www.southernohiohealthsystemsdatabreachsettlement.com Open in urlscan Pro
52.250.107.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://url73.cptgroup.com/ls/click?upn=qrTW5hsmc-2B2MZ6rLdP09tiN04hqdTLLtLH75s7odksJv-2BSNBWsSfZ68Re5SwEcVQX8HTlCxGn34gNL9...
Effective URL:
https://www.southernohiohealthsystemsdatabreachsettlement.com/
Submission: On November 07 via api (November 7th 2022, 4:55:09 pm UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 16 HTTP transactions. The main IP is 52.250.107.62, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.southernohiohealthsystemsdatabreachsettlement.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 3rd 2022. Valid for: 2 months.

This is the only time www.southernohiohealthsystemsdatabreachsettlement.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.52 167.89.118.52	11377 (SENDGRID) (SENDGRID)
7	52.250.107.62 52.250.107.62	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
5	2a02:6ea0:c70... 2a02:6ea0:c700::20	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.83.235.189 35.83.235.189	16509 (AMAZON-02) (AMAZON-02)
16	5

1 167.89.118.52 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x52.outbound-mail.sendgrid.net

url73.cptgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.250.107.62 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.southernohiohealthsystemsdatabreachsettlement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6ea0:c700::20 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.83.235.189 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-83-235-189.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	southernohiohealthsystemsdatabreachsettlement.com www.southernohiohealthsystemsdatabreachsettlement.com	82 KB
6	userway.org cdn.userway.org — Cisco Umbrella Rank: 7919 api.userway.org — Cisco Umbrella Rank: 8158	41 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1510	48 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 959	30 KB
1	cptgroup.com 1 redirects url73.cptgroup.com	265 B
16	5

	Domain	Requested by
7	www.southernohiohealthsystemsdatabreachsettlement.com	www.southernohiohealthsystemsdatabreachsettlement.com
5	cdn.userway.org	www.southernohiohealthsystemsdatabreachsettlement.com cdn.userway.org
2	use.fontawesome.com	www.southernohiohealthsystemsdatabreachsettlement.com use.fontawesome.com
1	api.userway.org	cdn.userway.org
1	code.jquery.com	www.southernohiohealthsystemsdatabreachsettlement.com
1	url73.cptgroup.com	1 redirects
16	6

This site contains links to these domains. Also see Links.

Domain
www.cptgroup.com
assets.website-files.com

Subject Issuer	Validity	Valid
sco.cptgroupreissues.com Go Daddy Secure Certificate Authority - G2	`2022-11-03` - `2023-01-08`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2022-10-24` - `2023-01-22`	3 months	crt.sh
api.userway.org Amazon	`2022-10-02` - `2023-10-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.southernohiohealthsystemsdatabreachsettlement.com/
Frame ID: 59016B0FA6C19A0B8CD1957945377E8A
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home Page - Southern Ohio Health Systems Data Breach

Page URL History Show full URLs

http://url73.cptgroup.com/ls/click?upn=qrTW5hsmc-2B2MZ6rLdP09tiN04hqdTLLtLH75s7odksJv-2BSNBWsSfZ68Re5S... HTTP 302
https://www.southernohiohealthsystemsdatabreachsettlement.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

201 kB
Transfer

567 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cptgroup.com/

Search URL Search Domain Scan URL

URL: https://www.cptgroup.com/wp-content/uploads/2019/06/CPT-Group-Website-Privacy-Policy-2019.pdf
Title: Learn More

Search URL Search Domain Scan URL

URL: https://assets.website-files.com/6202b0ef5ef47925ca787026/624646e8b2773947fa3a7349_CPT-Group-Website-TOU-2019.pdf
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://assets.website-files.com/6202b0ef5ef47925ca787026/6246473f6466e55b41518a15_CPT-Group-Website-Privacy-Policy-2019.pdf
Title: Privacy

Search URL Search Domain Scan URL

URL: https://assets.website-files.com/6202b0ef5ef47925ca787026/624647699d683dc8bf7a9313_CPT-Accessibility-Statement-2019.pdf
Title: Accessibility

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://url73.cptgroup.com/ls/click?upn=qrTW5hsmc-2B2MZ6rLdP09tiN04hqdTLLtLH75s7odksJv-2BSNBWsSfZ68Re5SwEcVQX8HTlCxGn34gNL9mVsF4PB-2Booa-2BWZMqew8crVhfE1kk-3DgAWv_6abpKqb7vLu-2BpQDrKIJijR20YQfArLED-2BdH6Hs26Lz14ThtLrQpxuyxq3IWcj3AapZg-2BWTzifnb97V2KVj8FTu-2Ffq3zkXFX5dCVXTytmi6DGtR6dzAH2PRMZeFh5Msr0g1FX9JaF7YvXOwk92tD5M2WyrsQp-2B4QSz5D4TIYaUkM4aeFCf8jJ87xEvYaPnmdxxYKOF86JuH4WXA4uopPxpeB5OmfGKAN-2Fx5fVI1ZqoyzgO8hMbeldvy2CayrxngILV-2FR9gZbKvzmUvEgv5ZV43BNBxoDRYrwMALkRmiStukkovv9WwnjEaXVOEFFWsxhSjtB6r6jU4vo-2FMJ6A5B7njmojWbh9H2MLzafM1735Od2-2BgUAlvDgBtD6QelHODQgGiMTX5QZxd-2BxVtINrFdW5uju70hNABw8Suwh6d-2BHEBggDxueseZshaf1XutmwN-2FIMefAIu2XsMOzUolkCsiEdknLEQA5mnznbZ77bl1-2By1X2mvhdCjh8PtRdUpig-2Frhj2S1QS3JvPfDAm5Cg2MWBfW-2BW3SAiUxwOMdwPyaGaR4L5p4-2F5o-2FBmZxOtlcL5L-2FFoSq0DtklgTzD7g5pDrrfeBLazC04RUIbynrdZ0Lun2FQBMRhXf0ZorXeKyVUOi3BVnzT-2BVeKJm79FITeK3a8zRJzHNFKOjJAlJcHCcLZyRV2rEVZazRycKxxm1AbTC7GWdZVc76a4FhuhRlBLE4RiiytN2tkaNUx5bOVqXQFgDZP9pehw8bMexuDS0Rh5dTIIAMurVb8CkIl3zqkorBN5rWoTH6LrwzECbDTwetTHNzLWcxwwombRkNPFVK2s-2FShRsTj-2Fguje-2BpFylyDcpynZgLA444-2B1DT15flWIfrMD-2Bl8YPUZ3QKbyFgwN7vpFei3Ig3E1gPxp2pGupbiNlvnUcHp1BBfqfGqEHbtqjm1TKZY4-3D HTTP 302
https://www.southernohiohealthsystemsdatabreachsettlement.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.southernohiohealthsystemsdatabreachsettlement.com/ Redirect Chain http://url73.cptgroup.com/ls/click?upn=qrTW5hsmc-2B2MZ6rLdP09tiN04hqdTLLtLH75s7odksJv-2BSNBWsSfZ68Re5SwEcVQX8HTlCxGn34gNL9mVsF4PB-2Booa-2BWZMqew8crVhfE1kk-3DgAWv_6abpKqb7vLu-2BpQDrKIJijR20YQfArLED-... https://www.southernohiohealthsystemsdatabreachsettlement.com/	17 KB 17 KB	616ms 175ms	Document text/html	52.250.107.62 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.southernohiohealthsystemsdatabreachsettlement.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.250.107.62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `1772d3b00f82ae824427e8b1d87e23f08a267e12d4e37dab56681b62b5722942` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private content-length 17636 content-type text/html; charset=utf-8 date Mon, 07 Nov 2022 16:55:03 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-aspnetmvc-version 5.2 x-powered-by ASP.NET Redirect headers Connection keep-alive Content-Length 85 Content-Type text/html; charset=utf-8 Date Mon, 07 Nov 2022 16:55:02 GMT Location https://www.southernohiohealthsystemsdatabreachsettlement.com/ Server nginx X-Robots-Tag noindex, nofollow
GET H2	200	userWay.js Show response www.southernohiohealthsystemsdatabreachsettlement.com/Scripts/	876 B 976 B	173ms 171ms	Script application/javascript	52.250.107.62 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.southernohiohealthsystemsdatabreachsettlement.com/Scripts/userWay.js Requested by Host: www.southernohiohealthsystemsdatabreachsettlement.com URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.250.107.62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `5bb4957fac9e2297dcf133e9554d2f0c42caa9faa76c02fe0f251a307c5d6d24` Request headers accept-language de-DE,de;q=0.9 Referer https://www.southernohiohealthsystemsdatabreachsettlement.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 16:55:03 GMT last-modified Mon, 12 Sep 2022 21:17:30 GMT server Microsoft-IIS/10.0 etag "ccc8311edc6d81:0" x-powered-by ASP.NET content-type application/javascript accept-ranges bytes content-length 876
GET H2	200	bootstrap.min.css www.southernohiohealthsystemsdatabreachsettlement.com/assets/bootstrap-5.1.3-dist/css/	160 KB 23 KB	175ms 173ms	Stylesheet text/css	52.250.107.62 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.southernohiohealthsystemsdatabreachsettlement.com/assets/bootstrap-5.1.3-dist/css/bootstrap.min.css Requested by Host: www.southernohiohealthsystemsdatabreachsettlement.com URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.250.107.62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab` Request headers accept-language de-DE,de;q=0.9 Referer https://www.southernohiohealthsystemsdatabreachsettlement.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 16:55:03 GMT content-encoding gzip last-modified Mon, 12 Sep 2022 21:16:44 GMT server Microsoft-IIS/10.0 etag "08673f5ecc6d81:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 23803
GET H2	200	all.css use.fontawesome.com/releases/v5.0.8/css/	35 KB 8 KB	90ms 28ms	Stylesheet text/css	2606:4700:e2::ac40:850f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.0.8/css/all.css Requested by Host: www.southernohiohealthsystemsdatabreachsettlement.com URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181` Request headers accept-language de-DE,de;q=0.9 Referer https://www.southernohiohealthsystemsdatabreachsettlement.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 16:55:03 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id NWFR92DYWVB6K2X2 age 21775153 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 nyJZLOw4aCHbqI5/TSv8Ry+RD0bd5Yw3s1xfAfFekQUNj8ZSnuo/G/sSOgVyHGVH3RJJLQyE5+c= last-modified Wed, 30 Jun 2021 15:28:03 GMT server cloudflare etag W/"265a36ec650d63e307e611cdf14d9b89" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDi9%2B6Dyq32zWFyp45dlHzj03QIBDDOPPJLVp0vQNYJa4tFDKyA7l6oBwdnwUlwUoWnFjAto6k92lPZEAN4n3bKnGpT28AWrbGPGn0qNIq5o9CjGJIlnZDjdUmjGdm5%2Bh%2FFKjjabJfUPA%2FUfI5EAfsI%2B"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31556926 cf-ray 766798271d419159-FRA
GET H2	200	Site.css www.southernohiohealthsystemsdatabreachsettlement.com/Content/	3 KB 1 KB	176ms 175ms	Stylesheet text/css	52.250.107.62 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.southernohiohealthsystemsdatabreachsettlement.com/Content/Site.css Requested by Host: www.southernohiohealthsystemsdatabreachsettlement.com URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.250.107.62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `91f1fd896b420cf3a9fc073051da6ee0d04602dcf89cc04da167ed8494988b18` Request headers accept-language de-DE,de;q=0.9 Referer https://www.southernohiohealthsystemsdatabreachsettlement.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 16:55:03 GMT content-encoding gzip last-modified Mon, 12 Sep 2022 21:17:02 GMT server Microsoft-IIS/10.0 etag "01b2e0edc6d81:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 946
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	1738ms 1247ms	Script application/javascript	2001:4de0:ac18::1:a:3b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: www.southernohiohealthsystemsdatabreachsettlement.com URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash `ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e` Request headers Referer https://www.southernohiohealthsystemsdatabreachsettlement.com/ Origin https://www.southernohiohealthsystemsdatabreachsettlement.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 16:55:04 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-15d9d" vary Accept-Encoding x-hw 1667840104.dop051.fr8.t,1667840104.cds137.fr8.hn,1667840104.cds144.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30875
GET H2	200	CPT-Logo-PNG-24-sticky-x2.png www.southernohiohealthsystemsdatabreachsettlement.com/images/	16 KB 16 KB	172ms 172ms	Image image/png	52.250.107.62 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.southernohiohealthsystemsdatabreachsettlement.com/images/CPT-Logo-PNG-24-sticky-x2.png Requested by Host: www.southernohiohealthsystemsdatabreachsettlement.com URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.250.107.62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `3e66fdd1510144464c746c5ff2650825fa7a2acbffef5a08f552b6fa55c90f15` Request headers accept-language de-DE,de;q=0.9 Referer https://www.southernohiohealthsystemsdatabreachsettlement.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 16:55:03 GMT last-modified Mon, 12 Sep 2022 21:17:14 GMT server Microsoft-IIS/10.0 etag "cf805e7edc6d81:0" x-powered-by ASP.NET content-type image/png accept-ranges bytes content-length 15885
GET H2	200	bootstrap.bundle.min.js Show response www.southernohiohealthsystemsdatabreachsettlement.com/assets/bootstrap-5.1.3-dist/js/	76 KB 23 KB	172ms 172ms	Script application/javascript	52.250.107.62 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.southernohiohealthsystemsdatabreachsettlement.com/assets/bootstrap-5.1.3-dist/js/bootstrap.bundle.min.js Requested by Host: www.southernohiohealthsystemsdatabreachsettlement.com URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.250.107.62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3` Request headers accept-language de-DE,de;q=0.9 Referer https://www.southernohiohealthsystemsdatabreachsettlement.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 16:55:03 GMT content-encoding gzip last-modified Mon, 12 Sep 2022 21:16:53 GMT server Microsoft-IIS/10.0 etag "80d0d0faecc6d81:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 23079
GET H2	200	cookiePopUp.js Show response www.southernohiohealthsystemsdatabreachsettlement.com/Scripts/	514 B 592 B	174ms 174ms	Script application/javascript	52.250.107.62 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.southernohiohealthsystemsdatabreachsettlement.com/Scripts/cookiePopUp.js Requested by Host: www.southernohiohealthsystemsdatabreachsettlement.com URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.250.107.62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `0e4a7d0d0911cdac5634b2bf41bee20987c635e84e4b18197f249c50512ef81b` Request headers accept-language de-DE,de;q=0.9 Referer https://www.southernohiohealthsystemsdatabreachsettlement.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 16:55:03 GMT last-modified Mon, 12 Sep 2022 21:17:25 GMT server Microsoft-IIS/10.0 etag "60ba4eeedc6d81:0" x-powered-by ASP.NET content-type application/javascript accept-ranges bytes content-length 514
GET H2	200	widget.js Show response cdn.userway.org/	1 KB 1 KB	113ms 16ms	Script application/javascript	2a02:6ea0:c700::20 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widget.js Requested by Host: www.southernohiohealthsystemsdatabreachsettlement.com URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/Scripts/userWay.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `0991fef79e46138a282d0b02762f1b1a05bbeae3130fae2d5fcfaa61fbca0fec` Request headers accept-language de-DE,de;q=0.9 Referer https://www.southernohiohealthsystemsdatabreachsettlement.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-77-pop frankfurtDE date Mon, 07 Nov 2022 16:55:04 GMT via 1.1 c76f57c516237f120f723cde4dab446e.cloudfront.net (CloudFront) content-encoding br x-amz-cf-pop PRG50-C1 age 1657 x-cache HIT x-77-cache HIT x-age 852 x-77-nzt AdRmOI3txmf/VAMAAA x-accel-expires @1667842852 last-modified Thu, 27 Oct 2022 14:03:37 GMT server CDN77-Turbo etag W/"f6d9107435dceeee39467a0f5464cb90" x-77-nzt-ray KAIz7dbYGig access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, POST, DELETE content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=3600, public vary Accept-Encoding x-amz-cf-id IhjEcpkCv5z_gYUkRAolbdFnVmgDZ3Z4bVc9UId7-3K4Nic38V4new==
GET H2	200	widget_app_base_1666879255587.js Show response cdn.userway.org/widgetapp/2022-10-27/	127 KB 35 KB	31ms 31ms	Script application/javascript	2a02:6ea0:c700::20 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widgetapp/2022-10-27/widget_app_base_1666879255587.js Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `5a930c08497411867d6492692e0b73eacf0795b92ff56a3d180678439fdf9fda` Request headers accept-language de-DE,de;q=0.9 Referer https://www.southernohiohealthsystemsdatabreachsettlement.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-77-pop frankfurtDE date Mon, 07 Nov 2022 16:55:04 GMT via 1.1 7cfba11baf6016eafce83142b99c8ff8.cloudfront.net (CloudFront) content-encoding br x-amz-cf-pop PRG50-C1 age 259 x-cache HIT x-77-cache HIT x-age 959591 x-77-nzt AdRmOI3RCMb/Z6QOAA x-accel-expires @1692800513 last-modified Thu, 27 Oct 2022 14:03:35 GMT server CDN77-Turbo etag W/"34d63df83bbfb056ba92a08acdb1dbfe" x-77-nzt-ray 2BYMgMYDKxs access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, POST, DELETE content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public vary Accept-Encoding x-amz-cf-id boXTgLytb6zhLmCXfSXnX9JiUlVXkVwkFjosGr4uAfoQ0EnvA9Psdw==
POST H2	200	p9jns5i7PB Show response api.userway.org/api/tunings/	922 B 1 KB	782ms 403ms	XHR application/json	35.83.235.189 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.userway.org/api/tunings/p9jns5i7PB Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2022-10-27/widget_app_base_1666879255587.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.83.235.189 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-83-235-189.us-west-2.compute.amazonaws.com Software / Resource Hash `206bc65ce84da52e1345e4b52bf2b60be3fb4248ffb9ec2ad6b970a023bb5c7a` Request headers Referer https://www.southernohiohealthsystemsdatabreachsettlement.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 07 Nov 2022 16:55:05 GMT etag W/"39a-ZP3AvTmIn4aucLqZxm7n09E7LlY" access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, PATCH, POST, DELETE content-type application/json; charset=utf-8 access-control-allow-origin * x-service-request-id usr90f20b73e98a49d access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type access-control-allow-headers * content-length 922 x-service-version uw-pr
GET H2	200	en-US.json Show response cdn.userway.org/widgetapp/2022-10-27/locales/	433 B 836 B	52ms 15ms	XHR application/json	2a02:6ea0:c700::20 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widgetapp/2022-10-27/locales/en-US.json Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widgetapp/2022-10-27/widget_app_base_1666879255587.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `695918800576ee63a085fc0121165a8725777162e76eec8740e67355358f6e89` Request headers accept-language de-DE,de;q=0.9 Referer https://www.southernohiohealthsystemsdatabreachsettlement.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-77-pop frankfurtDE date Mon, 07 Nov 2022 16:55:05 GMT via 1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront) content-encoding br x-amz-cf-pop PRG50-C1 age 202 x-cache HIT x-77-cache HIT x-age 972304 x-77-nzt AdRmOI21C6D/ENYOAA x-accel-expires @1692787801 last-modified Thu, 27 Oct 2022 10:25:31 GMT server CDN77-Turbo etag W/"0c4b53012957584c54e80867ff489590" x-77-nzt-ray oZTfi/d3l8A access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, POST, DELETE content-type application/json access-control-allow-origin https://www.southernohiohealthsystemsdatabreachsettlement.com access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public vary Origin x-amz-cf-id rz4X-jO1yQD_za9hva5wLuSVcv22mtSRJ_2q1WSZCn_OKnTGV3yQ0Q==
GET H2	200	fa-solid-900.woff2 use.fontawesome.com/releases/v5.0.8/webfonts/	39 KB 40 KB	279ms 235ms	Font font/woff2	2606:4700:e2::ac40:850f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.0.8/webfonts/fa-solid-900.woff2 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/releases/v5.0.8/css/all.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3` Request headers Referer https://use.fontawesome.com/releases/v5.0.8/css/all.css Origin https://www.southernohiohealthsystemsdatabreachsettlement.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Mon, 07 Nov 2022 16:55:05 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id DCHCETFW6SW8J1XZ alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 40148 x-amz-id-2 CEWAchhkC4QQegitQled0F1Klgo7W+C9lEccxjrhyuOWIS/jV6aS20JhKP7QsDyKi8taFJjLRUo= last-modified Wed, 30 Jun 2021 15:28:16 GMT server cloudflare etag "0ab54153eeeca0ce03978cc463b257f7" access-control-max-age 3000 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nVuh8rptmRl%2B2iK%2BxVbPvNLHPCBLl9Riac68ySaJ5HNUt9eDdiAzBcm0Nr7YejsxNBnD6nqA8eI2xk9NYSOmwoS0bWvQ5HNR1ENnHsfK%2Bk72WjIPBGvOKZW%2BDK%2BxyeQnvMpIq%2BRUDbG5XFFOpE1RS9B"}],"group":"cf-nel","max_age":604800} vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cache-control max-age=31556926 accept-ranges bytes cf-ray 76679832297cb398-MUC
GET H2	200	body_wh.svg cdn.userway.org/widgetapp/images/	931 B 1 KB	41ms 40ms	Image image/svg+xml	2a02:6ea0:c700::20 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.userway.org/widgetapp/images/body_wh.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad` Request headers accept-language de-DE,de;q=0.9 Referer https://www.southernohiohealthsystemsdatabreachsettlement.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-77-pop frankfurtDE date Mon, 07 Nov 2022 16:55:05 GMT via 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront) content-encoding br x-amz-cf-pop AMS1-C1 age 3 x-cache HIT x-77-cache HIT x-age 8834692 x-77-nzt AdRmOI07DSD/hM6GAA x-accel-expires @1684925413 last-modified Sun, 17 Jul 2022 17:46:41 GMT server CDN77-Turbo etag W/"2ec2767a3bb93656fb9b75c893d7be75" x-77-nzt-ray jNGT8OXcGGk access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, POST, DELETE content-type image/svg+xml access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public x-amz-cf-id 2oaf2HYe4igm_CiCzjgbkGD6pY2cJhE_q5V9XPcBp2lHzhz0xAm2JQ==
GET H2	200	spin_wh.svg cdn.userway.org/widgetapp/images/	2 KB 1 KB	41ms 41ms	Image image/svg+xml	2a02:6ea0:c700::20 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.userway.org/widgetapp/images/spin_wh.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c` Request headers accept-language de-DE,de;q=0.9 Referer https://www.southernohiohealthsystemsdatabreachsettlement.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-77-pop frankfurtDE date Mon, 07 Nov 2022 16:55:05 GMT via 1.1 bdba42cf1410fb617eeb4ffd3e0b9cb6.cloudfront.net (CloudFront) content-encoding br x-amz-cf-pop AMS1-C1 age 3 x-cache HIT x-77-cache HIT x-age 8834692 x-77-nzt AdRmOI05wDz/hM6GAA x-accel-expires @1684925413 last-modified Sun, 17 Jul 2022 17:46:41 GMT server CDN77-Turbo etag W/"8e0a35946bf39d10f46a1f1653366a0a" x-77-nzt-ray bpa9cccFU+k access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, POST, DELETE content-type image/svg+xml access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public vary Accept-Encoding x-amz-cf-id 1cq3R4QjqLqj1NJOP4-HgT5U2n9RlMTmEmII5uebIqEgeI9_3OQ9UQ==

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.southernohiohealthsystemsdatabreachsettlement.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: uvo1y4r0k5fxhxeaiojfhtpg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
cdn.userway.org
code.jquery.com
url73.cptgroup.com
use.fontawesome.com
www.southernohiohealthsystemsdatabreachsettlement.com
167.89.118.52
2001:4de0:ac18::1:a:3b
2606:4700:e2::ac40:850f
2a02:6ea0:c700::20
35.83.235.189
52.250.107.62
0991fef79e46138a282d0b02762f1b1a05bbeae3130fae2d5fcfaa61fbca0fec
0e4a7d0d0911cdac5634b2bf41bee20987c635e84e4b18197f249c50512ef81b
1772d3b00f82ae824427e8b1d87e23f08a267e12d4e37dab56681b62b5722942
206bc65ce84da52e1345e4b52bf2b60be3fb4248ffb9ec2ad6b970a023bb5c7a
3e66fdd1510144464c746c5ff2650825fa7a2acbffef5a08f552b6fa55c90f15
4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
5a930c08497411867d6492692e0b73eacf0795b92ff56a3d180678439fdf9fda
5bb4957fac9e2297dcf133e9554d2f0c42caa9faa76c02fe0f251a307c5d6d24
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
695918800576ee63a085fc0121165a8725777162e76eec8740e67355358f6e89
91f1fd896b420cf3a9fc073051da6ee0d04602dcf89cc04da167ed8494988b18
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.southernohiohealthsystemsdatabreachsettlement.com Open in urlscan Pro 52.250.107.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

50 %IPv6

5 Domains

6 Subdomains

5 IPs

3 Countries

201 kBTransfer

567 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

1 Cookies

Indicators

www.southernohiohealthsystemsdatabreachsettlement.com Open in urlscan Pro
52.250.107.62 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

201 kB
Transfer

567 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions