceda6168%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial&layout=button_count&locale=en_US&sdk=joey&size=large&_rdc=1&_rdr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.beckershospitalreview.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v8.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
n0xP9DkKvdXAFlAJegmT+Myr6jIbKKp5ZmqF3iZvVpJ7bEq7uUHjQMilAcuUESfh1JC/hS8Kkx21kraIYiAcrQ==
date
Tue, 22 Jun 2021 15:39:51 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i

Redirect headers

location
https://www.facebook.com/v8.0/plugins/share_button.php?app_id=670888390172600&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17c28ed4f392fc%26domain%3Dwww.beckershospitalreview.com%26origin%3Dhttps%253A%252F%252Fwww.beckershospitalreview.com%252Ff170495ceda6168%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial&layout=button_count&locale=en_US&sdk=joey&size=large&_rdc=1&_rdr
x-fb-zr-redirect
02|1624462791|
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
70+sZwQZBoKFgvx0EcH0Mm+lIQ+ZoHbIw8/idctpcNe3Toe6Pk+d5AK06dyGskgf2XqCHM8UJIroELAwAq1Nog==
content-length
0
date
Tue, 22 Jun 2021 15:39:51 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
omeda-migrate-cookies.php
processor.asccommunications.com/hubspot/
15 B
92 B
XHR
General
Full URL
https://processor.asccommunications.com/hubspot/omeda-migrate-cookies.php
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/templates/beckers/assets/javascript/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.186.75 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
dev02.beckersasc.com
Software
Apache /
Resource Hash
9d278154d35e2ec203d3962c36e4851f33df583b44fa750362983805411652b3

Request headers

Accept
*/*
Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:51 GMT
server
Apache
vary
User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.beckershospitalreview.com
cache-control
max-age=600
content-length
15
expires
Tue, 22 Jun 2021 15:49:51 GMT
lounge.567531e1abfac5c88f2ef94b952d12ba.css
c.disquscdn.com/next/embed/styles/ Frame C680
158 KB
26 KB
Stylesheet
General
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
58e8635e959ce8b5383dcbf9dd50fda2f6a0aeef426760854dfdb2548a3b77fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=184686&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&t_d=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&t_t=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:30:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1285775
x-cache
Hit from cloudfront
content-length
25570
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 07 Jun 2021 17:13:02 GMT
server
nginx
etag
"60be539e-63e2"
content-type
text/css; charset=utf-8
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
expires
Tue, 07 Jun 2022 18:30:16 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C1
timing-allow-origin
*
x-amz-cf-id
wkzPy1sD9CVm-dtwxI0x4VI-rf17bDzjfArN4KPegTldbbmfrDirzQ==
x-cache-hits
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210617/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7852275301938124&plah=www.beckershospitalreview.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622653785071769"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Tue, 22 Jun 2021 15:39:51 GMT
roundtrip.js
s.adroll.com/j/
43 KB
14 KB
Script
General
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.beckershospitalreview.com
URL: https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb2b3b9f43e5c1a21f68db51c5125ab31a9f1959851452ca6acb5e4a18486fcf

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
k9A65WIMz2v7f4_23Mab1J1F4u_6xgcs
Content-Encoding
gzip
ETag
"e41d9b6c60fdaf55cab379df2b53f244"
x-amz-request-id
GGFG8P8S4GP3BB8P
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
13693
x-amz-id-2
bytt59I3Alur8C8g0/pV7NCbYNxtlSsueQQ6z+6Mkn1+Fea3kyjwjrCUIZw/QrbPkQXunvwppyo=
Last-Modified
Mon, 21 Jun 2021 22:07:49 GMT
Server
AmazonS3
Date
Tue, 22 Jun 2021 15:39:51 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
lounge.bundle.56cd48e5a629f9154816339b3fb2942a.js
c.disquscdn.com/next/embed/ Frame C680
467 KB
118 KB
Script
General
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.56cd48e5a629f9154816339b3fb2942a.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4f1cd5683319e039a90798160fcea90ffa82d2a677f5c4b685134a795ebc9e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=184686&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&t_d=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&t_t=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 21:59:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409233
x-cache
Hit from cloudfront
content-length
120373
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 17 Jun 2021 21:48:37 GMT
server
nginx
etag
"60cbc335-1d635"
content-type
application/javascript; charset=utf-8
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
expires
Fri, 17 Jun 2022 21:59:17 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C1
timing-allow-origin
*
x-amz-cf-id
trlv6V4LnPFY8ZCl2vbWeGRq2sheKtLA0EWvtbK95ksbc-7PocZGuQ==
x-cache-hits
0
config.js
disqus.com/next/ Frame C680
12 KB
12 KB
Script
General
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eea4ac1d9ce2e035c5810e6b8d764e24b86d236c49a1fe42d098a07a9845525b
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=184686&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&t_d=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&t_t=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:51 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
11
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
12020
X-XSS-Protection
1; mode=block
conversations-embed.js
js.usemessages.com/
81 KB
19 KB
Script
General
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/498900.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
203463c75609758683760d6408ad7a2ff73146bc7891686a945fc2b57652b182

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:51 GMT
via
1.1 9c90b41a9e5ac2856624d29ed4da4235.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
452
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.8965/bundles/project.js&cfRay=663687533a13c29a-EWR
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
0ad5f9cfe500002bb93a06b000000001
last-modified
Tue, 15 Jun 2021 07:58:52 UTC
server
cloudflare
etag
W/"09e6153a85944e292fc190e5f2284039"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
41pQDh_l8BcRR85g8MUdkA6_jhzh3J5G
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-C3
cf-ray
6636925f99b02bb9-FRA
x-amz-cf-id
-UvPcdUDEtU4xVXkwo3gQj4ik3ah8aJMRH5VzThDzOOfk5QNZS8buQ==
x-hs-target-asset
conversations-embed/static-1.8965/bundles/project.js
498900.js
js.hs-banner.com/
59 KB
14 KB
Script
General
Full URL
https://js.hs-banner.com/498900.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/498900.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17cf427ba20868c2784ba770e1803247a4ba5e2fc146838fa82a9c8ee8070252

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:51 GMT
content-encoding
br
cf-cache-status
HIT
age
140
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-request-id
TT5ZH9DMSD4QQRQF
x-amz-id-2
FhfHVUtv80xq1PM1CXCElhTqQPQUxkfBHCTWkCz5iq2OAFn8XjsFT9cdPd2LyU8T3qv6ChBzCoI=
timing-allow-origin
*
last-modified
Thu, 27 May 2021 16:27:13 GMT
server
cloudflare
etag
W/"ea58589a14892f592bde66c8061df2e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
quxLTqMfIl2mbhGdeBkL3FBmeXlTQCkw
access-control-allow-origin
https://www.beckersasc.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-request-id
0ad5f9cfaa0000d72de39f6000000001
cf-ray
6636925f7938d72d-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Tue, 22 Jun 2021 15:42:31 GMT
button.5573c974dc31bbdab5ea7923a0bd5cf3.js
platform.twitter.com/js/
7 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.5573c974dc31bbdab5ea7923a0bd5cf3.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6763) /
Resource Hash
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:56:41 GMT
Server
ECS (frb/6763)
Age
64376
Etag
"382be2960021b88f6ce982d997cdbd01+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2294
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 5442
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/223/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.beckershospitalreview.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.beckershospitalreview.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 22 Jun 2021 14:40:47 GMT
expires
Wed, 22 Jun 2022 14:40:47 GMT
last-modified
Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3544
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 38A0
783 B
532 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
331edd262a621226fd3a6d823d72603beadf6d183222316fafa1b4c66ff6df3a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YdEMrOY76TzlX4yLuk9i0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.beckershospitalreview.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.beckershospitalreview.com/

Response headers

expires
Tue, 22 Jun 2021 15:39:51 GMT
date
Tue, 22 Jun 2021 15:39:51 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-YdEMrOY76TzlX4yLuk9i0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/JQYF3N5JPJGL3IXYVZYR5C/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
747 B
Script
General
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
E6Gl9B7gPbHVX38jHWUJV0Im5cXEZg8.
Content-Encoding
gzip
ETag
"5816cced8568d223aa09d889f300692b"
x-amz-request-id
6J6WV6RWN730WHRP
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
48
x-amz-id-2
5fY3mOf86PHfXzznpqyZ93VnsPjHl6TGgYcWIYb8oAwsAUfC3CR9Q6oHbvANb3at/wFXTkgrlzE=
Last-Modified
Thu, 20 May 2021 19:48:38 GMT
Server
AmazonS3
Date
Tue, 22 Jun 2021 15:39:51 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Tue, 22 Jun 2021 15:39:51 GMT
Server
AkamaiGHost
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
index.js
s.adroll.com/j/pre/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7/
0
705 B
Script
General
Full URL
https://s.adroll.com/j/pre/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
f0MBVufo0ONWLY0yN15jzG3GefHqkGNH
ETag
"d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id
40J00DVKGR6TMCS1
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
0
x-amz-id-2
GS4NxwsnPy8LDMfE30N7t18ai/yMkW52fAZdm8HLPnVToJYEGqalcNrdxyLyaeIDq2Y/PlDCj8w=
Last-Modified
Mon, 21 Jun 2021 15:17:06 GMT
Server
AmazonS3
Date
Tue, 22 Jun 2021 15:39:52 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
d.adroll.com/consent/check/JQYF3N5JPJGL3IXYVZYR5C/
Redirect Chain
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/JQYF3N5JPJGL3IXYVZYR5C?_s=1477fa4f71a1555c16d83a0716a65c2c&_b=2
  • https://d.adroll.com/consent/check/JQYF3N5JPJGL3IXYVZYR5C/?_s=1477fa4f71a1555c16d83a0716a65c2c&_b=2
395 B
863 B
Script
General
Full URL
https://d.adroll.com/consent/check/JQYF3N5JPJGL3IXYVZYR5C/?_s=1477fa4f71a1555c16d83a0716a65c2c&_b=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.23.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-23-153.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
eef1608d745098c7ef5e84ca4b5b57243c7e428fa35c93841914a41a1e17707d

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 15:39:51 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-type
application/javascript
content-length
395
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

location
https://d.adroll.com/consent/check/JQYF3N5JPJGL3IXYVZYR5C/?_s=1477fa4f71a1555c16d83a0716a65c2c&_b=2
date
Tue, 22 Jun 2021 15:39:51 GMT
server
nginx/1.20.0
content-length
105
details
disqus.com/api/3.0/forums/ Frame C680
3 KB
4 KB
XHR
General
Full URL
https://disqus.com/api/3.0/forums/details?forum=beckershospitalreview&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
202a3810fa1d7df99b9626b34749c435963b52323ac83d11b62ff4f5b2e8971d
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=184686&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&t_d=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&t_t=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&s_o=default
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:51 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
8
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
3372
X-XSS-Protection
1; mode=block
tweet_button.06c6ee58c3810956b7509218508c7b56.en.html
platform.twitter.com/widgets/ Frame E27F
32 KB
12 KB
Document
General
Full URL
https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6763) /
Resource Hash
483cc9a5ece5c92d5a2f1ea6e92e7f8bc29844a6c06bf36c0349d70334685dc7

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.beckershospitalreview.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.beckershospitalreview.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
64375
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 22 Jun 2021 15:39:51 GMT
Etag
"a87932e0f094e1fb4cced05f7d97ab94+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:47 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6763)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12228
noavatar92.png
a.disquscdn.com/1623278138/images/ Frame C680
2 KB
2 KB
Image
General
Full URL
https://a.disquscdn.com/1623278138/images/noavatar92.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=184686&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&t_d=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&t_t=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:51 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
age
1015729
etag
"60395f01-66c"
strict-transport-security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection
1; mode=block
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C2
content-type
image/png
content-length
1644
x-amz-cf-id
gwmSf1x2XUK5RFUWYP4jpFLceRy4By5JB4czoOElTiAUynV9vSJviw==
expires
Sat, 10 Jul 2021 21:31:02 GMT
ps3LEjFUMch.png
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame 8AA7
441 B
688 B
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/ps3LEjFUMch.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v8.0/plugins/share_button.php?app_id=670888390172600&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17c28ed4f392fc%26domain%3Dwww.beckershospitalreview.com%26origin%3Dhttps%253A%252F%252Fwww.beckershospitalreview.com%252Ff170495ceda6168%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial&layout=button_count&locale=en_US&sdk=joey&size=large&_rdc=1&_rdr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
17b988bc33e2b6c542f866ef473aaa3d20a9d4536a1ca636c061c5011a5ac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:51 GMT
x-content-type-options
nosniff
content-md5
bIdClDVUx2JypSkH1jl0jQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
441
x-fb-rlafr
0
x-fb-debug
D038J/tfGuQ49/LDejEIzKTL2072ZilAVSyjaDPThUV3jOPCfNKS5RBqsLC/rppIwkrBIDz7g+lDHXppeOe5ag==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 17 Jun 2022 00:11:38 GMT
Z0_vFuDpPXn.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/ym/l/en_US/ Frame 8AA7
508 KB
133 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/ym/l/en_US/Z0_vFuDpPXn.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v8.0/plugins/share_button.php?app_id=670888390172600&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17c28ed4f392fc%26domain%3Dwww.beckershospitalreview.com%26origin%3Dhttps%253A%252F%252Fwww.beckershospitalreview.com%252Ff170495ceda6168%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial&layout=button_count&locale=en_US&sdk=joey&size=large&_rdc=1&_rdr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
68f74d0f0eb403e3cc1d1fcb8c6ae1fbff51f80ff0d326b01777e2cf724f207a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:51 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
6NuGZjFfM+XaUwyquBZrAQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
135924
x-fb-rlafr
0
x-fb-debug
unRgS1uqMmtFIioEX+D462K5zOeF+oWL/jFR3XP1a0l64dcBnPd/VVrH7xPMWwQ+0bIV5uOxKsRac/esCY0r2A==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 22 Jun 2022 11:39:24 GMT
public
api.hubspot.com/livechat-public/v1/message/
473 B
1 KB
XHR
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=498900&conversations-embed=static-1.8965&mobile=false&messagesUtk=d74feb4b48dd40d9962c01d0fe6e691d&traceId=d74feb4b48dd40d9962c01d0fe6e691d&hubspotUtk=6aeb131306e8ae6de5056645aece6fca&__hstc=77465994.6aeb131306e8ae6de5056645aece6fca.1624376391507.1624376391507.1624376391507.1&__hssc=77465994.1.1624376391507
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b6930e7d0346690a9c7ef8cef674239579b7b77f9535fa82ae26151574af93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri
https://www.beckershospitalreview.com/cybersecurity/uvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html?origin=BHRE&utm_source=BHRE&utm_medium=email&utm_content=newsletter&oly_enc_id=3514E0597189F5X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.beckershospitalreview.com/

Response headers

date
Tue, 22 Jun 2021 15:39:52 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
7bf0437c-bdf0-457c-ab4c-523f2b4c3e13
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
350
cf-request-id
0ad5f9d12900004aa953951000000001
server
cloudflare
x-trace
2BE631CDAE8C6F486DB6C09991BEF81CC424816C60000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PgBlTCGM8oV%2Blp5X22OS7kbMJ14kSwCBvNoCpKu6ObwUqQpbWQdM6sYxdZ4jS65D6x9O8yvUmztJKXkJreH9axnzedLoM1oaaN4wyUSpTzurg2DJCWT1qVww%2BRbQqSb4wiqVJiJzoac%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.beckershospitalreview.com
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
cf-ray
66369261da904aa9-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
public
api.hubspot.com/livechat-public/v1/message/ Frame
0
0
Preflight
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=498900&conversations-embed=static-1.8965&mobile=false&messagesUtk=d74feb4b48dd40d9962c01d0fe6e691d&traceId=d74feb4b48dd40d9962c01d0fe6e691d&hubspotUtk=6aeb131306e8ae6de5056645aece6fca&__hstc=77465994.6aeb131306e8ae6de5056645aece6fca.1624376391507.1624376391507.1624376391507.1&__hssc=77465994.1.1624376391507
Protocol
H2
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-hubspot-messages-uri
Origin
https://www.beckershospitalreview.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 22 Jun 2021 15:39:51 GMT
content-type
text/plain; charset=utf-8
content-length
18
cf-ray
66369260fe824eb6-FRA
access-control-allow-origin
https://www.beckershospitalreview.com
allow
HEAD,GET,OPTIONS
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cf-cache-status
DYNAMIC
access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
cf-request-id
0ad5f9d0a000004eb6148fc000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id
4c32b977-f179-48bc-bc0e-a64b35c9b187
x-trace
2BA58732C7424C0984BD98834C17267E54AA9A8D2D000000000000000000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hImt1hTpBRAeKR1eFuKnTGffKn%2FfSsLzFZTyLa4D2ft71IciqhyM4gcSw8eXhf%2FNm4RFZzJQt73FYEnvkOvtVYpvmpob3%2BRINul8GL8ansDIWnEi9tzDAgRcc79p4S5RVyX8SJ35tIQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame C680
13 KB
13 KB
Image
General
Full URL
https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 14:37:41 GMT
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
4755730
x-cache
Hit from cloudfront
content-length
13079
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 27 Apr 2021 21:01:56 GMT
server
nginx
etag
"60887bc4-3317"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
expires
Thu, 28 Apr 2022 14:37:41 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
zAtxE1vfEcF3aBhJvQdWx7bMy8H-eLLzbibJ_w9XO-laMckUfz3a6Q==
x-cache-hits
0
loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame C680
3 KB
3 KB
Image
General
Full URL
https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 04:58:07 GMT
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
12048104
x-cache
Hit from cloudfront
content-length
2971
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 27 Jan 2021 17:23:07 GMT
server
nginx
etag
"6011a17b-b9b"
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 03 Feb 2022 04:58:07 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
KkpdG90vi5KqoCK0sfUqisoF_q-YvQwM2QXHPx0zV16VfS3g1s-N_g==
x-cache-hits
0
icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame C680
8 KB
8 KB
Font
General
Full URL
https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://disqus.com
Referer
https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 09:01:33 GMT
via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
4257497
x-cache
Hit from cloudfront
content-length
7900
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-1edc"
content-type
application/octet-stream
access-control-allow-origin
*
expires
Wed, 04 May 2022 09:01:33 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
b7kpXm-iZHEcj8zRKrXiFuryvSORcbRFCU9TxPpP0jQ8vGfs8ZUHBA==
x-cache-hits
0
p
olytics.omeda.com/olytics/segments/ Frame
0
0
Preflight
General
Full URL
https://olytics.omeda.com/olytics/segments/p
Protocol
HTTP/1.1
Server
204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.beckershospitalreview.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
*
vary
Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers
access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length
0
Date
Tue, 22 Jun 2021 15:39:51 GMT
Server
Apache
/
olytics.omeda.com/olytics/segments/form/check/ Frame
0
0
Preflight
General
Full URL
https://olytics.omeda.com/olytics/segments/form/check/
Protocol
HTTP/1.1
Server
204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.beckershospitalreview.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
*
vary
Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers
access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length
0
Date
Tue, 22 Jun 2021 15:39:51 GMT
Server
Apache
p
olytics.omeda.com/olytics/segments/
405 B
699 B
XHR
General
Full URL
https://olytics.omeda.com/olytics/segments/p
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
3e6e5680fede60b7cdc0e8c50334aff500bf62bcaa228c0656a2f8c9da482f4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 22 Jun 2021 15:39:51 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
/
olytics.omeda.com/olytics/segments/form/check/
20 B
313 B
XHR
General
Full URL
https://olytics.omeda.com/olytics/segments/form/check/
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 22 Jun 2021 15:39:51 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
cswitch
olytics.omeda.com/olytics/segments/
20 B
313 B
XHR
General
Full URL
https://olytics.omeda.com/olytics/segments/cswitch
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 22 Jun 2021 15:39:51 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
cswitch
olytics.omeda.com/olytics/segments/ Frame
0
0
Preflight
General
Full URL
https://olytics.omeda.com/olytics/segments/cswitch
Protocol
HTTP/1.1
Server
204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.beckershospitalreview.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
*
vary
Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers
access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length
0
Date
Tue, 22 Jun 2021 15:39:51 GMT
Server
Apache
realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 0940
337 B
807 B
Stylesheet
General
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Requested by
Host: beckershospitalreview.disqus.com
URL: https://beckershospitalreview.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 22:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1012226
x-cache
Hit from cloudfront
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 10 Jun 2021 21:33:44 GMT
server
nginx
etag
"60c28538-f4"
content-type
text/css; charset=utf-8
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
expires
Fri, 10 Jun 2022 22:29:25 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C1
timing-allow-origin
*
x-amz-cf-id
uwq6MhlTi9UYm9FKqKq2UTHxv3HC0qS7B1XOX1cDFbDGJRVE5ACgng==
x-cache-hits
0
realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 9FAF
337 B
805 B
Stylesheet
General
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Requested by
Host: beckershospitalreview.disqus.com
URL: https://beckershospitalreview.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 22:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1012226
x-cache
Hit from cloudfront
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 10 Jun 2021 21:33:44 GMT
server
nginx
etag
"60c28538-f4"
content-type
text/css; charset=utf-8
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
expires
Fri, 10 Jun 2022 22:29:25 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C1
timing-allow-origin
*
x-amz-cf-id
tKouMh9_HIBlAgmYrpEPcswXA4Wt0ZpIs9BXNxi544ayQMet_dfBRg==
x-cache-hits
0
sdk.js
connect.facebook.net/en_US/ Frame C680
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
70e5cb6d8593a2ca27ef1b7873962ca558ddfbf9c1d597aed663505b214abede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=184686&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&t_d=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&t_t=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
QvKbZzUu43o+Tf0yH68yJA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
JwAv20v7Rb7zD4E4XpZmgP6qC87nbhZbt6m7W9M/6JRl3qGhEIw3xfmASkJWMSsbfghkGWrjIVAagsjcas9uzA==
x-fb-trip-id
686109401
x-fb-content-md5
2ef0304f05bd3ae2ee4414d47610a7b7
x-frame-options
DENY
date
Tue, 22 Jun 2021 15:39:51 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"1fee8d9d1b7ad0fd7c393a57cf39f616"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 22 Jun 2021 15:42:13 GMT
api.js
apis.google.com/js/ Frame C680
12 KB
6 KB
Script
General
Full URL
https://apis.google.com/js/api.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a04dc65730d3624eb34c304548dcf1ab841c048ca5c76e450596e8c3ba47e7b7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7HY7IqrWTiuQ9xMFfBouNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=184686&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&t_d=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&t_t=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"bbfe0ebc68359b1002f7b657f59a0b9a"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-7HY7IqrWTiuQ9xMFfBouNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Tue, 22 Jun 2021 15:39:52 GMT
truncated
/ Frame E27F
822 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame C680
13 KB
13 KB
Image
General
Full URL
https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 14:37:41 GMT
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
4755731
x-cache
Hit from cloudfront
content-length
13079
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 27 Apr 2021 21:01:56 GMT
server
nginx
etag
"60887bc4-3317"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
expires
Thu, 28 Apr 2022 14:37:41 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
81CN0cgo00OZXFv59rV8Gfr1YeZt2275cxnFpGtb22wuCDwmcQlnqw==
x-cache-hits
0
E5Z5CE3QIZFWDO32KJIMW5.js
s.adroll.com/pixel/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7/
Redirect Chain
  • https://d.adroll.com/pixel/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity...
  • https://s.adroll.com/pixel/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7/E5Z5CE3QIZFWDO32KJIMW5.js
4 KB
2 KB
Script
General
Full URL
https://s.adroll.com/pixel/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7/E5Z5CE3QIZFWDO32KJIMW5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0345e48ed4fdd1ca080f30e2e64a8c71b3c8c030ce618222ee64be5f8cc7f635

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
25mnvqpQ3kXb0J7EaE.hpcs3zsUKAZcM
Content-Encoding
gzip
ETag
"00ee0128ce9f974d60bdd6413d526e10"
x-amz-request-id
F3C974B3ECE375DF
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1500
x-amz-id-2
xmy8EkxCf48nKFG7rQgGNxVf5SjMOaY6LeYAiWfvOcQuZFqegk0QI9X4G+2CDBN4OXRzNIyqXYg=
Last-Modified
Tue, 08 Dec 2020 23:19:52 GMT
Server
AmazonS3
Date
Tue, 22 Jun 2021 15:39:52 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

pragma
no-cache
x-conversion-value
0.00
server
nginx/1.20.0
x-rule
*
date
Tue, 22 Jun 2021 15:39:52 GMT
x-segment-eid
E5Z5CE3QIZFWDO32KJIMW5
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://s.adroll.com/pixel/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7/E5Z5CE3QIZFWDO32KJIMW5.js
cache-control
no-store, no-cache, must-revalidate
x-segment-display-name
Visitors to Unsegmented Pages
x-pixel-eid
WCNBXDE6Q5ETTM2BEJXDP7
x-segment-name
*
x-advertisable-eid
JQYF3N5JPJGL3IXYVZYR5C
content-length
0
x-conversion-currency
cavalry_endpoint.php
www.facebook.com/common/ Frame 8AA7
67 B
97 B
Image
General
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1624376391808&t_start=1624376391809&t_domcontent=1624376391992&t_layout=1624376392071&t_onload=1624376392071&t_paint=1624376392071&t_creport=1624376392071&t_tti=1624376391992&lid=6976643477077787119-0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/v8.0/plugins/share_button.php?app_id=670888390172600&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17c28ed4f392fc%26domain%3Dwww.beckershospitalreview.com%26origin%3Dhttps%253A%252F%252Fwww.beckershospitalreview.com%252Ff170495ceda6168%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Futm_source%3Dfacebook%26utm_medium%3Dsocial&layout=button_count&locale=en_US&sdk=joey&size=large&_rdc=1&_rdr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
huJL/8g33I6TnWe5BErYWy6DB6PxxsbRRaHmrHAwA6UasbqUvCQ+Kdi30fOZ+Po1XWXMd6C/WU1igXn5ulo+5g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 22 Jun 2021 15:39:52 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
eOgDGfqcQegWjA8qbjqFj-1olP7cUin4sCMz-IjcpPs.js
pagead2.googlesyndication.com/bg/ Frame 5442
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/eOgDGfqcQegWjA8qbjqFj-1olP7cUin4sCMz-IjcpPs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78e80319fa9c41e8168c0f2a6e3a858fed6894fedc5229f8b02333f888dca4fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:33:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5797
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 13:18:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jun 2022 15:33:54 GMT
sdk.js
connect.facebook.net/en_US/ Frame C680
251 KB
74 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=adaf2b53cd2517d7fdf2193a4108b9dc
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d3622dbac9efe07bb1e3f118f078261eee2bdd19e125a926f3d3546268d931b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://disqus.com
Referer
https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=184686&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&t_d=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&t_t=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
BbzlLbvVUYLA5+/gWF/DHQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75865
x-fb-rlafr
0
x-fb-debug
F+FaM5LzSsHXi3Cn6pc4nXW70Qn8Vi0sPjboEB78yhUsdusHGuQBbPoHohAdiSnj7VejlpdJtAdJAr1eWFoNVw==
x-fb-content-md5
f99f15140a2becee111bb68b7876eee4
x-frame-options
DENY
date
Tue, 22 Jun 2021 15:39:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"afb67e97ae7ac77d305383cbf3394d27"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 22 Jun 2022 12:51:15 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/ Frame C680
102 KB
34 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66dc84eff4279521a92d581a7d875df3382a15620944aee348c0fac4b87646f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=184686&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&t_d=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&t_t=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 19:19:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34654
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 19:21:40 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jun 2022 19:19:27 GMT
status
www.facebook.com/x/oauth/ Frame C680
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.beckershospitalreview.com&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Dbeckershospitalreview%26t_i%3D184686%26t_u%3Dhttps%253A%252F%252Fwww.beckershospitalreview.com%252Fcybersecurity%252Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%26t_d%3D%250A%2509%2509UVM%2520Health%2520still%2520calculating%2520losses%25208%2520months%2520after%2520multimillion-dollar%2520ransomware%2520attack%26t_t%3D%250A%2509%2509UVM%2520Health%2520still%2520calculating%2520losses%25208%2520months%2520after%2520multimillion-dollar%2520ransomware%2520attack%26s_o%3Ddefault%23version%3Dd540fd3421e2252f4918b57237dfe813&sdk=joey&wants_cookie_data=false
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
tF1oICTgblXgFz2L4eu/deXysvysmybIIfSBwvgFS6IYmNPaLJPUk73FvV846nxeTykTHxvWjLrKB96kkDb+kg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 22 Jun 2021 15:39:52 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://disqus.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
iframe
accounts.google.com/o/oauth2/ Frame 2BB8
513 B
669 B
Document
General
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f277f83d1bda3610ead4e313b359ed71b0ebae1e3e55d23f6abefc495bdef10
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rNv39U750FvP79y0tC5n3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=184686&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&t_d=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&t_t=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&s_o=default
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=217=G6ufkpXu0UkUrqxtHCZiD0ffWMNSBF8bC7nBfhU2LGzMb09XJfYjgo9jWnpMKJ1uJUBHNExCmIDNkABDu-QGXtmwJims6nQ-qExXGda63G3w4DcWoKrYn5xTJb2AE4OOLhe0xstzwR4JLBW1hJga3wtJ_-Wg-0gD26NRkdaIjhM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=184686&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&t_d=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&t_t=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&s_o=default

Response headers

content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 22 Jun 2021 15:39:52 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-rNv39U750FvP79y0tC5n3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
jot
syndication.twitter.com/i/
43 B
375 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22l%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1624376392171%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Tue, 22 Jun 2021 15:39:52 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
a17721b3aab0e1fbfdb448528ff3aeaa9c3a7f8c71dcf81faee2f60411931af9
x-transaction
534cd5d6c69cfb43
expires
Tue, 31 Mar 1981 05:00:00 GMT
3397603572-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame 2BB8
115 KB
40 KB
Script
General
Full URL
https://ssl.gstatic.com/accounts/o/3397603572-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c229a3c6b9f670214b7efebe7f39502f57924293431e92dd72173adf1dddda43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 14:25:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40283
x-xss-protection
0
last-modified
Fri, 11 Jun 2021 22:34:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jun 2022 14:25:01 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame 2BB8
14 B
58 B
XHR
General
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/3397603572-idpiframe.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With
XmlHttpRequest

Response headers

date
Tue, 22 Jun 2021 15:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 22 Jun 2021 16:39:52 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B3B6
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsmINetxGzy9dY6H1iwi8G7gkKriGomKdwlWbSXFgg0oA6AKx6mFOLl8aAYrInuuKjusbMYpqrQ0grYLz-UTGIBWwJEzy-OtZusbcDSkhx9vbBPevq&sig=Cg0ArKJSzL3UTssmwv9EEAE&id=lidar2&mcvt=1002&p=234,100,324,828&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210621&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3250472666&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624376390947&rpt=411&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 15:39:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B5F6
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLTvaGwLqk1zHyaoL7js6UcHbBKfx404D2c8CFB-Myr_qrNS9ZJ9Y5Kfk8i8XyV35sBfR8X_wH20ie7TQ3EUILtzGy_HLApVZ5lFnhoenkIAzaNh5J&sig=Cg0ArKJSzJBBTNdY1I04EAE&id=lidar2&mcvt=1005&p=481,1095,731,1395&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20210621&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2176011322&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624376390887&rpt=396&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 15:39:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
94 KB
24 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d.adroll.com
URL: https://d.adroll.com/pixel/JQYF3N5JPJGL3IXYVZYR5C/WCNBXDE6Q5ETTM2BEJXDP7?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&xid_ch=f&pv=48068190855.758575&cookie=&adroll_s_ref=&keyw=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
388906152967f639b6aa0e48c8cd9b7c536aa9a9484393754cfb6f14b178c8a5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24515
x-xss-protection
0
pragma
public
x-fb-debug
7jqvj1kLn2IzYkfEkuq35EvQ8oXcGOAgeAFHIKP9JIjw0WmG2spMoTGplHAWltda10Mj7DTQ6UHdj471CezaRQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 22 Jun 2021 15:39:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
pixel.advertising.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/aol/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-...
  • https://pixel.advertising.com/ups/55980/sync?uid=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
0
125 B
Image
General
Full URL
https://pixel.advertising.com/ups/55980/sync?uid=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.254.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-254-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:52 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://pixel.advertising.com/ups/55980/sync?uid=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma
no-cache
date
Tue, 22 Jun 2021 15:39:52 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
167
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&expiration=1655912392
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&expiration=1655912392&C=1
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&expiration=1655912392&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 15:39:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Jun 2021 15:39:52 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 15:39:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&expiration=1655912392&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
333
Expires
Tue, 22 Jun 2021 15:39:52 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-mo...
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&expires=365
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&expires=365
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&expires=365
pragma
no-cache
date
Tue, 22 Jun 2021 15:39:52 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
124
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-loss...
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&rdrctExp=true
0
477 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&rdrctExp=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:52 GMT
Cache-Control
no-cache
X-TraceId
7a4cafc506b93aa47a949f9c135eee1a
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&rdrctExp=true
Date
Tue, 22 Jun 2021 15:39:52 GMT
X-TraceId
7621fac2182568cf32ae22ba27dbc623
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-loss...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...
1 B
547 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:51 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:397
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma
no-cache
date
Tue, 22 Jun 2021 15:39:52 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
220
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
v1
ads.yahoo.com/cms/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-mo...
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
0
298 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:52 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

location
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma
no-cache
date
Tue, 22 Jun 2021 15:39:52 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
165
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losse...
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA
0
247 B
Image
General
Full URL
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Tue, 22 Jun 2021 15:39:52 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12597

Redirect headers

location
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA
pragma
no-cache
date
Tue, 22 Jun 2021 15:39:52 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
111
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-lo...
  • https://eb2.3lift.com/xuid?mid=4714&xuid=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
37 B
351 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.83.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-83-29.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=4714&xuid=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
date
Tue, 22 Jun 2021 15:39:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-mo...
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA
43 B
345 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.13.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-13-31.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA
date
Tue, 22 Jun 2021 15:39:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
bounce
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-mo...
  • https://ib.adnxs.com/setuid?entity=172&code=YTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 15:39:52 GMT
X-Proxy-Origin
152.89.163.148; 152.89.163.148; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3c4a81f9-c0c9-4a78-bda5-9f487c7c0ca2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Jun 2021 15:39:52 GMT
X-Proxy-Origin
152.89.163.148; 152.89.163.148; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1d50585c-44c1-4fca-93b8-9de18df1f1fa
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTAxMzdiN2RjMTM4NWQxZjczZGI5NDg2Y2MzYWQ2ZjA
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
out
d.adroll.com/cm/l/
42 B
180 B
Image
General
Full URL
https://d.adroll.com/cm/l/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&xid_ch=f&advertisable=JQYF3N5JPJGL3IXYVZYR5C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.23.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-23-153.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:52 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-mo...
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=a0137b7dc1385d1f73db9486cc3ad6f0
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a0137b7dc1385d1f73db9486cc3ad6f0
43 B
180 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a0137b7dc1385d1f73db9486cc3ad6f0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 15:39:52 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a0137b7dc1385d1f73db9486cc3ad6f0
date
Tue, 22 Jun 2021 15:39:52 GMT
via
1.1 google
server
OXGW/16.209.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=6077b9df8cea3bd2a5730cc93d7885a4-1624376392021&arrfrr=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-mo...
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=oBN7fcE4XR9z25SGzDrW8A
  • https://d.adroll.com/cm/g/in
42 B
537 B
Image
General
Full URL
https://d.adroll.com/cm/g/in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.23.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-23-153.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 15:39:52 GMT
server
nginx/1.20.0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42
x-result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Tue, 22 Jun 2021 15:39:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d.adroll.com/cm/g/in
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
187952941924941
connect.facebook.net/signals/config/
261 KB
74 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/187952941924941?v=2.9.41&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9635ad3e2adde96b3834f68f7b8ff03121082b244e842c24413cbbdb89342994
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
9/CMjxtJD9vWqXaeD7YdvrLEz/mmsRTS70FplicXg0sVIYpiZYPbpGWbopLUD5MBO5XuumeHzGb0bF0MB9jj+Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 22 Jun 2021 15:39:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
noavatar92.png
a.disquscdn.com/1623278138/images/ Frame C680
2 KB
2 KB
Image
General
Full URL
https://a.disquscdn.com/1623278138/images/noavatar92.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.56cd48e5a629f9154816339b3fb2942a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=184686&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&t_d=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&t_t=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
age
1015730
etag
"60395f01-66c"
strict-transport-security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection
1; mode=block
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C2
content-type
image/png
content-length
1644
x-amz-cf-id
gwmSf1x2XUK5RFUWYP4jpFLceRy4By5JB4czoOElTiAUynV9vSJviw==
expires
Sat, 10 Jul 2021 21:31:02 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 30C8
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6flkFF7WFT6vSWRQQTHi-ddD075uYMLysX7vMm2LRfNkFiNz93LFr5wmx-9zeyxzilgoZ3mKbMpTz1VgbiIWr5MnDsGLu8DFTGMo0jZvxULf1U2QK&sig=Cg0ArKJSzAvg-orG0H7rEAE&id=lidar2&mcvt=1012&p=483,115,573,715&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20210621&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=842546752&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624376390923&rpt=491&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 15:39:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210617&jk=3716705843279120&bg=!ISKlImbNAAZktE7iZLQ7ACkAdvg8WktKQTPkWBGpUWrIF9VPkSlefBieLCXPFeyhWwedX6m4a8KQfwIAAADGUgAAADFoAQeZAnXYaCmJwJWNO3o4S-U9NrcjyvFLCYrkeJnmhTOSzxv1kmRwiep4iizRi77GOAOoUt7KkbbikgHCmToQgzh2LoKyoV1LA8OOVxZsU8EgAda1UIRaZxqMep9bsiMMBMNij-gZp5dcsDod9ZXPVmC5F9ROTU6VKWGm4BPl5EuRiiSihVcOhKDYNahRQpCV4ylXtuGXfFRintSGHArJCx3s7BhXVOWzFMOP9C2AxUypW2rJJJAw3RUh00eFJsjCAli3tihbaI90wznKZzjSMMuqU1AuhdjbQM9avKe89_INjLQXK9SxUPXamf1SyEkMyCzhVY86ZaaPoiNPa-7256Fmye8Vxu4xnjAcJXlqeKFl3C_x56TNmwVI5WnWYyJ7_rZAQFmCl1LOCQEK6jj_U_s7yaM3kztmukGY7pzAXOOHxAUg4egD-eAanQOwZrRod2mLaq6UCrHrKwb5I-Cyn0c-kcgeWOFe77OyabghyS7d8Tlf5TO1k_XYBCV_5jRiWAc9ys66EFIGphlVsckPHpGVPEASLWBqz4GsfEP8_oiEOqvpI_3K4MrPQHNYC5nwD8RP_nOnIDocAR5A-4HXFw-qJiJBA9o2-4-yCWqZI_VIPY-YaE8FXkEnGY_ZG31juoFpK6o3vuSSnTQKbGSUYJkZlGDxZitXFFG-8ztICKyzEGL8AQitihH3C9VpSWrFBFEmeA2Ka3-63MR5G_yYUIesV0YPEP92Iw4vWq9dKTYStUr-5ICJpGum8gZFtuPAX0sswfm4p4RX5UgNzChMEp4jjLTzsMZpRc59vOMLSXoPQgW2y9DdpKIGF_Wh1KioEdrGeXpGgNSqsg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Jun 2021 15:39:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
Redirect Chain
  • https://www.facebook.com/tr/?id=187952941924941&ev=PageView&dl=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-r...
  • https://www.facebook.com/tr/?cd[segment_eid]=E5Z5CE3QIZFWDO32KJIMW5&coo=false&dl=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-mul...
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?cd[segment_eid]=E5Z5CE3QIZFWDO32KJIMW5&coo=false&dl=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&dpo=LDU&dpoco=0&dpost=0&ec=0&ev=PageView&fbp=fb.1.1624376392424.653814402&id=187952941924941&if=false&it=1624376392341&o=29&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1624376392438&v=2.9.41
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:39:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 22 Jun 2021 15:39:52 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Jun 2021 15:39:52 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/plain
location
/tr/?cd[segment_eid]=E5Z5CE3QIZFWDO32KJIMW5&coo=false&dl=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html%3Forigin%3DBHRE%26utm_source%3DBHRE%26utm_medium%3Demail%26utm_content%3Dnewsletter%26oly_enc_id%3D3514E0597189F5X&dpo=LDU&dpoco=0&dpost=0&ec=0&ev=PageView&fbp=fb.1.1624376392424.653814402&id=187952941924941&if=false&it=1624376392341&o=29&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1624376392438&v=2.9.41
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
0
event.gif
referrer.disqus.com/juggler/ Frame C680
43 B
295 B
Image
General
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=724&event=init_embed&thread=8606536404&forum=beckershospitalreview&forum_id=293602&imp=40vs4401nh6f60&prev_imp&thread_slug=uvm_health_still_calculating_losses_8_months_after_multimillion_dollar_ransomware_attack&user_type=anon&referrer=https%3A%2F%2Fwww.beckershospitalreview.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=beckershospitalreview&t_i=184686&t_u=https%3A%2F%2Fwww.beckershospitalreview.com%2Fcybersecurity%2Fuvm-health-still-calculating-losses-8-months-after-multimillion-dollar-ransomware-attack.html&t_d=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&t_t=%0A%09%09UVM%20Health%20still%20calculating%20losses%208%20months%20after%20multimillion-dollar%20ransomware%20attack&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:39:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Cookie set loading.do
beckers.dragonforms.com/ Frame 07C7
6 KB
3 KB
Document
General
Full URL
https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalreview&pk=modal
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.190 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
e4d8a44d5b27c967d3d75b3c5ad36424aa42862614c06fa7fcc7c85d9e1d7ae7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
beckers.dragonforms.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.beckershospitalreview.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.beckershospitalreview.com/

Response headers

X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Access-Control-Allow-Origin
*
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 22 Jun 2021 15:40:02 GMT
Server
Apache
Set-Cookie
JSESSIONID=A76FB85CFC83996A4BEAD4F6E7081918; Path=/; Secure; HttpOnly; SameSite=None; Secure
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked
imp
olytics.omeda.com/olytics/segments/
20 B
313 B
XHR
General
Full URL
https://olytics.omeda.com/olytics/segments/imp
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.beckershospitalreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 22 Jun 2021 15:40:02 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
imp
olytics.omeda.com/olytics/segments/ Frame
0
0
Preflight
General
Full URL
https://olytics.omeda.com/olytics/segments/imp
Protocol
HTTP/1.1
Server
204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.beckershospitalreview.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
*
vary
Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers
access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length
0
Date
Tue, 22 Jun 2021 15:40:02 GMT
Server
Apache
entity_313b.css
cdn.omeda.com/hosted/images/dragon/generic/313/ Frame 07C7
19 KB
19 KB
Stylesheet
General
Full URL
https://cdn.omeda.com/hosted/images/dragon/generic/313/entity_313b.css
Requested by
Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalreview&pk=modal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.162.42.5 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
a33614a196d3854d7d068b3d73dca4806956c548d1ae3163bcd8e0b7664a2ed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beckers.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 17:40:02 CEST
X-Content-Type-Options
nosniff
Last-Modified
Fri, 22 Nov 2019 15:51:34 CET
Server
Apache
ETag
W/"19161-1574434294960"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
jquery-2.2.4.min.js
code.jquery.com/ Frame 07C7
84 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalreview&pk=modal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Origin
https://beckers.dragonforms.com
Referer
https://beckers.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:40:03 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 17:24:41 GMT
server
nginx
etag
W/"573f4859-14e4a"
vary
Accept-Encoding
x-hw
1624376403.dop108.fr8.t,1624376403.cds236.fr8.hn,1624376403.cds130.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29811
conditional.js
beckers.dragonforms.com/js/ Frame 07C7
29 KB
30 KB
Script
General
Full URL
https://beckers.dragonforms.com/js/conditional.js
Requested by
Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalreview&pk=modal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.190 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
7297c608d44e255007694db97401f6cd4758de6f5f38b1899fb4460f010e8991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalreview&pk=modal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:40:02 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 14 Jun 2021 17:24:13 GMT
Server
Apache
ETag
W/"30165-1623691453494"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
dragonCampaign.js
beckers.dragonforms.com/js/ Frame 07C7
10 KB
11 KB
Script
General
Full URL
https://beckers.dragonforms.com/js/dragonCampaign.js
Requested by
Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalreview&pk=modal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.190 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
194d3b5284770fa2863a0b20b8d2c34631db795bf83a60e2ca0186605d3ec4ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalreview&pk=modal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:40:02 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 27 May 2021 20:21:50 GMT
Server
Apache
ETag
W/"10703-1622146910000"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
generic.css
beckers.dragonforms.com/style/ Frame 07C7
2 KB
1 KB
Stylesheet
General
Full URL
https://beckers.dragonforms.com/style/generic.css
Requested by
Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalreview&pk=modal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.190 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
b503e65557497bf0f6579322f35f52363d376fc7602a1ad59302cc111c794040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalreview&pk=modal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:40:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 09 Apr 2021 14:05:34 GMT
Server
Apache
ETag
W/"1744-1617977134000"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
7.css
cdn.omeda.com/hosted/images/dragon/12392/ Frame 07C7
1 KB
1 KB
Stylesheet
General
Full URL
https://cdn.omeda.com/hosted/images/dragon/12392/7.css
Requested by
Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalreview&pk=modal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.162.42.5 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
b7c138acc2227685057654a924b404684aa0f6f9ff58f6e252cf040052a4bcf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beckers.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 17:40:03 CEST
X-Content-Type-Options
nosniff
Last-Modified
Thu, 12 Mar 2020 22:26:26 CET
Server
Apache
ETag
W/"1047-1584048386910"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
217.gif
cdn.omedastaging.com/hosted/images/dragon/generic/ Frame 07C7
9 KB
9 KB
Image
General
Full URL
https://cdn.omedastaging.com/hosted/images/dragon/generic/217.gif
Requested by
Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalreview&pk=modal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.10.197.53 , United States, ASN394968 (QTS-CHI, US),
Reverse DNS
Software
Apache /
Resource Hash
056dd44aece96c67e45ba421d734f125e1497bbdb3b70194b7aadb8a68d10085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beckers.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:40:04 GMT
Via
1.1 ID-0000605166710030 uproxy-3
X-Content-Type-Options
nosniff
Last-Modified
Thu, 25 Aug 2016 18:45:04 GMT
Server
Apache
ETag
W/"8851-1472150704000"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Connection
Keep-alive
Accept-Ranges
bytes
Content-Length
8851
X-XSS-Protection
1; mode=block
olyticsLinkAssistance.js
beckers.dragonforms.com/js/ Frame 07C7
4 KB
4 KB
Script
General
Full URL
https://beckers.dragonforms.com/js/olyticsLinkAssistance.js
Requested by
Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalreview&pk=modal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.190 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
f88e771cd7aeeb1241c61b165090b9d197534d937e2bd53a62631a738439a2e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalreview&pk=modal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:40:03 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 16 Nov 2018 20:46:06 GMT
Server
Apache
ETag
W/"3961-1542401166000"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
gtm.js
www.googletagmanager.com/ Frame 07C7
84 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MV5SCJ
Requested by
Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalreview&pk=modal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1d95e06c17afd35922cc3eb8589a0247590e34410a9758b36e303b94fc46e7d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://beckers.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:40:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33777
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 22 Jun 2021 15:40:04 GMT
olytics.min.js
olytics.omeda.com/olytics/js/v3/p/ Frame 07C7
272 KB
73 KB
Script
General
Full URL
https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Requested by
Host: beckers.dragonforms.com
URL: https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalreview&pk=modal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
48efd3ffcce3f31594f761b662b64baf4c0a2a8f4b2a8798a7ec5575ba365c93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beckers.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:40:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 05 May 2021 16:06:56 GMT
Server
Apache
ETag
W/"278905-1620230816000"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Accept-Ranges
bytes
vary
accept-encoding
X-XSS-Protection
1; mode=block
Expires
Tue, 22 Jun 2021 21:40:04 GMT
evaluateConditionalContent.do;jsessionid=A76FB85CFC83996A4BEAD4F6E7081918
beckers.dragonforms.com/ Frame 07C7
180 B
440 B
XHR
General
Full URL
https://beckers.dragonforms.com/evaluateConditionalContent.do;jsessionid=A76FB85CFC83996A4BEAD4F6E7081918?demo14226=modal&demo14227=&demo14230=&demo14246=&demo14229=&opt14231=1&dragon_pagenumber=1&jsessionid=A76FB85CFC83996A4BEAD4F6E7081918&timestemp=1624376404047
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.190 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
7b68f1c5740bd22df0a8b2412c1c6dccbeb10a177f1b7e88034a01981676e190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalreview&pk=modal
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:40:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
text/x-json;charset=ISO-8859-1
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
evaluateConditionalContent.do;jsessionid=A76FB85CFC83996A4BEAD4F6E7081918
beckers.dragonforms.com/ Frame 07C7
180 B
440 B
XHR
General
Full URL
https://beckers.dragonforms.com/evaluateConditionalContent.do;jsessionid=A76FB85CFC83996A4BEAD4F6E7081918?demo14226=modal&demo14227=&demo14230=&demo14246=&demo14229=&opt14231=1&dragon_pagenumber=1&jsessionid=A76FB85CFC83996A4BEAD4F6E7081918&timestemp=1624376404060
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.190 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
7b68f1c5740bd22df0a8b2412c1c6dccbeb10a177f1b7e88034a01981676e190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://beckers.dragonforms.com/loading.do?omedasite=NL_hospitalreview&pk=modal
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Jun 2021 15:40:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
text/x-json;charset=ISO-8859-1
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
analytics.js
www.google-analytics.com/ Frame 07C7
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV5SCJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://beckers.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
4524
date
Tue, 22 Jun 2021 14:24:40 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Tue, 22 Jun 2021 16:24:40 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 07C7
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beckers.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Jun 2021 15:40:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
255747752990914736
vary
Accept-Encoding, Origin
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private, max-age=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 22 Jun 2021 15:40:04 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 07C7
0
0
Fetch
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beckers.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:40:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"909 / 634 of 1000 / last-modified: 1624360325"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 22 Jun 2021 15:40:04 GMT
p
olytics.omeda.com/olytics/segments/ Frame
0
0
Preflight
General
Full URL
https://olytics.omeda.com/olytics/segments/p
Protocol
HTTP/1.1
Server
204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://beckers.dragonforms.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
*
vary
Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers
access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length
0
Date
Tue, 22 Jun 2021 15:40:05 GMT
Server
Apache
cswitch
olytics.omeda.com/olytics/segments/ Frame
0
0
Preflight
General
Full URL
https://olytics.omeda.com/olytics/segments/cswitch
Protocol
HTTP/1.1
Server
204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://beckers.dragonforms.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
*
vary
Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers
access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length
0
Date
Tue, 22 Jun 2021 15:40:04 GMT
Server
Apache
p
olytics.omeda.com/olytics/segments/ Frame 07C7
0
197 B
XHR
General
Full URL
https://olytics.omeda.com/olytics/segments/p
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beckers.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Jun 2021 15:40:05 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
cswitch
olytics.omeda.com/olytics/segments/ Frame 07C7
95 B
388 B
XHR
General
Full URL
https://olytics.omeda.com/olytics/segments/cswitch
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
ae8f0c8503684d65936c82c6511d94a2dd1abbde991fc21e0e94596523fb8e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beckers.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 22 Jun 2021 15:40:05 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

210 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async string| google_user_agent_client_hint undefined| $ function| jQuery string| articleText object| utterance number| speechSequence function| getRelatedArticles function| getRelatedHubSpotArticles function| getFeaturedAssets function| getLatestArticles function| toggleArticleSpeech function| clickPlayButton function| setCookie function| getCookie boolean| boolFacebookLoaded object| googletag object| arrDFPAds function| processLinkedInResponse function| getLinkedInSubscriptionURL string| method number| olyPubAdsAttempts string| strTargeting function| omedaDFPTargeting function| jqDoubleClick function| associateOmeda function| jqSearch function| openSearchLink function| jqHubspot function| jqMisc function| cleanupSocialIcons object| olytics object| a function| olyticsDfpSegments object| Sharect function| bindToWindowOnError object| globalRoot function| hns object| hubspot object| hbspt object| __hsRoot object| hspreserve undefined| React undefined| reqwest function| OutpostErrorReporter undefined| Pikaday function| hns2 function| hmerge undefined| I18n undefined| ReactDOM undefined| require undefined| requirejs undefined| define undefined| exports undefined| module undefined| bootstrap function| gtag object| dataLayer function| google_spfd number| google_unique_id object| google_sv_map object| google_tag_manager function| jQueryGet string| category function| jQueryScroller object| scrollingDivLeaderTop number| fullArticleWrapperTop number| fullArticleWrapperHeight boolean| isExtended number| leaderboardHeight number| switched function| disqus_config function| jQueryCookie object| expDate object| google_tag_data string| GoogleAnalyticsObject function| ga object| PARSELY string| adroll_adv_id string| adroll_pix_id object| __core-js_shared__ object| Sslac object| IN object| __twttrll object| twttr object| __twttr object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_image_requests function| loginfacebook function| checkLoginState function| ConnectAPI function| statusChangeCallback function| fbAsyncInit object| HSFR function| hs_reqwest_0 function| hs_reqwest_1 function| hs_reqwest_2 function| hs_reqwest_3 function| setImmediate function| clearImmediate function| normalize object| DISQUS object| gaplugins object| gaData object| strCookieTargeting string| t number| intDFPAdCounter function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| FB object| org function| getQueryParamValue function| FlashObject function| SWFObject object| reviveAsync boolean| __adroll_loaded boolean| _hstc_ran object| _hsp string| __hsUserToken number| expireDateTime object| e object| GoogleGcLKhOms string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback boolean| _hspb_ran boolean| _hspb_loaded boolean| hubspot_live_messages_running object| HubSpotConversations boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars object| adroll_exp_list string| adroll_seg_eid function| fbq function| _fbq

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.beckershospitalreview.com/ Name: __gads
Value: ID=2704f74c2b3ee6e1:T=1624376390:S=ALNI_MbFUMkGhKnLr3x8jUYbAJBPivz2DA

3 Console Messages

Source Level URL
Text
console-api log URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js(Line 46)
Message:
olytics fire called
console-api log URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js(Line 46)
Message:
personalization impression sent
console-api log URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js(Line 46)
Message:
bad id set:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

651919a5e1205433fe222fbf8057c66f.safeframe.googlesyndication.com
a.disquscdn.com
accounts.google.com
ads.asccommunications.com
ads.yahoo.com
adservice.google.com
adservice.google.de
api.hubspot.com
apis.google.com
beckers.dragonforms.com
beckershealthcare-news.com
beckershospitalreview.disqus.com
c.disquscdn.com
cdn.omeda.com
cdn.omedastaging.com
cdn.parsely.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
disqus.com
dsum-sec.casalemedia.com
eb2.3lift.com
forms.hsforms.com
googleads.g.doubleclick.net
ib.adnxs.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hsforms.net
js.usemessages.com
olytics.omeda.com
oqs.omeda.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.rubiconproject.com
platform.linkedin.com
platform.twitter.com
processor.asccommunications.com
processor2.asccommunications.com
referrer.disqus.com
s.adroll.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
srv-2021-06-22-15.pixel.parsely.com
ssl.gstatic.com
static.xx.fbcdn.net
sync.outbrain.com
sync.taboola.com
syndication.twitter.com
tpc.googlesyndication.com
track.hubspot.com
us-u.openx.net
web.facebook.com
www.beckershospitalreview.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.244.42.136
141.226.228.48
142.250.184.194
142.250.184.226
151.101.114.49
151.101.64.134
185.33.221.90
185.64.189.110
199.232.196.134
2.18.234.21
2001:4de0:ac18::1:a:2b
204.180.130.159
204.180.130.165
204.180.130.190
205.162.40.203
205.162.42.5
209.10.197.53
209.59.186.75
2600:9000:20eb:2e00:6:8656:f5c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:5505
2606:4700::6811:45b0
2606:4700::6811:b649
2606:4700::6811:d2cc
2606:4700::6811:eecc
2606:4700::6812:15bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1288:80:800::7001
2a00:1450:4001:809::2001
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200d
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a02:26f0:6c00::210:ba0a
2a02:26f0:6c00::210:bac8
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.231.207.29
34.98.64.218
35.157.13.31
35.157.83.29
50.28.99.4
52.28.254.214
54.74.23.153
64.202.112.191
65.9.86.61
67.227.242.177
69.173.144.138
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0345e48ed4fdd1ca080f30e2e64a8c71b3c8c030ce618222ee64be5f8cc7f635
056dd44aece96c67e45ba421d734f125e1497bbdb3b70194b7aadb8a68d10085
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
092c0eee57e58ed2b1614b0acc5aeb05ef405223798273713807a50921cd105f
0d915e966efd772bb319b6b978c296ea8b8ad81aaf89473e77e8ee564ef0dde9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16eb3771501078a5c2b3c0b1c09fd127abc7dc2e945526dce9c5ce5f3b8e8e2e
17b988bc33e2b6c542f866ef473aaa3d20a9d4536a1ca636c061c5011a5ac5a1
17cf427ba20868c2784ba770e1803247a4ba5e2fc146838fa82a9c8ee8070252
17f6dadfd5311a88dc6b5d1dd92a47a6c3702124aef9ed4c7bd5dbeb1af07eb3
194d3b5284770fa2863a0b20b8d2c34631db795bf83a60e2ca0186605d3ec4ff
1ba384334a639e358d6aae725ea3c0c2f44b39d2ecb80a5d973140b7f35fdcfa
1d7a802b8e9e175ebe671d6c3989d75576acae8fbff407650f59902cbeab3b1d
1d95e06c17afd35922cc3eb8589a0247590e34410a9758b36e303b94fc46e7d6
1f277f83d1bda3610ead4e313b359ed71b0ebae1e3e55d23f6abefc495bdef10
2025b295509745f39f42f941f1f806395a81e23e146febbff2e85e00df651b93
202a3810fa1d7df99b9626b34749c435963b52323ac83d11b62ff4f5b2e8971d
203463c75609758683760d6408ad7a2ff73146bc7891686a945fc2b57652b182
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
24a3c7c4cad84c95ad73b83e4bcaff7541d25240dc20a7877e673a2c07a94c4b
2525a053afb82960b8732adebd48ccd860f316e06bccd8cdd80c033ce28a59b2
259954dff3175b8bca160966f22eebe099569123d4c5cd8e87f73649e125f5da
26f273c0ccff1e1ce776a6a9d2d2a8c223fe9ac9a66cf569a51c4ba6dadcc0a4
28bcb4f0306800cf4c3706d53203e0d016f6493cbb70043b819bf5f4a48d4e0c
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
331edd262a621226fd3a6d823d72603beadf6d183222316fafa1b4c66ff6df3a
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
388906152967f639b6aa0e48c8cd9b7c536aa9a9484393754cfb6f14b178c8a5
38fe54b023383b7dc6d509138a7720632a0e5ff3df402a4c06ee412231867b2b
3e6e5680fede60b7cdc0e8c50334aff500bf62bcaa228c0656a2f8c9da482f4c
415af85578780d4f196d497d908374a3787ffd72c4d4f57547031f0293235664
42a1b3c6455657f873e9e2ce0c2f4a644865629c8ff92ba33b74fab0233bb8a2
44333b43b6193e3b13ea2d8253464ac87b5a13b51df406a1e2f3d8498da38db0
483cc9a5ece5c92d5a2f1ea6e92e7f8bc29844a6c06bf36c0349d70334685dc7
48ee7a6f0d169f0f02832b2fc8d56ee3ef45d8f2865346deef4404506b1ad3ab
48efd3ffcce3f31594f761b662b64baf4c0a2a8f4b2a8798a7ec5575ba365c93
490407845cbcf0b8b85cef4e0b80de6777ee5473b8840a83c7e555cb3484309e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef94413c47856f116c379bcf4c9aa2d0c7134fbcfd3f163cda41753777f94cc
4f1cd5683319e039a90798160fcea90ffa82d2a677f5c4b685134a795ebc9e0c
4f6d7104c4b1bff7d332b38563da725674273217ff0fcd5f8122c88b1ce7279a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58adbe7ac38ae3a6e7e1e283abced34aacf45c9c487f4fec193ad01c5655e231
58e8635e959ce8b5383dcbf9dd50fda2f6a0aeef426760854dfdb2548a3b77fb
5cf1164ecb46421e80ba72e18c8846f265ea2a5acc0aa0887bb4bc34a4925dbc
5f6592d446d11744a9d56fa9417d2e55eff24afc2024b13a1646787eafca1243
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6449898e8b0c4047b3ff73d3274e616acc3849f6c5fad709ffa8010f91bdb4a5
66dc84eff4279521a92d581a7d875df3382a15620944aee348c0fac4b87646f1
68330f6767efe4ea90f23cb4bb722810d19758395bc24f59c7c893c0d4ae69ce
68f74d0f0eb403e3cc1d1fcb8c6ae1fbff51f80ff0d326b01777e2cf724f207a
6911172eb21d970b18d95601dcc7aca00d5a15d484990847409133012f46f7a2
6963499aab5ee1eae71b078d0576ac74a910dfd8090553b83241374224543fc7
6a86f12a4d41b4c741fd4a16cc523cfd2061d4333e6f3ca5b49a176986fcf539
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d2d7df168329692db78d767ec9d036acf3a8c5504fbe6100b963f0dad3d5503
70e5cb6d8593a2ca27ef1b7873962ca558ddfbf9c1d597aed663505b214abede
7297c608d44e255007694db97401f6cd4758de6f5f38b1899fb4460f010e8991
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
78e80319fa9c41e8168c0f2a6e3a858fed6894fedc5229f8b02333f888dca4fb
79b6930e7d0346690a9c7ef8cef674239579b7b77f9535fa82ae26151574af93
7b68f1c5740bd22df0a8b2412c1c6dccbeb10a177f1b7e88034a01981676e190
7f4c190c68007d80dd9091fe41dda8f19945f8352b7c9af4f961fefc681e0772
8b85e9af1927bb7e92829d026f9f3b4854d24e6f942235e5931e390ac54a490f
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
8fed0359a978607741335672c13815cef49036c52f9d3c3173d365840a967ccb
9165e8f802b50149128cde0b8667caba5650927edc320316d953866ba2a66ecb
9635ad3e2adde96b3834f68f7b8ff03121082b244e842c24413cbbdb89342994
9ac3d5c3304b0bea0841274d96097a2ce348bc46e544499ef4e9803211816638
9b85726dffc772c161231ea3f834d412a77116ff75150749aad4dc3162e47ad1
9d278154d35e2ec203d3962c36e4851f33df583b44fa750362983805411652b3
9d2ef0a0c4dd09893e5685bc0aaddede0f7f2eb297c61c5bf0f6e047bea6b804
a04dc65730d3624eb34c304548dcf1ab841c048ca5c76e450596e8c3ba47e7b7
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a33614a196d3854d7d068b3d73dca4806956c548d1ae3163bcd8e0b7664a2ed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a627bd64ca5cccaeb42f0a7e11052abd2f4701c8349571c75b0764a0bda0bf1d
a8514815057a4d15936c3384c2b41d43856ae6ca0d7822545fed34e32bd4eb2f
a88f91e8d23c1d485aff76f635a59a4a809435e22afbdf75ace116ca39b502c1
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae8f0c8503684d65936c82c6511d94a2dd1abbde991fc21e0e94596523fb8e0c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b503e65557497bf0f6579322f35f52363d376fc7602a1ad59302cc111c794040
b7c138acc2227685057654a924b404684aa0f6f9ff58f6e252cf040052a4bcf9
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba75bc48a61a8ee5902376e52742b30a527fb65d122a5cc0295badd0893468d
bcc90325186dd57c77d4f8453e1b76475130e5c2f24e41a666ff480048f7e204
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c004ca481416c1de5fe683927bb8d80176af55e735b5a5e9a44454880e55e742
c0a2bf926df755006dd2ae8c6c8d051bfaaec3d022e95693b5515162264bc81e
c229a3c6b9f670214b7efebe7f39502f57924293431e92dd72173adf1dddda43
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c66f25b855381ad71142f71958713f7543796d20d6f42d7c6d4629a5130b26a7
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d17c5960d10953cc9057006480986d62c352bfd9fa78db9cf222307b414bc747
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d3622dbac9efe07bb1e3f118f078261eee2bdd19e125a926f3d3546268d931b6
d5b0629c1d7b5bb99a7cca82669320a5bdfb0f73c868d101511ecd191c86eccc
d635525e019c41dc7afd21e3dfb2e44af7b53470fd648b0b40d05ff2098fc4d8
d993da21f665c2de3ee71ae2e6844e58109b578b6529e529e2bf60b6496934d4
da9f8a71fd29620e2eee0e639d983e22a84f269cfda511ac377046d2287a31fa
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d
de21a3bf5e8307091b5c72e71ce53900869e0c797882986999a3c8097a1316b6
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
dfb8f00b4846926f6fe0a8c4b8cc20aa01aaac5a5c93b2a0910b9d8dc69cce30
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88
e395bde854ccf04efc18ddbcf638f9d2a14057a7007ec90df078c3e14531d79e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d8a44d5b27c967d3d75b3c5ad36424aa42862614c06fa7fcc7c85d9e1d7ae7
e654b41c3ca0f782a3c2ccc5a2a7a8f77f3bcf928789501b9cb742e9de137ebf
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
ea36e0ae829a1787f304bafbbfa15b5b46896ba5e0149f800f6ed8c9767aa0f4
eb2b3b9f43e5c1a21f68db51c5125ab31a9f1959851452ca6acb5e4a18486fcf
ee97deb871f1fdc91ff3363932be46c0fe0a3cc7e72f7d297c0fb229afd37e87
eea4ac1d9ce2e035c5810e6b8d764e24b86d236c49a1fe42d098a07a9845525b
eef1608d745098c7ef5e84ca4b5b57243c7e428fa35c93841914a41a1e17707d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f88e771cd7aeeb1241c61b165090b9d197534d937e2bd53a62631a738439a2e6
fd785b496be76627d74f94e7b15bc7b88fa9c4b1a09179d21b4b91e9d2d110f3
fd9c695fff1864ba3d750e1a0302e7f09bc52f5d5623bb85fdf24f2d72d1f8f7