www.southernohiohealthsystemsdatabreachsettlement.com Open in urlscan Pro
52.250.107.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://url73.cptgroup.com/ls/click?upn=qrTW5hsmc-2B2MZ6rLdP09tiN04hqdTLLtLH75s7odksJv-2BSNBWsSfZ68Re5SwEcVQX8HTlCxGn34gNL9...
Effective URL:
https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn
Submission: On November 07 via api (November 7th 2022, 4:58:39 pm UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 16 HTTP transactions. The main IP is 52.250.107.62, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.southernohiohealthsystemsdatabreachsettlement.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 3rd 2022. Valid for: 2 months.

This is the only time www.southernohiohealthsystemsdatabreachsettlement.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.56 167.89.115.56	11377 (SENDGRID) (SENDGRID)
7	52.250.107.62 52.250.107.62	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
5	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	52.36.158.64 52.36.158.64	16509 (AMAZON-02) (AMAZON-02)
16	5

1 167.89.115.56 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x56.outbound-mail.sendgrid.net

url73.cptgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.250.107.62 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.southernohiohealthsystemsdatabreachsettlement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.36.158.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-158-64.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	southernohiohealthsystemsdatabreachsettlement.com www.southernohiohealthsystemsdatabreachsettlement.com	76 KB
6	userway.org cdn.userway.org — Cisco Umbrella Rank: 7919 api.userway.org — Cisco Umbrella Rank: 8158	41 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1510	48 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 959	30 KB
1	cptgroup.com 1 redirects url73.cptgroup.com	270 B
16	5

	Domain	Requested by
7	www.southernohiohealthsystemsdatabreachsettlement.com	www.southernohiohealthsystemsdatabreachsettlement.com
5	cdn.userway.org	www.southernohiohealthsystemsdatabreachsettlement.com cdn.userway.org
2	use.fontawesome.com	www.southernohiohealthsystemsdatabreachsettlement.com use.fontawesome.com
1	api.userway.org	cdn.userway.org
1	code.jquery.com	www.southernohiohealthsystemsdatabreachsettlement.com
1	url73.cptgroup.com	1 redirects
16	6

This site contains links to these domains. Also see Links.

Domain
www.cptgroup.com
assets.website-files.com

Subject Issuer	Validity	Valid
sco.cptgroupreissues.com Go Daddy Secure Certificate Authority - G2	`2022-11-03` - `2023-01-08`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2022-10-24` - `2023-01-22`	3 months	crt.sh
api.userway.org Amazon	`2022-10-02` - `2023-10-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn
Frame ID: C0E49B1A3000ECA766C56394C7B2FFA9
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In - Southern Ohio Health Systems Data Breach

Page URL History Show full URLs

http://url73.cptgroup.com/ls/click?upn=qrTW5hsmc-2B2MZ6rLdP09tiN04hqdTLLtLH75s7odksJv-2BSNBWsSfZ68Re5S... HTTP 302
https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

195 kB
Transfer

562 kB
Size

2
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cptgroup.com/

Search URL Search Domain Scan URL

URL: https://www.cptgroup.com/wp-content/uploads/2019/06/CPT-Group-Website-Privacy-Policy-2019.pdf
Title: Learn More

Search URL Search Domain Scan URL

URL: https://assets.website-files.com/6202b0ef5ef47925ca787026/624646e8b2773947fa3a7349_CPT-Group-Website-TOU-2019.pdf
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://assets.website-files.com/6202b0ef5ef47925ca787026/6246473f6466e55b41518a15_CPT-Group-Website-Privacy-Policy-2019.pdf
Title: Privacy

Search URL Search Domain Scan URL

URL: https://assets.website-files.com/6202b0ef5ef47925ca787026/624647699d683dc8bf7a9313_CPT-Accessibility-Statement-2019.pdf
Title: Accessibility

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://url73.cptgroup.com/ls/click?upn=qrTW5hsmc-2B2MZ6rLdP09tiN04hqdTLLtLH75s7odksJv-2BSNBWsSfZ68Re5SwEcVQX8HTlCxGn34gNL9mVsF4PLvdqg6wM2YnCB5jfY6gkFU-3DMMsl_6abpKqb7vLu-2BpQDrKIJijR20YQfArLED-2BdH6Hs26Lz14ThtLrQpxuyxq3IWcj3AapZg-2BWTzifnb97V2KVj8FTu-2Ffq3zkXFX5dCVXTytmi6DGtR6dzAH2PRMZeFh5Msr0g1FX9JaF7YvXOwk92tD5M2WyrsQp-2B4QSz5D4TIYaUkM4aeFCf8jJ87xEvYaPnmdxxYKOF86JuH4WXA4uopPxpeB5OmfGKAN-2Fx5fVI1ZqoyzgO8hMbeldvy2CayrxngILV-2FR9gZbKvzmUvEgv5ZV43BNBxoDRYrwMALkRmiStukkovv9WwnjEaXVOEFFWsxhSjtB6r6jU4vo-2FMJ6A5B7njmojWbh9H2MLzafM1735Od2-2BgUAlvDgBtD6QelHODQgGiMTX5QZxd-2BxVtINrFdW5uju70hNABw8Suwh6d-2BHEBggDxueseZshaf1XutmwN-2FIMefAIu2XsMOzUolkCsiEdknLEQA5mnznbZ77bl1-2By1X2mvhdCjh8PtRdUpig-2Frhj2S1QS3JvPfDAm5Cg2MWBfW-2BW3SAiUxwOMdwPyaGaR4L5p4-2F5o-2FBmZxOtlcL5L-2FFoSq0DtklgTzD7g5pDrrfeBLazC04RUIbynrdZ0Lun2FQBMRhXf0ZorXeKyVUOi3BVnzT-2BVeKJm79FITeK3a8zRJzHNFKOjJAlJcHCcLZyRV2rEVZazRycKxxm1AbTC7GWdZVc76a4FhuhRlBLE4RiiytN2tkaNUx5bOVqXQFgDZP9pehw8bMexuDS0Rh5dTIIAMurVb8CkIl3zqkorBN5rWvENh5BM-2B25vsbfiBoaitwpsmXO8kQzAsAcDgJC4fD1CN52WstfEugpIDVI0RoXopjullmGae4ojNLGczI9OkVc2CkG9T5d8Ch0jZbkLETALBKtAOhaCfrS9NPjWkMJIc5cAYxic5IrXzJkhRO8cLcA-3D HTTP 302
https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request LogIn Show response
www.southernohiohealthsystemsdatabreachsettlement.com/
Redirect Chain

http://url73.cptgroup.com/ls/click?upn=qrTW5hsmc-2B2MZ6rLdP09tiN04hqdTLLtLH75s7odksJv-2BSNBWsSfZ68Re5SwEcVQX8HTlCxGn34gNL9mVsF4PLvdqg6wM2YnCB5jfY6gkFU-3DMMsl_6abpKqb7vLu-2BpQDrKIJijR20YQfArLED-2BdH...
https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn

12 KB
12 KB

516ms
166ms

Document
text/html

52.250.107.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.250.107.62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

36025df306ba37dfe5c06f9523984b7d66185f2083887fb3e618bfe49bdc489a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-length: 11978
content-type: text/html; charset=utf-8
date: Mon, 07 Nov 2022 16:58:33 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

Redirect headers

Connection: keep-alive
Content-Length: 90
Content-Type: text/html; charset=utf-8
Date: Mon, 07 Nov 2022 16:58:33 GMT
Location: https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 userWay.js Show response
www.southernohiohealthsystemsdatabreachsettlement.com/Scripts/ 876 B
971 B 166ms
164ms Script
application/javascript 52.250.107.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/Scripts/userWay.js
Requested by: Host: www.southernohiohealthsystemsdatabreachsettlement.com
URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.250.107.62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5bb4957fac9e2297dcf133e9554d2f0c42caa9faa76c02fe0f251a307c5d6d24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:58:33 GMT
last-modified: Mon, 12 Sep 2022 21:17:30 GMT
server: Microsoft-IIS/10.0
etag: "ccc8311edc6d81:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 876

GET
H2 200 bootstrap.min.css
www.southernohiohealthsystemsdatabreachsettlement.com/assets/bootstrap-5.1.3-dist/css/ 160 KB
23 KB 164ms
162ms Stylesheet
text/css 52.250.107.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/assets/bootstrap-5.1.3-dist/css/bootstrap.min.css
Requested by: Host: www.southernohiohealthsystemsdatabreachsettlement.com
URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.250.107.62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:58:33 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 21:16:44 GMT
server: Microsoft-IIS/10.0
etag: "08673f5ecc6d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 23803

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.8/css/ 35 KB
8 KB 78ms
58ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.8/css/all.css
Requested by: Host: www.southernohiohealthsystemsdatabreachsettlement.com
URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.southernohiohealthsystemsdatabreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:58:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: YTRC96TKD4QDT3PF
age: 1342850
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: f113XOBCK8RQxNO3w1DW4rQgSutn+tz2AheGWIQJkoI1LNj+Ge7xaojMVW2slP13ZmZLacl6oWo=
last-modified: Wed, 30 Jun 2021 15:28:03 GMT
server: cloudflare
etag: W/"265a36ec650d63e307e611cdf14d9b89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4b%2FrW9FQ9eqntr6kOd8fQqCV0kC%2F8v4l0mg8XGlI8PLYGF18DSQErN5Yva7Wj8QNBcvuRolKyomgtCEvpgLD8lyr9hzZreKkbwpLSWxWUw5Vt%2F1i2oTxMrGYg1VCS6nz8JRlk%2FUHH%2ByW1JEQ5%2BDI%2BqAY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 76679d4c38de9213-FRA

GET
H2 200 Site.css
www.southernohiohealthsystemsdatabreachsettlement.com/Content/ 3 KB
1 KB 164ms
164ms Stylesheet
text/css 52.250.107.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/Content/Site.css
Requested by: Host: www.southernohiohealthsystemsdatabreachsettlement.com
URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.250.107.62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 91f1fd896b420cf3a9fc073051da6ee0d04602dcf89cc04da167ed8494988b18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:58:33 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 21:17:02 GMT
server: Microsoft-IIS/10.0
etag: "01b2e0edc6d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 946

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 854ms
321ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: www.southernohiohealthsystemsdatabreachsettlement.com
URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://www.southernohiohealthsystemsdatabreachsettlement.com/
Origin: https://www.southernohiohealthsystemsdatabreachsettlement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:58:34 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1667840314.dop156.fr8.t,1667840314.cds056.fr8.hn,1667840314.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 CPT-Logo-PNG-24-sticky-x2.png
www.southernohiohealthsystemsdatabreachsettlement.com/images/ 16 KB
16 KB 164ms
164ms Image
image/png 52.250.107.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/images/CPT-Logo-PNG-24-sticky-x2.png
Requested by: Host: www.southernohiohealthsystemsdatabreachsettlement.com
URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.250.107.62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3e66fdd1510144464c746c5ff2650825fa7a2acbffef5a08f552b6fa55c90f15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:58:33 GMT
last-modified: Mon, 12 Sep 2022 21:17:14 GMT
server: Microsoft-IIS/10.0
etag: "cf805e7edc6d81:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 15885

GET
H2 200 bootstrap.bundle.min.js Show response
www.southernohiohealthsystemsdatabreachsettlement.com/assets/bootstrap-5.1.3-dist/js/ 76 KB
23 KB 163ms
163ms Script
application/javascript 52.250.107.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/assets/bootstrap-5.1.3-dist/js/bootstrap.bundle.min.js
Requested by: Host: www.southernohiohealthsystemsdatabreachsettlement.com
URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.250.107.62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:58:33 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 21:16:53 GMT
server: Microsoft-IIS/10.0
etag: "80d0d0faecc6d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 23079

GET
H2 200 cookiePopUp.js Show response
www.southernohiohealthsystemsdatabreachsettlement.com/Scripts/ 514 B
592 B 163ms
162ms Script
application/javascript 52.250.107.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/Scripts/cookiePopUp.js
Requested by: Host: www.southernohiohealthsystemsdatabreachsettlement.com
URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.250.107.62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0e4a7d0d0911cdac5634b2bf41bee20987c635e84e4b18197f249c50512ef81b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.southernohiohealthsystemsdatabreachsettlement.com/LogIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:58:33 GMT
last-modified: Mon, 12 Sep 2022 21:17:25 GMT
server: Microsoft-IIS/10.0
etag: "60ba4eeedc6d81:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 514

GET
H2 200 widget.js Show response
cdn.userway.org/ 1 KB
1 KB 62ms
13ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www.southernohiohealthsystemsdatabreachsettlement.com
URL: https://www.southernohiohealthsystemsdatabreachsettlement.com/Scripts/userWay.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0991fef79e46138a282d0b02762f1b1a05bbeae3130fae2d5fcfaa61fbca0fec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.southernohiohealthsystemsdatabreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 07 Nov 2022 16:58:34 GMT
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 1656
x-cache: HIT
x-77-cache: HIT
x-age: 1037
x-77-nzt: AZySIRlowJj/DQQAAA
x-accel-expires: @1667842877
last-modified: Thu, 27 Oct 2022 14:03:37 GMT
server: CDN77-Turbo
etag: W/"f6d9107435dceeee39467a0f5464cb90"
x-77-nzt-ray: ffffffff494887513a3969637a44e139
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
vary: Accept-Encoding
x-amz-cf-id: l6DwzRAH7uQ6sZX5vEOEwh7eF54qr9X0a-9HYQSD_pDIfW32RRvoKg==

GET
H2 200 widget_app_base_1666879255587.js Show response
cdn.userway.org/widgetapp/2022-10-27/ 127 KB
35 KB 27ms
27ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-10-27/widget_app_base_1666879255587.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5a930c08497411867d6492692e0b73eacf0795b92ff56a3d180678439fdf9fda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.southernohiohealthsystemsdatabreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 07 Nov 2022 16:58:34 GMT
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 259
x-cache: HIT
x-77-cache: HIT
x-age: 959801
x-77-nzt: AZySIRkHy8P/OaUOAA
x-accel-expires: @1692800513
last-modified: Thu, 27 Oct 2022 14:03:35 GMT
server: CDN77-Turbo
etag: W/"34d63df83bbfb056ba92a08acdb1dbfe"
x-77-nzt-ray: ffffffff494887513a396963d8fdd83a
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: dx2bG_Rkoqw9Gxfe1cDiOxKD_VxXId2exgnAvuyp8WncHoPgEO6WPA==

POST
H2 200 p9jns5i7PB Show response
api.userway.org/api/tunings/ 922 B
1 KB 517ms
171ms XHR
application/json 52.36.158.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/p9jns5i7PB
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-10-27/widget_app_base_1666879255587.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.158.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-158-64.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 206bc65ce84da52e1345e4b52bf2b60be3fb4248ffb9ec2ad6b970a023bb5c7a

Request headers

Referer: https://www.southernohiohealthsystemsdatabreachsettlement.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 07 Nov 2022 16:58:35 GMT
etag: W/"39a-ZP3AvTmIn4aucLqZxm7n09E7LlY"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr41424c42c8b84ea
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers: *
content-length: 922
x-service-version: uw-pr

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.8/webfonts/ 39 KB
40 KB 36ms
21ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.8/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.8/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3

Request headers

Referer: https://use.fontawesome.com/releases/v5.0.8/css/all.css
Origin: https://www.southernohiohealthsystemsdatabreachsettlement.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:58:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TVKPCBB7M6VAKV62
age: 218
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40148
x-amz-id-2: VPLjdA4JrmTh5CVvNe2MMTL2q6yXAL7ANxHUXgHgSyQ9fMeq78TGwFP2BQ0sK540FzB73QfbRCE=
last-modified: Wed, 30 Jun 2021 15:28:16 GMT
server: cloudflare
etag: "0ab54153eeeca0ce03978cc463b257f7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kauVDI4M42BTNv1YsKwljU1CE5M1BSqIlSZNL9vgdrsgTfiUSAKq9c6oJ7wUrhb3%2B%2BmgrYdMQDcztT2lB78cdqJ81ASValk%2FdecxVfERI0MWGXM5U50gUxVJ6hMyI5NrgWXoTHWYkmtKhSMS0Y%2BjYzoo"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 76679d51afe668f2-FRA

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2022-10-27/locales/ 433 B
851 B 50ms
13ms XHR
application/json 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-10-27/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-10-27/widget_app_base_1666879255587.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 695918800576ee63a085fc0121165a8725777162e76eec8740e67355358f6e89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.southernohiohealthsystemsdatabreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 07 Nov 2022 16:58:35 GMT
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 208
x-cache: HIT
x-77-cache: HIT
x-age: 972508
x-77-nzt: AZySIRnw3Bj/3NYOAA
x-accel-expires: @1692787807
last-modified: Thu, 27 Oct 2022 10:25:31 GMT
server: CDN77-Turbo
etag: W/"0c4b53012957584c54e80867ff489590"
x-77-nzt-ray: ffffffff984bbe5d3b396963a46b7023
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: https://www.southernohiohealthsystemsdatabreachsettlement.com
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Origin
x-amz-cf-id: s7oXQTrqqWSugeVY0qUhR3Feujzfy84wp6l-Le3UgmzOt1yNHtYfxw==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
1 KB 15ms
13ms Image
image/svg+xml 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.southernohiohealthsystemsdatabreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 07 Nov 2022 16:58:36 GMT
via: 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: FRA60-P3
age: 10
x-cache: HIT
x-77-cache: HIT
x-age: 8834896
x-77-nzt: AZySIRnLmXP/UM+GAA
x-accel-expires: @1684925420
last-modified: Sun, 17 Jul 2022 17:46:41 GMT
server: CDN77-Turbo
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray: ffffffff494887513c39696305d31605
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
x-amz-cf-id: H-VQUjAl4IGSPquNdGq0oi0eFQ_1YvaL0IRWN9NLlNgmOUSaJVon0w==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 16ms
14ms Image
image/svg+xml 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.southernohiohealthsystemsdatabreachsettlement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 07 Nov 2022 16:58:36 GMT
via: 1.1 f06c87fa57d0c9fd7439d7fdbd148c62.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: FRA60-P3
age: 10
x-cache: HIT
x-77-cache: HIT
x-age: 8834896
x-77-nzt: AZySIRksOlb/UM+GAA
x-accel-expires: @1684925420
last-modified: Sun, 17 Jul 2022 17:46:41 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: ffffffff494887513c396963a9012005
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: 81P8OlNBAwN1lsWY4Z4-QCsOY_Z3dc9IIF0e2uDohqzDIgy_Lx5SHg==

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.southernohiohealthsystemsdatabreachsettlement.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: g2tvz0w0dymtn0c1bbrijxrn
			www.southernohiohealthsystemsdatabreachsettlement.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: s9o2PupEo0bMwRQfFvXgmM2tC6Ix8uYrqTMrqMor2N8zIAc3_Daxk_EpnsY1_j4Mrm_gg0fVduOxaoew6ZFtLnj10XC0Q1TdXkTgBTv3D4k1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
cdn.userway.org
code.jquery.com
url73.cptgroup.com
use.fontawesome.com
www.southernohiohealthsystemsdatabreachsettlement.com
167.89.115.56
2001:4de0:ac18::1:a:3a
2606:4700:e2::ac40:840f
2a02:6ea0:c700::18
52.250.107.62
52.36.158.64
0991fef79e46138a282d0b02762f1b1a05bbeae3130fae2d5fcfaa61fbca0fec
0e4a7d0d0911cdac5634b2bf41bee20987c635e84e4b18197f249c50512ef81b
206bc65ce84da52e1345e4b52bf2b60be3fb4248ffb9ec2ad6b970a023bb5c7a
36025df306ba37dfe5c06f9523984b7d66185f2083887fb3e618bfe49bdc489a
3e66fdd1510144464c746c5ff2650825fa7a2acbffef5a08f552b6fa55c90f15
4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
5a930c08497411867d6492692e0b73eacf0795b92ff56a3d180678439fdf9fda
5bb4957fac9e2297dcf133e9554d2f0c42caa9faa76c02fe0f251a307c5d6d24
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
695918800576ee63a085fc0121165a8725777162e76eec8740e67355358f6e89
91f1fd896b420cf3a9fc073051da6ee0d04602dcf89cc04da167ed8494988b18
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.southernohiohealthsystemsdatabreachsettlement.com Open in urlscan Pro 52.250.107.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

50 %IPv6

5 Domains

6 Subdomains

5 IPs

3 Countries

195 kBTransfer

562 kBSize

2 Cookies

5 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

www.southernohiohealthsystemsdatabreachsettlement.com Open in urlscan Pro
52.250.107.62 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

195 kB
Transfer

562 kB
Size

2
Cookies

16 HTTP transactions
0 data transactions