www.hipaajournal.com Open in urlscan Pro
64.91.246.83 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Submission: On May 20 via api (May 20th 2019, 6:05:43 am UTC) from CH

Summary HTTP 145 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 25 domains to perform 145 HTTP transactions. The main IP is 64.91.246.83, located in Lansing, United States and belongs to LIQUIDWEB - Liquid Web, L.L.C, US. The main domain is www.hipaajournal.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 13th 2019. Valid for: 3 months.

This is the only time www.hipaajournal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 52	64.91.246.83 64.91.246.83	32244 (LIQUIDWEB) (LIQUIDWEB - Liquid Web)
2	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2606:4700::68... 2606:4700::6810:9f6a	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
7	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
7	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
44	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER - Twitter Inc.)
1 3	35.241.35.127 35.241.35.127	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
7 8	54.228.197.102 54.228.197.102	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	54.93.132.148 54.93.132.148	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	213.19.162.90 213.19.162.90	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
7 8	46.51.181.97 46.51.181.97	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	151.101.2.2 151.101.2.2	54113 (FASTLY) (FASTLY - Fastly)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1 2	52.29.21.152 52.29.21.152	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1288:110... 2a00:1288:110:833::4000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	18.153.11.18 18.153.11.18	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	37.252.173.62 37.252.173.62	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	34.95.92.78 34.95.92.78	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
2 2	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE - Google LLC)
145	28

52 64.91.246.83 (Lansing, United States) 1 redirects

ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)

www.hipaajournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:9f6a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ece88010.infusionsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.241.35.127 (Ascension Island) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 127.35.241.35.bc.googleusercontent.com

ece88010.infusionsoft.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.40 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.228.197.102 (Dublin, Ireland) 7 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-228-197-102.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.132.148 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-93-132-148.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.90 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 46.51.181.97 (Dublin, Ireland) 7 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-46-51-181-97.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.2 (United States)

ASN54113 (FASTLY - Fastly, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.21.152 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-21-152.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:833::4000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.153.11.18 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-18.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.62 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.92.78 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 78.92.95.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (Amsterdam, Netherlands) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.34 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	hipaajournal.com 1 redirects www.hipaajournal.com	601 KB
44	twimg.com cdn.syndication.twimg.com pbs.twimg.com ton.twimg.com	1 MB
18	adroll.com 14 redirects s.adroll.com d.adroll.com	22 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	116 KB
7	gstatic.com fonts.gstatic.com	79 KB
4	facebook.net connect.facebook.net	128 KB
3	infusionsoft.app 1 redirects ece88010.infusionsoft.app	423 B
3	facebook.com www.facebook.com	444 B
3	wp.com s0.wp.com stats.wp.com pixel.wp.com	6 KB
3	infusionsoft.com ece88010.infusionsoft.com	6 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net	866 B
2	openx.net 1 redirects us-u.openx.net	599 B
2	bidswitch.net 1 redirects x.bidswitch.net	1 KB
2	3lift.com 1 redirects eb2.3lift.com	696 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	advertising.com 1 redirects pixel.advertising.com	646 B
2	google-analytics.com www.google-analytics.com	18 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	rlcdn.com idsync.rlcdn.com	62 B
1	adnxs.com ib.adnxs.com	851 B
1	yahoo.com ads.yahoo.com	341 B
1	taboola.com trc.taboola.com	215 B
1	pubmatic.com simage2.pubmatic.com	817 B
1	outbrain.com sync.outbrain.com	351 B
1	rubiconproject.com pixel.rubiconproject.com	371 B
145	25

	Domain	Requested by
52	www.hipaajournal.com	1 redirects www.hipaajournal.com platform.twitter.com
41	pbs.twimg.com	www.hipaajournal.com platform.twitter.com
16	d.adroll.com	14 redirects s.adroll.com
7	platform.twitter.com	www.hipaajournal.com platform.twitter.com
7	fonts.gstatic.com	www.hipaajournal.com
4	connect.facebook.net	www.hipaajournal.com connect.facebook.net
3	ece88010.infusionsoft.app	1 redirects ece88010.infusionsoft.com
3	www.facebook.com	www.hipaajournal.com connect.facebook.net
3	ece88010.infusionsoft.com	www.hipaajournal.com
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	pixel.advertising.com	1 redirects
2	s.adroll.com	www.hipaajournal.com
2	ton.twimg.com	platform.twitter.com
2	syndication.twitter.com	1 redirects www.hipaajournal.com
2	www.google-analytics.com	www.hipaajournal.com
2	fonts.googleapis.com	www.hipaajournal.com
1	idsync.rlcdn.com
1	ib.adnxs.com
1	ads.yahoo.com
1	trc.taboola.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	pixel.rubiconproject.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	pixel.wp.com	www.hipaajournal.com
1	stats.wp.com	www.hipaajournal.com
1	s0.wp.com	www.hipaajournal.com
145	31

This site contains links to these domains. Also see Links.

Domain
compliancy-group.com
www.facebook.com
twitter.com
www.linkedin.com
plus.google.com
www.compliancejunction.com

Subject Issuer	Validity	Valid
www.hipaajournal.com Let's Encrypt Authority X3	`2019-05-13` - `2019-08-11`	3 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh
*.infusionsoft.com Go Daddy Secure Certificate Authority - G2	`2017-08-09` - `2020-08-09`	3 years	crt.sh
*.wp.com Go Daddy Secure Certificate Authority - G2	`2018-04-10` - `2020-05-11`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-04-22` - `2019-07-21`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-01-24` - `2020-01-24`	a year	crt.sh
*.infusionsoft.app GeoTrust TLS RSA CA G1	`2018-05-01` - `2020-04-30`	2 years	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2018-12-19` - `2020-03-19`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2017-06-14` - `2020-06-18`	3 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-05-08` - `2020-03-09`	10 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-01` - `2019-09-07`	5 months	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.3lift.com Amazon	`2018-07-31` - `2019-08-31`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-01-03` - `2019-07-02`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2019-04-17` - `2020-05-04`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.openx.net DigiCert ECC Secure Server CA	`2019-02-08` - `2020-05-12`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Frame ID: 9553C7FCFEB2011E2BB3BE60A98A1544
Requests: 98 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.fb066ff7f5f4afee7716887031da2ea8.html?origin=https%3A%2F%2Fwww.hipaajournal.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 88F175168F45D5A735D4B26D356647AA
Requests: 1 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1129054808214855680/oPDfDea_?format=jpg&name=600x314
Frame ID: 0C8C558BBB0828C0FD260BF0A7BBB586
Requests: 47 HTTP requests in this frame

Frame: https://ece88010.infusionsoft.app/app/webTracking/websiteTriggerIframe
Frame ID: D87B5F4CC2C57E709081D47590100C52
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 913E55145C1901D30FFA58CA5581AA1B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 2B4DDD5DAC73378E9FCD02917DD27130
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center HTTP 301
https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-includes\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-includes\//i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^adroll_/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^twemoji$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

145
Requests

100 %
HTTPS

32 %
IPv6

25
Domains

31
Subdomains

28
IPs

6
Countries

2088 kB
Transfer

3415 kB
Size

5
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://compliancy-group.com/business-associate-compliance/?utm_source=HIPAA-journal&utm_medium=banner&utm_campaign=Business-associate

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.hipaajournal.com%2Fphishing-attack-reported-by-verity-healths-st-vincent-medical-center%2F&t=Phishing%20Attack%20Reported%20by%20Verity%20Health%E2%80%99s%20St.%20Vincent%20Medical%20Center
Title: Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/share?text=Phishing%20Attack%20Reported%20by%20Verity%20Health%E2%80%99s%20St.%20Vincent%20Medical%20Center&url=https%3A%2F%2Fwww.hipaajournal.com%2Fphishing-attack-reported-by-verity-healths-st-vincent-medical-center%2F
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.hipaajournal.com%2Fphishing-attack-reported-by-verity-healths-st-vincent-medical-center%2F&title=Phishing%20Attack%20Reported%20by%20Verity%20Health%E2%80%99s%20St.%20Vincent%20Medical%20Center
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Title: Google

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?s=100&p[url]=https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/&p[images][0]=https://www.hipaajournal.com/wp-content/uploads/2019/03/26968842_s-150x150.jpg&p[title]=Phishing%20Attack%20Reported%20by%20Verity%20Health%E2%80%99s%20St.%20Vincent%20Medical%20Center
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/&text=Phishing%20Attack%20Reported%20by%20Verity%20Health%E2%80%99s%20St.%20Vincent%20Medical%20Center
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/&text=Phishing%20Attack%20Reported%20by%20Verity%20Health%E2%80%99s%20St.%20Vincent%20Medical%20Center
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.compliancejunction.com/gdpr-eu-representative-service/
Title: Find Out MoreClick Here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center HTTP 301
https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 130

https://d.adroll.com/pixel/LTHV47DMHVARJMNMZJ3YUN/ACDEF2AO4BEFTLBNC4PX4V?adroll_fpc=cc48e152b1a0f11e3855013d81a169d2-1558332328519&pv=90889502952.11028&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fwww.hipaajournal.com%2Fphishing-attack-reported-by-verity-healths-st-vincent-medical-center%2F HTTP 302
https://s.adroll.com/pixel/LTHV47DMHVARJMNMZJ3YUN/ACDEF2AO4BEFTLBNC4PX4V/PNCJMFMN35EA3FLQST54I7.js

Request Chain 131

https://ece88010.infusionsoft.app/app/webTracking/contact/1558332327816?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=www.hipaajournal.com&location=https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/&referrer= HTTP 302
https://ece88010.infusionsoft.app/slices/spacer.gif

Request Chain 133

https://d.adroll.com/cm/aol/out?advertisable=LTHV47DMHVARJMNMZJ3YUN HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Request Chain 134

https://d.adroll.com/cm/index/out?advertisable=LTHV47DMHVARJMNMZJ3YUN HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&expiration=1589868328 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&expiration=1589868328&C=1

Request Chain 135

https://d.adroll.com/cm/n/out?advertisable=LTHV47DMHVARJMNMZJ3YUN HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&expires=365

Request Chain 136

https://d.adroll.com/cm/outbrain/out?advertisable=LTHV47DMHVARJMNMZJ3YUN HTTP 302
https://sync.outbrain.com/adroll/pixel?user_id=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE

Request Chain 137

https://d.adroll.com/cm/pubmatic/out?advertisable=LTHV47DMHVARJMNMZJ3YUN HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 138

https://d.adroll.com/cm/taboola/out?advertisable=LTHV47DMHVARJMNMZJ3YUN HTTP 302
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE

Request Chain 139

https://d.adroll.com/cm/triplelift/out?advertisable=LTHV47DMHVARJMNMZJ3YUN HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&dongle=c85e&gdpr=1&cmp_cs=

Request Chain 140

https://d.adroll.com/cm/r/out?advertisable=LTHV47DMHVARJMNMZJ3YUN HTTP 302
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 141

https://d.adroll.com/cm/b/out?advertisable=LTHV47DMHVARJMNMZJ3YUN HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE

Request Chain 142

https://d.adroll.com/cm/x/out?advertisable=LTHV47DMHVARJMNMZJ3YUN HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE

Request Chain 143

https://d.adroll.com/cm/l/out?advertisable=LTHV47DMHVARJMNMZJ3YUN HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=d845a17934b8c6daa5cc1844c1aa7b8a

Request Chain 144

https://d.adroll.com/cm/o/out?advertisable=LTHV47DMHVARJMNMZJ3YUN HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=d845a17934b8c6daa5cc1844c1aa7b8a HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=d845a17934b8c6daa5cc1844c1aa7b8a

Request Chain 145

https://d.adroll.com/cm/g/out?advertisable=LTHV47DMHVARJMNMZJ3YUN&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=2EWheTS4xtqlzBhEwap7ig&google_ula=1535926 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=2EWheTS4xtqlzBhEwap7ig&google_ula=1535926&google_tc= HTTP 302
https://d.adroll.com/cm/g/in?google_ula=1535926,0

Request Chain 147

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

145 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Redirect Chain

https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center
https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

73 KB
17 KB

245ms
244ms

Document
text/html

64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: b4b08107aecca4a4360e146bb81f166921ba7d9b1ba6d7e18db8ced68152f62d

Request headers

:method: GET
:authority: www.hipaajournal.com
:scheme: https
:path: /phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
server: nginx
date: Mon, 20 May 2019 06:05:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://www.hipaajournal.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/p9ggxi-3ot>; rel=shortlink
x-lw-cache: STALE
content-encoding: gzip

Redirect headers

status: 301
server: nginx
date: Mon, 20 May 2019 06:05:26 GMT
content-type: text/html; charset=UTF-8
location: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
expires: Mon, 20 May 2019 07:05:26 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
x-lw-cache: MISS

GET
H2 200 style.min.css
www.hipaajournal.com/wp-includes/css/dist/block-library/ 25 KB
4 KB 127ms
121ms Stylesheet
text/css 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-includes/css/dist/block-library/style.min.css?ver=5.1.1
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 10:32:17 GMT
server: nginx
etag: W/"5c766731-629a"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 styles.css
www.hipaajournal.com/wp-content/plugins/better-click-to-tweet/assets/css/ 2 KB
809 B 127ms
122ms Stylesheet
text/css 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/plugins/better-click-to-tweet/assets/css/styles.css?ver=3.0
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: ac588a22069fd96f7979ef0eb66728f0c45d9594c49bea515afe79d229591cdd

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Mon, 11 Mar 2019 04:35:42 GMT
server: nginx
etag: W/"5c85e59e-809"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 styles.css
www.hipaajournal.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
852 B 127ms
122ms Stylesheet
text/css 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.3
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Mon, 20 May 2019 04:46:21 GMT
server: nginx
etag: W/"5ce2311d-695"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 frontend.css
www.hipaajournal.com/wp-content/plugins/post-hit-counter/assets/css/ 66 B
255 B 127ms
123ms Stylesheet
text/css 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/plugins/post-hit-counter/assets/css/frontend.css?ver=1.3.2
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 542d7ac98520cc51ffd764d6e590d929e8e38b783a37882729503ef180256554

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
last-modified: Sat, 14 Jul 2018 20:15:28 GMT
server: nginx
etag: "5b4a59e0-42"
content-type: text/css
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 66
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 style.css
www.hipaajournal.com/wp-content/plugins/monarch/css/ 113 KB
13 KB 246ms
242ms Stylesheet
text/css 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/plugins/monarch/css/style.css?ver=1.4.12
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2019 15:14:53 GMT
server: nginx
etag: W/"5c8a6fed-1c56d"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
904 B 40ms
16ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

a459dcece09f81ed33c3ae6c831b3791e0e421b31c532f75e1fa37609c783c70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Origin: https://www.hipaajournal.com

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 20 May 2019 06:05:27 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 20 May 2019 06:05:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 20 May 2019 06:05:27 GMT

GET
H2 200 public.css
www.hipaajournal.com/wp-content/plugins/popups/public/assets/css/ 5 KB
2 KB 246ms
242ms Stylesheet
text/css 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/plugins/popups/public/assets/css/public.css?ver=1.9.3.6
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 37c558263ba695539d83e2b57c33595763d1b7b36e27e4d2b0a654ef00027690

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Sat, 04 May 2019 05:39:14 GMT
server: nginx
etag: W/"5ccd2582-152d"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 49ms
25ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800|Raleway:400,200,100,500,700,800,900&subset=latin,latin-ext

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

fc2af5b14342362c75a9c19f2ae570ae3a54c0f0f43eddaf3b575252501bbf9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Origin: https://www.hipaajournal.com

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 20 May 2019 06:05:27 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 20 May 2019 06:05:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 20 May 2019 06:05:27 GMT

GET
H2 200 style.css
www.hipaajournal.com/wp-content/themes/Nexus-child/ 3 KB
1 KB 247ms
242ms Stylesheet
text/css 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus-child/style.css?ver=5.1.1
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: e119a4547abc45b8e07bd2f7bbd4d58e43a06ac1fc30a11c99948558a2e8fb75

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Sat, 14 Jul 2018 20:28:16 GMT
server: nginx
etag: W/"5b4a5ce0-b8e"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 widget.css
www.hipaajournal.com/wp-content/plugins/post-hit-counter/assets/css/ 46 B
235 B 247ms
243ms Stylesheet
text/css 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/plugins/post-hit-counter/assets/css/widget.css?ver=1.3.2
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 2357a44ceeeb7d4cade95868044bc246f6361ed45c61a76c5e6368cf8bf00bb2

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
last-modified: Sat, 14 Jul 2018 20:15:28 GMT
server: nginx
etag: "5b4a59e0-2e"
content-type: text/css
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 46
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 shortcodes-legacy.css
www.hipaajournal.com/wp-content/themes/Nexus/epanel/shortcodes/css/ 35 KB
6 KB 247ms
243ms Stylesheet
text/css 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus/epanel/shortcodes/css/shortcodes-legacy.css?ver=1.7.13
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 09d6b809aaa789cddd5f691e42003021eb681cc2e67a864b3d3deb7e55478bd9

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2019 15:30:58 GMT
server: nginx
etag: W/"5c8a73b2-8c8d"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 shortcodes_responsive.css
www.hipaajournal.com/wp-content/themes/Nexus/epanel/shortcodes/css/ 4 KB
1015 B 247ms
243ms Stylesheet
text/css 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus/epanel/shortcodes/css/shortcodes_responsive.css?ver=1.7.13
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: cbe5066888bfd1ccdb3e39d2597f3462e531353c5648fe20d5e6ad3b9801c766

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2019 15:30:58 GMT
server: nginx
etag: W/"5c8a73b2-f6e"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 jetpack.css
www.hipaajournal.com/wp-content/plugins/jetpack/css/ 69 KB
12 KB 248ms
245ms Stylesheet
text/css 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/plugins/jetpack/css/jetpack.css?ver=7.3.1
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 72c186e3649c620aa209d95bbebb9f34568298786662eeb639a25233f921c9cb

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Wed, 15 May 2019 04:31:46 GMT
server: nginx
etag: W/"5cdb9632-114bd"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 magnific_popup.css
www.hipaajournal.com/wp-content/themes/Nexus/includes/page_templates/js/magnific_popup/ 8 KB
2 KB 249ms
245ms Stylesheet
text/css 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus/includes/page_templates/js/magnific_popup/magnific_popup.css?ver=1.3.4
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 6910d34663cc4b0f3d0309c38805e795f8745f73106c96ae1c4d31db83899cdb

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2019 15:30:58 GMT
server: nginx
etag: W/"5c8a73b2-1f28"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 page_templates.css
www.hipaajournal.com/wp-content/themes/Nexus/includes/page_templates/ 9 KB
2 KB 249ms
245ms Stylesheet
text/css 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus/includes/page_templates/page_templates.css?ver=1.8
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 7e0923903d8152c3f779a2512c1df0d311fb9adf9564f7ef87b79b81c0250732

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2019 15:30:58 GMT
server: nginx
etag: W/"5c8a73b2-225e"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 jquery.js Show response
www.hipaajournal.com/wp-includes/js/jquery/ 95 KB
33 KB 365ms
362ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: fa055f2f7c5b735dbbb71954f434aed79925bc00ff2ffbc3ecfc4a790689a723

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 10:32:17 GMT
server: nginx
etag: W/"5c766731-17b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.hipaajournal.com/wp-includes/js/jquery/ 10 KB
4 KB 368ms
364ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 10:11:28 GMT
server: nginx
etag: W/"573ee2d0-2748"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 advanced.js Show response
www.hipaajournal.com/wp-content/plugins/advanced-ads/public/assets/js/ 8 KB
3 KB 368ms
365ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.js?ver=1.13.6
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f1e3f9c291dba00660eee791dd6fffeac84e7bd4e66aa248792b12632706a77

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Sat, 18 May 2019 04:47:04 GMT
server: nginx
etag: W/"5cdf8e48-1e61"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 script.js Show response
www.hipaajournal.com/wp-content/plugins/advanced-ads-responsive/public/assets/js/ 3 KB
1 KB 368ms
365ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/plugins/advanced-ads-responsive/public/assets/js/script.js?ver=1.8.4
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 5841eb6d1895c740317d98a4cd9e5aeced865f5c50182647401afc3d303367e1

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 10:10:25 GMT
server: nginx
etag: W/"5c766211-b92"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 et--customizer-global-155743825383.min.css
www.hipaajournal.com/wp-content/cache/et/global/ 19 KB
4 KB 249ms
246ms Stylesheet
text/css 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/cache/et/global/et--customizer-global-155743825383.min.css
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: cfe34af05e3edba257d3d7e5ac187d4c515911e3abd7c09d4b2550140ddb9a68

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Thu, 09 May 2019 21:44:13 GMT
server: nginx
etag: W/"5cd49f2d-4a5e"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 featherlight.min.css
www.hipaajournal.com/wp-content/themes/Nexus-child/js/ 2 KB
964 B 249ms
246ms Stylesheet
text/css 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus-child/js/featherlight.min.css
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: bc462b8920124b34fffa9f466debcfb0e097317ed6b76b73a547ad39c374fe34

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Tue, 29 Jan 2019 16:21:51 GMT
server: nginx
etag: W/"5c507d9f-74c"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 jquery.exitintent.min.js Show response
www.hipaajournal.com/wp-content/themes/Nexus-child/js/ 646 B
534 B 368ms
365ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus-child/js/jquery.exitintent.min.js
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 156a6dfd9a25b183d6af4d65dac0c62fc0b35881354908eabb5b162c2ba8514f

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Tue, 29 Jan 2019 16:21:53 GMT
server: nginx
etag: W/"5c507da1-286"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 featherlight.min.js Show response
www.hipaajournal.com/wp-content/themes/Nexus-child/js/ 9 KB
4 KB 368ms
366ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus-child/js/featherlight.min.js
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: fd21104dc97db6fc980c0f12ba157f3cc9fddac84dde4367f02f6f9db05c13d6

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Tue, 29 Jan 2019 16:21:52 GMT
server: nginx
etag: W/"5c507da0-2404"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 Business-Associates-banner-728x90.jpg
www.hipaajournal.com/wp-content/uploads/2018/12/ 75 KB
75 KB 369ms
366ms Image
image/jpeg 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hipaajournal.com/wp-content/uploads/2018/12/Business-Associates-banner-728x90.jpg
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 9f631a420046a8b71ac053be19ba69f97670176a840b2881ce61251b5062143d

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
last-modified: Fri, 07 Dec 2018 11:41:09 GMT
server: nginx
etag: "5c0a5c55-12cb4"
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 76980
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.png
www.hipaajournal.com/wp-content/uploads/2018/07/ 20 KB
20 KB 369ms
366ms Image
image/png 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hipaajournal.com/wp-content/uploads/2018/07/logo.png
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: e8fa875a4f8a94f893e168e54c93d7b299da58d43e62d1def500a2844ee9009c

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
last-modified: Sat, 14 Jul 2018 20:29:14 GMT
server: nginx
etag: "5b4a5d1a-50fa"
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 20730
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 26968842_s.jpg
www.hipaajournal.com/wp-content/uploads/2019/03/ 26 KB
26 KB 133ms
131ms Image
image/jpeg 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hipaajournal.com/wp-content/uploads/2019/03/26968842_s.jpg
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 1f15f2d97f062f1de7517c9778c01310aaa18b9080b420272e8875bc01bb0e35

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
last-modified: Thu, 14 Mar 2019 13:29:44 GMT
server: nginx
etag: "5c8a5748-68e0"
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 26848
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 getTrackingCode Show response
ece88010.infusionsoft.com/app/webTracking/ 7 KB
4 KB 242ms
172ms Script
text/javascript 2606:4700::6810:9f6a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ece88010.infusionsoft.com/app/webTracking/getTrackingCode?b=1.70.0.62190

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9f6a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dfa5e7ea7c85b7aca59c99a5c7f0b1337fc63fc078823f41ed27daf008341e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: clear
x-xss-protection: 1; mode=block
pragma: no-cache
accept-charset: big5, big5-hkscs, cesu-8, euc-jp, euc-kr, gb18030, gb2312, gbk, ibm-thai, ibm00858, ibm01140, ibm01141, ibm01142, ibm01143, ibm01144, ibm01145, ibm01146, ibm01147, ibm01148, ibm01149, ibm037, ibm1026, ibm1047, ibm273, ibm277, ibm278, ibm280, ibm284, ibm285, ibm290, ibm297, ibm420, ibm424, ibm437, ibm500, ibm775, ibm850, ibm852, ibm855, ibm857, ibm860, ibm861, ibm862, ibm863, ibm864, ibm865, ibm866, ibm868, ibm869, ibm870, ibm871, ibm918, iso-2022-cn, iso-2022-jp, iso-2022-jp-2, iso-2022-kr, iso-8859-1, iso-8859-13, iso-8859-15, iso-8859-2, iso-8859-3, iso-8859-4, iso-8859-5, iso-8859-6, iso-8859-7, iso-8859-8, iso-8859-9, jis_x0201, jis_x0212-1990, koi8-r, koi8-u, shift_jis, tis-620, us-ascii, utf-16, utf-16be, utf-16le, utf-32, utf-32be, utf-32le, utf-8, windows-1250, windows-1251, windows-1252, windows-1253, windows-1254, windows-1255, windows-1256, windows-1257, windows-1258, windows-31j, x-big5-hkscs-2001, x-big5-solaris, x-compound_text, x-euc-jp-linux, x-euc-tw, x-eucjp-open, x-ibm1006, x-ibm1025, x-ibm1046, x-ibm1097, x-ibm1098, x-ibm1112, x-ibm1122, x-ibm1123, x-ibm1124, x-ibm1166, x-ibm1364, x-ibm1381, x-ibm1383, x-ibm300, x-ibm33722, x-ibm737, x-ibm833, x-ibm834, x-ibm856, x-ibm874, x-ibm875, x-ibm921, x-ibm922, x-ibm930, x-ibm933, x-ibm935, x-ibm937, x-ibm939, x-ibm942, x-ibm942c, x-ibm943, x-ibm943c, x-ibm948, x-ibm949, x-ibm949c, x-ibm950, x-ibm964, x-ibm970, x-iscii91, x-iso-2022-cn-cns, x-iso-2022-cn-gb, x-iso-8859-11, x-jis0208, x-jisautodetect, x-johab, x-macarabic, x-maccentraleurope, x-maccroatian, x-maccyrillic, x-macdingbat, x-macgreek, x-machebrew, x-maciceland, x-macroman, x-macromania, x-macsymbol, x-macthai, x-macturkish, x-macukraine, x-ms932_0213, x-ms950-hkscs, x-ms950-hkscs-xp, x-mswin-936, x-pck, x-sjis_0213, x-utf-16le-bom, x-utf-32be-bom, x-utf-32le-bom, x-windows-50220, x-windows-50221, x-windows-874, x-windows-949, x-windows-950, x-windows-iso2022jp
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 google
vary: Accept-Encoding
cache-control: no-cache, no-store
cf-ray: 4d9c1e77ba1897fc-FRA
expires: Mon, 20 May 2019 06:05:27 GMT

GET
H2 200 getTrackingCode Show response
ece88010.infusionsoft.com/app/webTracking/ 7 KB
2 KB 242ms
174ms Script
text/javascript 2606:4700::6810:9f6a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ece88010.infusionsoft.com/app/webTracking/getTrackingCode

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9f6a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dfa5e7ea7c85b7aca59c99a5c7f0b1337fc63fc078823f41ed27daf008341e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: clear
x-xss-protection: 1; mode=block
pragma: no-cache
accept-charset: big5, big5-hkscs, cesu-8, euc-jp, euc-kr, gb18030, gb2312, gbk, ibm-thai, ibm00858, ibm01140, ibm01141, ibm01142, ibm01143, ibm01144, ibm01145, ibm01146, ibm01147, ibm01148, ibm01149, ibm037, ibm1026, ibm1047, ibm273, ibm277, ibm278, ibm280, ibm284, ibm285, ibm290, ibm297, ibm420, ibm424, ibm437, ibm500, ibm775, ibm850, ibm852, ibm855, ibm857, ibm860, ibm861, ibm862, ibm863, ibm864, ibm865, ibm866, ibm868, ibm869, ibm870, ibm871, ibm918, iso-2022-cn, iso-2022-jp, iso-2022-jp-2, iso-2022-kr, iso-8859-1, iso-8859-13, iso-8859-15, iso-8859-2, iso-8859-3, iso-8859-4, iso-8859-5, iso-8859-6, iso-8859-7, iso-8859-8, iso-8859-9, jis_x0201, jis_x0212-1990, koi8-r, koi8-u, shift_jis, tis-620, us-ascii, utf-16, utf-16be, utf-16le, utf-32, utf-32be, utf-32le, utf-8, windows-1250, windows-1251, windows-1252, windows-1253, windows-1254, windows-1255, windows-1256, windows-1257, windows-1258, windows-31j, x-big5-hkscs-2001, x-big5-solaris, x-compound_text, x-euc-jp-linux, x-euc-tw, x-eucjp-open, x-ibm1006, x-ibm1025, x-ibm1046, x-ibm1097, x-ibm1098, x-ibm1112, x-ibm1122, x-ibm1123, x-ibm1124, x-ibm1166, x-ibm1364, x-ibm1381, x-ibm1383, x-ibm300, x-ibm33722, x-ibm737, x-ibm833, x-ibm834, x-ibm856, x-ibm874, x-ibm875, x-ibm921, x-ibm922, x-ibm930, x-ibm933, x-ibm935, x-ibm937, x-ibm939, x-ibm942, x-ibm942c, x-ibm943, x-ibm943c, x-ibm948, x-ibm949, x-ibm949c, x-ibm950, x-ibm964, x-ibm970, x-iscii91, x-iso-2022-cn-cns, x-iso-2022-cn-gb, x-iso-8859-11, x-jis0208, x-jisautodetect, x-johab, x-macarabic, x-maccentraleurope, x-maccroatian, x-maccyrillic, x-macdingbat, x-macgreek, x-machebrew, x-maciceland, x-macroman, x-macromania, x-macsymbol, x-macthai, x-macturkish, x-macukraine, x-ms932_0213, x-ms950-hkscs, x-ms950-hkscs-xp, x-mswin-936, x-pck, x-sjis_0213, x-utf-16le-bom, x-utf-32be-bom, x-utf-32le-bom, x-windows-50220, x-windows-50221, x-windows-874, x-windows-949, x-windows-950, x-windows-iso2022jp
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 google
vary: Accept-Encoding
cache-control: no-cache, no-store
cf-ray: 4d9c1e77ba1997fc-FRA
expires: Mon, 20 May 2019 06:05:27 GMT

GET
H2 200 timezoneInputJs Show response
ece88010.infusionsoft.com/app/timezone/ 600 B
484 B 218ms
173ms Script
text/javascript 2606:4700::6810:9f6a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ece88010.infusionsoft.com/app/timezone/timezoneInputJs?xid=c60e3d2e92534676f199ae06145bafb6

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9f6a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2803d446329723a43797979d31f264939b8e18d1b93727b7b490107da73e5bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=31536000;includeSubDomains
alt-svc: clear
x-xss-protection: 1; mode=block
pragma: no-cache
accept-charset: big5, big5-hkscs, cesu-8, euc-jp, euc-kr, gb18030, gb2312, gbk, ibm-thai, ibm00858, ibm01140, ibm01141, ibm01142, ibm01143, ibm01144, ibm01145, ibm01146, ibm01147, ibm01148, ibm01149, ibm037, ibm1026, ibm1047, ibm273, ibm277, ibm278, ibm280, ibm284, ibm285, ibm290, ibm297, ibm420, ibm424, ibm437, ibm500, ibm775, ibm850, ibm852, ibm855, ibm857, ibm860, ibm861, ibm862, ibm863, ibm864, ibm865, ibm866, ibm868, ibm869, ibm870, ibm871, ibm918, iso-2022-cn, iso-2022-jp, iso-2022-jp-2, iso-2022-kr, iso-8859-1, iso-8859-13, iso-8859-15, iso-8859-2, iso-8859-3, iso-8859-4, iso-8859-5, iso-8859-6, iso-8859-7, iso-8859-8, iso-8859-9, jis_x0201, jis_x0212-1990, koi8-r, koi8-u, shift_jis, tis-620, us-ascii, utf-16, utf-16be, utf-16le, utf-32, utf-32be, utf-32le, utf-8, windows-1250, windows-1251, windows-1252, windows-1253, windows-1254, windows-1255, windows-1256, windows-1257, windows-1258, windows-31j, x-big5-hkscs-2001, x-big5-solaris, x-compound_text, x-euc-jp-linux, x-euc-tw, x-eucjp-open, x-ibm1006, x-ibm1025, x-ibm1046, x-ibm1097, x-ibm1098, x-ibm1112, x-ibm1122, x-ibm1123, x-ibm1124, x-ibm1166, x-ibm1364, x-ibm1381, x-ibm1383, x-ibm300, x-ibm33722, x-ibm737, x-ibm833, x-ibm834, x-ibm856, x-ibm874, x-ibm875, x-ibm921, x-ibm922, x-ibm930, x-ibm933, x-ibm935, x-ibm937, x-ibm939, x-ibm942, x-ibm942c, x-ibm943, x-ibm943c, x-ibm948, x-ibm949, x-ibm949c, x-ibm950, x-ibm964, x-ibm970, x-iscii91, x-iso-2022-cn-cns, x-iso-2022-cn-gb, x-iso-8859-11, x-jis0208, x-jisautodetect, x-johab, x-macarabic, x-maccentraleurope, x-maccroatian, x-maccyrillic, x-macdingbat, x-macgreek, x-machebrew, x-maciceland, x-macroman, x-macromania, x-macsymbol, x-macthai, x-macturkish, x-macukraine, x-ms932_0213, x-ms950-hkscs, x-ms950-hkscs-xp, x-mswin-936, x-pck, x-sjis_0213, x-utf-16le-bom, x-utf-32be-bom, x-utf-32le-bom, x-windows-50220, x-windows-50221, x-windows-874, x-windows-949, x-windows-950, x-windows-iso2022jp
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=UTF-8
via: 1.1 google
vary: Accept-Encoding
cache-control: no-cache, no-store
cf-ray: 4d9c1e77ba1a97fc-FRA
expires: Mon, 20 May 2019 06:05:27 GMT

GET
H2 200 jquery.sticky.js Show response
www.hipaajournal.com/wp-content/themes/Nexus-child/ 10 KB
3 KB 125ms
121ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus-child/jquery.sticky.js
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Sat, 14 Jul 2018 20:28:12 GMT
server: nginx
etag: W/"5b4a5cdc-2765"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.hipaajournal.com/wp-includes/js/ 12 KB
4 KB 134ms
132ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-includes/js/wp-emoji-release.min.js?ver=5.1.1
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 10:32:17 GMT
server: nginx
etag: W/"5c766731-2f02"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 scripts.js Show response
www.hipaajournal.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 126ms
122ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Mon, 20 May 2019 04:46:21 GMT
server: nginx
etag: W/"5ce2311d-3868"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 devicepx-jetpack.js Show response
s0.wp.com/wp-content/js/ 10 KB
3 KB 67ms
19ms Script
application/x-javascript 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201921
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT ams 32
date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
server: nginx
etag: W/"5841a56f-52b6"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
x-ac: 2.ams _dfw
expires: Mon, 18 May 2020 02:00:18 GMT

GET
H2 200 wpcf7-redirect-script.js Show response
www.hipaajournal.com/wp-content/plugins/wpcf7-redirect/js/ 2 KB
979 B 126ms
122ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/plugins/wpcf7-redirect/js/wpcf7-redirect-script.js
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 7a215beed25ae1a7e058c584bb780e6f3f7ffad9923733f46eabe2c77905b2ed

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Fri, 15 Feb 2019 04:47:11 GMT
server: nginx
etag: W/"5c66444f-760"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 idle-timer.min.js Show response
www.hipaajournal.com/wp-content/plugins/monarch/js/ 2 KB
1 KB 126ms
123ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/plugins/monarch/js/idle-timer.min.js?ver=1.4.12
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 92c35f839d90ea55730d05ce3ea859cb598cd85eb20be3ed55621bb8baa3aa36

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2019 15:14:53 GMT
server: nginx
etag: W/"5c8a6fed-9d6"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 custom.js Show response
www.hipaajournal.com/wp-content/plugins/monarch/js/ 26 KB
6 KB 127ms
124ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/plugins/monarch/js/custom.js?ver=1.4.12
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a923c50c91e0fb7b1ff0b2806fa088087b441339c15fda5747dcde2eb4ae112

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2019 15:14:53 GMT
server: nginx
etag: W/"5c8a6fed-6703"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 public.js Show response
www.hipaajournal.com/wp-content/plugins/popups/public/assets/js/ 29 KB
9 KB 128ms
125ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/plugins/popups/public/assets/js/public.js?ver=1.9.3.6
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 5881b4f2ae1a4f45ae43f7b68d1fde8de01885d0c05ba9e35d135bf21c6d3e8a

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Sat, 04 May 2019 05:39:14 GMT
server: nginx
etag: W/"5ccd2582-7526"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 superfish.min.js Show response
www.hipaajournal.com/wp-content/themes/Nexus/js/ 4 KB
2 KB 128ms
125ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus/js/superfish.min.js?ver=1.0
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 7024edcdaf0df65faa293f396ddc883b9b2d389f8220903f535ffa10de110f06

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2019 15:30:58 GMT
server: nginx
etag: W/"5c8a73b2-113e"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 custom.js Show response
www.hipaajournal.com/wp-content/themes/Nexus/js/ 23 KB
5 KB 129ms
126ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus/js/custom.js?ver=1.0
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 7e57efd5c193edff190bda2bbb8426ce1488c24e96df5a22e0a55de6608febfe

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2019 15:30:58 GMT
server: nginx
etag: W/"5c8a73b2-5c5a"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 common.js Show response
www.hipaajournal.com/wp-content/plugins/monarch/core/admin/js/ 1 KB
788 B 129ms
126ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/plugins/monarch/core/admin/js/common.js?ver=3.20.2
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2019 15:14:53 GMT
server: nginx
etag: W/"5c8a6fed-550"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 jquery.easing-1.3.pack.js Show response
www.hipaajournal.com/wp-content/themes/Nexus/includes/page_templates/js/ 7 KB
2 KB 130ms
127ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus/includes/page_templates/js/jquery.easing-1.3.pack.js?ver=1.3.4
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e76b47947d1b97c780b6b06e7ff05feebfd7983561576e4733f9029f67a95ad

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2019 15:30:58 GMT
server: nginx
etag: W/"5c8a73b2-1a1c"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 jquery.magnific-popup.js Show response
www.hipaajournal.com/wp-content/themes/Nexus/includes/page_templates/js/magnific_popup/ 22 KB
8 KB 131ms
128ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus/includes/page_templates/js/magnific_popup/jquery.magnific-popup.js?ver=1.3.4
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 5acca27f3097c6da956676a92031f1e21bef065618481ea762de8367ab0c43a1

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2019 15:30:58 GMT
server: nginx
etag: W/"5c8a73b2-576c"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 et-ptemplates-frontend.js Show response
www.hipaajournal.com/wp-content/themes/Nexus/includes/page_templates/js/ 7 KB
2 KB 131ms
129ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus/includes/page_templates/js/et-ptemplates-frontend.js?ver=1.1
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: a75f9e638f8a1de35a8ff9f5d30332f7b771db727504b872831b71f3b5e857f8

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2019 15:30:58 GMT
server: nginx
etag: W/"5c8a73b2-1c36"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 wp-embed.min.js Show response
www.hipaajournal.com/wp-includes/js/ 1 KB
964 B 132ms
129ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-includes/js/wp-embed.min.js?ver=5.1.1
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Thu, 13 Dec 2018 09:01:11 GMT
server: nginx
etag: W/"5c121fd7-57b"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 forms-api.min.js Show response
www.hipaajournal.com/wp-content/plugins/mailchimp-for-wp/assets/js/ 22 KB
8 KB 133ms
131ms Script
application/javascript 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms-api.min.js?ver=4.5.2
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 67f34b99750032ddca98f373145cc187098c593fd870681a3418d697362ddb40

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Thu, 09 May 2019 04:41:46 GMT
server: nginx
etag: W/"5cd3af8a-58f4"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 e-201921.js Show response
stats.wp.com/ 9 KB
3 KB 52ms
15ms Script
application/x-javascript 192.0.76.3
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-201921.js
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
expires: Sun, 10 May 2020 15:52:05 GMT

GET
H2 200 style.css
www.hipaajournal.com/wp-content/themes/Nexus/ 67 KB
12 KB 242ms
241ms Stylesheet
text/css 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus/style.css
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 270604abfdfd15770df1790c95277046de5adacaed4801ae8ce46367ea97e0b9

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2019 15:30:58 GMT
server: nginx
etag: W/"5c8a73b2-10c2e"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, public
expires: Tue, 19 May 2020 06:05:27 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 53 KB
16 KB 40ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 15397
x-xss-protection: 0
pragma: public
x-fb-debug: KXWVCCBG69cwSyZglXyIMXJyo1AWmcG1jdYq9RDeCaLl6sVTlYEvplhBN0hXGsbjyp/8LnaOKBZg50oPxJX2XA==
date: Mon, 20 May 2019 06:05:27 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 title-shadow.png
www.hipaajournal.com/wp-content/themes/Nexus/images/ 277 B
452 B 132ms
131ms Image
image/png 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus/images/title-shadow.png
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 51f6757186bc2ffd28f2c2aab16b1b86ee001cc5bff18fa322129f3419c41b91

Request headers

Referer: https://www.hipaajournal.com/wp-content/themes/Nexus/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
last-modified: Thu, 14 Mar 2019 15:30:58 GMT
server: nginx
etag: "5c8a73b2-115"
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 277
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 breadcrumbs_separator.png
www.hipaajournal.com/wp-content/themes/Nexus/images/ 1 KB
1 KB 132ms
132ms Image
image/png 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus/images/breadcrumbs_separator.png
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 6935b2c1940b4f74e22834aa671716c4f1a8f15c581e11fe02e21f4e4bf54cc1

Request headers

Referer: https://www.hipaajournal.com/wp-content/themes/Nexus/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
last-modified: Thu, 14 Mar 2019 15:30:58 GMT
server: nginx
etag: "5c8a73b2-4ba"
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1210
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 google-share.png
www.hipaajournal.com/wp-content/themes/Nexus/images/ 2 KB
2 KB 131ms
130ms Image
image/png 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus/images/google-share.png
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ef3ef92cf19e9dd4d888a9b0cb7d022523eb63948e8f9b48ce04bdb7b9e3b69

Request headers

Referer: https://www.hipaajournal.com/wp-content/themes/Nexus/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
last-modified: Thu, 14 Mar 2019 15:30:58 GMT
server: nginx
etag: "5c8a73b2-62c"
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1580
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 facebook-share.png
www.hipaajournal.com/wp-content/themes/Nexus/images/ 1 KB
1 KB 131ms
130ms Image
image/png 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus/images/facebook-share.png
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: d634c628955d81fe9375e3fb8b4959179e9adbe2765baa4e0aa4969b7aee6853

Request headers

Referer: https://www.hipaajournal.com/wp-content/themes/Nexus/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
last-modified: Thu, 14 Mar 2019 15:30:58 GMT
server: nginx
etag: "5c8a73b2-4fb"
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1275
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 twitter-share.png
www.hipaajournal.com/wp-content/themes/Nexus/images/ 1 KB
2 KB 241ms
241ms Image
image/png 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus/images/twitter-share.png
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 0c9324a7ef7c7fa437089705282d0c5bb60e9e50b569fb8f1123cb691af7941e

Request headers

Referer: https://www.hipaajournal.com/wp-content/themes/Nexus/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
last-modified: Thu, 14 Mar 2019 15:30:58 GMT
server: nginx
etag: "5c8a73b2-5c6"
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1478
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 linkedin.png
www.hipaajournal.com/wp-content/themes/Nexus-child/images/ 1 KB
2 KB 242ms
241ms Image
image/png 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hipaajournal.com/wp-content/themes/Nexus-child/images/linkedin.png
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 630c370a5f7d2bf0aca78f60c8d9430f4537dec75b93182453e366bdd2a0044d

Request headers

Referer: https://www.hipaajournal.com/wp-content/cache/et/global/et--customizer-global-155743825383.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
last-modified: Sat, 14 Jul 2018 20:28:08 GMT
server: nginx
etag: "5b4a5cd8-577"
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1399
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800|Raleway:400,200,100,500,700,800,900&subset=latin,latin-ext
Origin: https://www.hipaajournal.com

Response headers

date: Thu, 09 May 2019 13:53:44 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:11:28 GMT
server: sffe
age: 922303
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9016
x-xss-protection: 0
expires: Fri, 08 May 2020 13:53:44 GMT

GET
H2 200 1Ptrg8zYS_SKggPNwK4vWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v13/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v13/1Ptrg8zYS_SKggPNwK4vWqZPANqczVs.woff2

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9c695acb1fb9e1a8739e6ae5621d41fc1ff3d13bbf370ea9c1fc95e879109890

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800|Raleway:400,200,100,500,700,800,900&subset=latin,latin-ext
Origin: https://www.hipaajournal.com

Response headers

date: Mon, 25 Mar 2019 20:27:44 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:13:25 GMT
server: sffe
age: 4786663
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13564
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:27:44 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v13/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v13/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800|Raleway:400,200,100,500,700,800,900&subset=latin,latin-ext
Origin: https://www.hipaajournal.com

Response headers

date: Mon, 25 Mar 2019 20:22:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:12:10 GMT
server: sffe
age: 4786982
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13428
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:22:25 GMT

GET
H2 200 1Ptsg8zYS_SKggPNwE44TYFqL_KWxQ.woff2
fonts.gstatic.com/s/raleway/v13/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v13/1Ptsg8zYS_SKggPNwE44TYFqL_KWxQ.woff2

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a37d3624086675554078137e1df705b7dd0cae87bf39b588759a94157fdefd73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800|Raleway:400,200,100,500,700,800,900&subset=latin,latin-ext
Origin: https://www.hipaajournal.com

Response headers

date: Mon, 25 Mar 2019 20:32:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:13:06 GMT
server: sffe
age: 4786367
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13004
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:32:40 GMT

GET
H2 200 monarch.ttf
www.hipaajournal.com/wp-content/plugins/monarch/css/fonts/ 15 KB
15 KB 238ms
238ms Font
application/octet-stream 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/plugins/monarch/css/fonts/monarch.ttf
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.hipaajournal.com/wp-content/plugins/monarch/css/style.css?ver=1.4.12
Origin: https://www.hipaajournal.com

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
last-modified: Thu, 14 Mar 2019 15:14:53 GMT
server: nginx
etag: "5c8a6fed-3af8"
content-type: application/octet-stream
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 15096
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Origin: https://www.hipaajournal.com

Response headers

date: Mon, 25 Mar 2019 20:19:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:12:28 GMT
server: sffe
age: 4787154
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:19:33 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Origin: https://www.hipaajournal.com

Response headers

date: Mon, 25 Mar 2019 20:19:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:10:29 GMT
server: sffe
age: 4787154
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:19:33 GMT

GET
H2 200 319025828259454 Show response
connect.facebook.net/signals/config/ 207 KB
55 KB 83ms
82ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/319025828259454?v=2.8.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

7975fa7bd4d959cba0a0c34761d5fc5bd7175bd84df61a2a3efb32605bb188ed

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: rQqYhp0Zpc6BI8UoO9w7cEzGwphVEFgvRThtFMEdNz/FkyyUtrJxaKmcqfo4EGfLUwF/MP7jfDrD2401yh5MMA==
date: Mon, 20 May 2019 06:05:27 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
1 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.47

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: rebMS29t+FeCSBTMvb/8OnYEo5aG4ynXmAkxbIgWvlILDnEHeO9HRy+PDaTno+sMRa0h0uNMZGEQ2vTVO4/5sA==
date: Mon, 20 May 2019 06:05:27 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
322 B 41ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=319025828259454&ev=PageView&dl=https%3A%2F%2Fwww.hipaajournal.com%2Fphishing-attack-reported-by-verity-healths-st-vincent-medical-center%2F&rl=&if=false&ts=1558332327763&sw=1600&sh=1200&v=2.8.47&r=stable&ec=0&o=30&fbp=fb.1.1558332327762.1857032219&it=1558332327647&coo=false&rqm=GET

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 20 May 2019 06:05:27 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 93 KB
28 KB 48ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40D0) /
Resource Hash: ccdc7c6d47474aab7cab23ad64d7d9422362e340661989b597e14f3aa7324d2c

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 20 May 2019 06:05:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 May 2019 16:55:40 GMT
Server: ECS (fcn/40D0)
Etag: "874859c9478ed0f44c89e06b9f294d04+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28031

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 02 May 2019 01:33:03 GMT
server: Golfe2
age: 1111
date: Mon, 20 May 2019 05:46:56 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17779
expires: Mon, 20 May 2019 07:46:56 GMT

GET
H2 200 1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v13/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v13/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800|Raleway:400,200,100,500,700,800,900&subset=latin,latin-ext
Origin: https://www.hipaajournal.com

Response headers

date: Mon, 25 Mar 2019 20:23:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:12:34 GMT
server: sffe
age: 4786929
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13228
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:23:18 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 13ms
13ms Image
image/gif 2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j75&a=1992202183&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hipaajournal.com%2Fphishing-attack-reported-by-verity-healths-st-vincent-medical-center%2F&ul=en-us&de=UTF-8&dt=Phishing%20Attack%20Reported%20by%20Verity%20Health%E2%80%99s%20St.%20Vincent%20Medical%20Center&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=513840353&gjid=222538699&cid=251632259.1558332328&tid=UA-57448128-1&_gid=476543342.1558332328&_r=1&z=942533087

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 May 2019 06:05:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www.hipaajournal.com/ 5 KB
2 KB 316ms
316ms XHR
text/html 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/?spu_action=spu_load
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: abb78e1e0bc2d0b747e8c5131a16b36250411f96a6d0d2bf8f7298ac6e4f07e9

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Origin: https://www.hipaajournal.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.hipaajournal.com
access-control-allow-credentials: true

GET
H/1.1 200
OK widget_iframe.fb066ff7f5f4afee7716887031da2ea8.html
platform.twitter.com/widgets/ Frame 88F1 0
0 9ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.fb066ff7f5f4afee7716887031da2ea8.html?origin=https%3A%2F%2Fwww.hipaajournal.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40FC) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 20 May 2019 06:05:27 GMT
Etag: "347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified: Wed, 15 May 2019 16:54:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40FC)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5783

GET
H/1.1 200
OK moment~timeline~tweet.ef2fecba8465ec0ef7967553ca4bee54.js Show response
platform.twitter.com/js/ 24 KB
8 KB 17ms
10ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.ef2fecba8465ec0ef7967553ca4bee54.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B4) /
Resource Hash: ce7ecc07f7f0f8c44e1a52e071803108b5264846ab20245d7d5a677db55b8cd9

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 20 May 2019 06:05:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 May 2019 16:54:40 GMT
Server: ECS (fcn/40B4)
Etag: "b16c301bcae6ec097669b64e96a7a45a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 7937

GET
H/1.1 200
OK timeline.4c6ab682148a0366f9efb1647a3f4799.js Show response
platform.twitter.com/js/ 39 KB
12 KB 25ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.4c6ab682148a0366f9efb1647a3f4799.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40EB) /
Resource Hash: 68a21402dc8bbd85d41b7bf206a9819d583d6b81f39bb67f744d3c39d8d68d36

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 20 May 2019 06:05:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 May 2019 16:54:40 GMT
Server: ECS (fcn/40EB)
Etag: "0b75ea6c252ef45cd6d3a2e31473d9d5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 11574

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 20ms
14ms Image
image/gif 192.0.76.3
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A7.3.1&blog=136863840&post=13049&tz=-4&srv=www.hipaajournal.com&host=www.hipaajournal.com&ref=&fcp=1406&rand=0.3427532235635551
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Mon, 20 May 2019 06:05:27 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 162 KB
11 KB 51ms
26ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_HIPAAJournal_old&dnt=false&domain=www.hipaajournal.com&lang=en&screen_name=HIPAAJournal&suppress_response_codes=true&t=1731480&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (lcy/1D60) /

Resource Hash

d0ccbc24431f9a7a2b9a06050496031a842f312d7dccdbeb7ca5e68f3b0c5780

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-disposition: attachment; filename=jsonp.jsonp
strict-transport-security: max-age=631138519
content-length: 10631
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 157
last-modified: Mon, 20 May 2019 06:02:58 GMT
server: ECS (lcy/1D60)
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 98695e8b38fa376fca1921f9efc6f882
accept-ranges: bytes
timing-allow-origin: *
x-transaction: 0087c7f90061f1a4
expires: Mon, 20 May 2019 06:10:28 GMT

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
120 B 147ms
147ms Image
image/gif 104.244.42.72
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1558332327976%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 117
pragma: no-cache
last-modified: Mon, 20 May 2019 06:05:28 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: fb0953069e809a338396dacf35fd9102
x-transaction: 00172a340092981f
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 oPDfDea_
pbs.twimg.com/card_img/1129054808214855680/ Frame 0C8C 8 KB
8 KB 9ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1129054808214855680/oPDfDea_?format=jpg&name=600x314

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

0e43d949cc9d097b10ab0e2023fd0048bc61ab08fd4a49b175c3a9795a8d534b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 8044
x-response-time: 144
surrogate-key: card_img card_img/bucket/3 card_img/1129054808214855680
last-modified: Thu, 16 May 2019 16:01:37 GMT
server: ECS (fcn/41A3)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a8ef2c62a55f011595cca42d55c5b42a
accept-ranges: bytes

GET
H2 200 udQOxrJ4
pbs.twimg.com/card_img/1129550530647351296/ Frame 0C8C 27 KB
27 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1129550530647351296/udQOxrJ4?format=jpg&name=600x314

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/419A) /

Resource Hash

d13f976b1565b8880e8dd6aece6adabb4b8335efd510f01e785d22fc936dc475

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 27165
x-response-time: 147
surrogate-key: card_img card_img/bucket/6 card_img/1129550530647351296
last-modified: Sat, 18 May 2019 00:51:27 GMT
server: ECS (fcn/419A)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: be31cfd314a807145d4035a3d9cfebbe
accept-ranges: bytes

GET
H2 200 XkRTVF6G
pbs.twimg.com/card_img/1129113403618930689/ Frame 0C8C 16 KB
16 KB 10ms
9ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1129113403618930689/XkRTVF6G?format=png&name=600x314

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E7) /

Resource Hash

5e999f56ce3dff6f2a8c270945b3731ef9952f3dcd8a6e7f96638b4147536df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 16126
x-response-time: 145
surrogate-key: card_img card_img/bucket/3 card_img/1129113403618930689
last-modified: Thu, 16 May 2019 19:54:27 GMT
server: ECS (fcn/40E7)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3f36a2832e8469326c2dce5790c8968f
accept-ranges: bytes

GET
H2 200 nz3GE7Xf
pbs.twimg.com/card_img/1130041133659230208/ Frame 0C8C 27 KB
27 KB 11ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1130041133659230208/nz3GE7Xf?format=jpg&name=600x314

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A1) /

Resource Hash

ad55d4d85cf1d3095c979df3ba2f11d2339795b207dadef0e653305b0cfd6d89

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:24 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 27417
x-response-time: 154
surrogate-key: card_img card_img/bucket/4 card_img/1130041133659230208
last-modified: Sun, 19 May 2019 09:20:56 GMT
server: ECS (fcn/41A1)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8e0e5338a56fefe985dc1eeed15d5a97
accept-ranges: bytes

GET
H2 200 xgEsQw0u
pbs.twimg.com/card_img/1129327766267138048/ Frame 0C8C 32 KB
32 KB 12ms
11ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1129327766267138048/xgEsQw0u?format=jpg&name=600x314

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A7) /

Resource Hash

2523a5e845b5461728028e569a070773e480daf46d55859e8d4e22d40a31d5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 32267
x-response-time: 150
surrogate-key: card_img card_img/bucket/5 card_img/1129327766267138048
last-modified: Fri, 17 May 2019 10:06:16 GMT
server: ECS (fcn/41A7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: da0e867ae33680740f45d9a9ddd635bf
accept-ranges: bytes

GET
H2 200 Nc6XhQ_P
pbs.twimg.com/card_img/1129387539817783297/ Frame 0C8C 23 KB
23 KB 12ms
10ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1129387539817783297/Nc6XhQ_P?format=jpg&name=600x314

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

3a63061edc5ec0e79fa4df153884b6a4bb8acaa0ba3697ed4e3389ef21865a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 23834
x-response-time: 145
surrogate-key: card_img card_img/bucket/2 card_img/1129387539817783297
last-modified: Fri, 17 May 2019 14:03:47 GMT
server: ECS (fcn/41A3)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3c4a8a9bc2898a8a519d01cb3b1bcd1f
accept-ranges: bytes

GET
H2 200 Z5dHif7B
pbs.twimg.com/card_img/1128652022033440768/ Frame 0C8C 23 KB
24 KB 17ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1128652022033440768/Z5dHif7B?format=jpg&name=600x314

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40FD) /

Resource Hash

056ffb1f4ae28157b6a1e534673d7568d909cd8cfe7505abf9d867dafaef2237

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:35 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 24026
x-response-time: 166
surrogate-key: card_img card_img/bucket/2 card_img/1128652022033440768
last-modified: Wed, 15 May 2019 13:21:06 GMT
server: ECS (fcn/40FD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 714177a83212da4de2322ee9c9f544fa
accept-ranges: bytes

GET
H2 200 it8YskY7
pbs.twimg.com/card_img/1129092177517322241/ Frame 0C8C 37 KB
37 KB 16ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1129092177517322241/it8YskY7?format=jpg&name=600x314

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

e192d49afadf0333c4889a5e74f4138bb96374ecbe128cb9d7360d3f1874da34

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 38235
x-response-time: 151
surrogate-key: card_img card_img/bucket/4 card_img/1129092177517322241
last-modified: Thu, 16 May 2019 18:30:07 GMT
server: ECS (fcn/41A3)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cbec88e4864347c4cde0a16570d4c96b
accept-ranges: bytes

GET
H2 200 UjRByh8x
pbs.twimg.com/card_img/1126782385838858241/ Frame 0C8C 15 KB
15 KB 17ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1126782385838858241/UjRByh8x?format=jpg&name=600x314

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40FC) /

Resource Hash

b24bd6f31bb109cd0bee656ee8dbe864929355b48d7dad12d4effaebd81fbf1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 15238
x-response-time: 268
surrogate-key: card_img card_img/bucket/8 card_img/1126782385838858241
last-modified: Fri, 10 May 2019 09:31:50 GMT
server: ECS (fcn/40FC)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 233efd32342e83d370512c137a36d2fe
accept-ranges: bytes

GET
H2 200 nY_NKTsQ
pbs.twimg.com/card_img/1128143757654806529/ Frame 0C8C 17 KB
17 KB 15ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1128143757654806529/nY_NKTsQ?format=jpg&name=600x314

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D9) /

Resource Hash

520426481473705a618661192d653ea7882924c43e8dfad53e21531fbea30972

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 16994
x-response-time: 164
surrogate-key: card_img card_img/bucket/6 card_img/1128143757654806529
last-modified: Tue, 14 May 2019 03:41:26 GMT
server: ECS (fcn/40D9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d3c33d90cf46385872b63fc065d16aa1
accept-ranges: bytes

GET
H2 200 oTf0mKUk
pbs.twimg.com/card_img/1128847476365115393/ Frame 0C8C 61 KB
61 KB 16ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1128847476365115393/oTf0mKUk?format=jpg&name=600x314

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A8) /

Resource Hash

076c74c651a686ede87400456155fe618aff27e7756778a5c2b8df083ce48e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:27 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 62189
x-response-time: 154
surrogate-key: card_img card_img/bucket/2 card_img/1128847476365115393
last-modified: Thu, 16 May 2019 02:17:45 GMT
server: ECS (fcn/41A8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7e13c3c8a8345ea225655734430e094a
accept-ranges: bytes

GET
H2 200 OxmZzafX
pbs.twimg.com/card_img/1128989708741169152/ Frame 0C8C 42 KB
43 KB 11ms
10ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1128989708741169152/OxmZzafX?format=jpg&name=600x314

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A4) /

Resource Hash

3a0a8909905f7eac1a61a25a880ffe4543cb81d316dd14f1aa66815e549e2a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 43358
x-response-time: 167
surrogate-key: card_img card_img/bucket/5 card_img/1128989708741169152
last-modified: Thu, 16 May 2019 11:42:56 GMT
server: ECS (fcn/41A4)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a4c51cc4adb7e7b085aa4d74ca4d9859
accept-ranges: bytes

GET
H2 200 QSuIwEfI
pbs.twimg.com/card_img/1127141766233067521/ Frame 0C8C 41 KB
41 KB 17ms
12ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1127141766233067521/QSuIwEfI?format=jpg&name=600x314

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D8) /

Resource Hash

7ecf2b45474fc1bd66ad15486463d2f546736e7836834d479a3bc437681d5dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:17 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 42111
x-response-time: 161
surrogate-key: card_img card_img/bucket/3 card_img/1127141766233067521
last-modified: Sat, 11 May 2019 09:19:53 GMT
server: ECS (fcn/40D8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5c960e759376847c04ec1be822505372
accept-ranges: bytes

GET
H2 200 3DmTvKF6
pbs.twimg.com/card_img/1128563002842787841/ Frame 0C8C 21 KB
21 KB 17ms
14ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1128563002842787841/3DmTvKF6?format=jpg&name=600x314

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A4) /

Resource Hash

af2d3257fdfaa92e4cfce8cd586ebe9b498914a911604c2445815142f67a8cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 21842
x-response-time: 164
surrogate-key: card_img card_img/bucket/3 card_img/1128563002842787841
last-modified: Wed, 15 May 2019 07:27:22 GMT
server: ECS (fcn/41A4)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5aca5ebc27f434a5f804d881a73292e0
accept-ranges: bytes

GET
H2 200 yCOycjCh
pbs.twimg.com/card_img/1128576990301175808/ Frame 0C8C 24 KB
24 KB 16ms
13ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1128576990301175808/yCOycjCh?format=jpg&name=600x314

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40B5) /

Resource Hash

465081b059f66faf1ed952743301cfdd0cf12c342f5649705c05c1f4e68b1091

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 24088
x-response-time: 164
surrogate-key: card_img card_img/bucket/7 card_img/1128576990301175808
last-modified: Wed, 15 May 2019 08:22:57 GMT
server: ECS (fcn/40B5)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a5e936babd73bb76e0fc679a5489aac7
accept-ranges: bytes

GET
H2 200 if2snGgH
pbs.twimg.com/card_img/1127906122860462080/ Frame 0C8C 21 KB
21 KB 16ms
13ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1127906122860462080/if2snGgH?format=jpg&name=600x314

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418F) /

Resource Hash

af2d3257fdfaa92e4cfce8cd586ebe9b498914a911604c2445815142f67a8cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 21842
x-response-time: 265
surrogate-key: card_img card_img/bucket/3 card_img/1127906122860462080
last-modified: Mon, 13 May 2019 11:57:09 GMT
server: ECS (fcn/418F)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4b38cc45e65289ab74cb51f0797d1d56
accept-ranges: bytes

GET
H2 200 ByNDAqWf
pbs.twimg.com/card_img/1128231437121904646/ Frame 0C8C 20 KB
20 KB 16ms
14ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1128231437121904646/ByNDAqWf?format=jpg&name=600x314

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DF) /

Resource Hash

e4b0960248a1159225de5be1ae828eea6a18fe79e40ce9385d3450d3eb879bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 20212
x-response-time: 139
surrogate-key: card_img card_img/bucket/3 card_img/1128231437121904646
last-modified: Tue, 14 May 2019 09:29:50 GMT
server: ECS (fcn/40DF)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ec68f5a122cb32f399d149408ae269e2
accept-ranges: bytes

GET
H/1.1 200
OK timeline.a28c81a0749466df66438c06af00639d.dark.ltr.css
platform.twitter.com/css/ Frame 0C8C 55 KB
13 KB 7ms
7ms Stylesheet
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.a28c81a0749466df66438c06af00639d.dark.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4189) /
Resource Hash: 878001af03bacbecc479a0d0f54a7a76e2af82097fde9565378a3a1fed14e67a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 20 May 2019 06:05:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 May 2019 16:54:36 GMT
Server: ECS (fcn/4189)
Etag: "31bab1615e488674683ae9637526e56d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12557

GET
H/1.1 200
OK timeline.a28c81a0749466df66438c06af00639d.dark.ltr.css
platform.twitter.com/css/ 55 KB
55 KB 14ms
13ms Image
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.a28c81a0749466df66438c06af00639d.dark.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4189) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 20 May 2019 06:05:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 May 2019 16:54:36 GMT
Server: ECS (fcn/4189)
Etag: "31bab1615e488674683ae9637526e56d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12557

GET
H2 200 oPDfDea_
pbs.twimg.com/card_img/1129054808214855680/ Frame 0C8C 8 KB
8 KB 15ms
14ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1129054808214855680/oPDfDea_?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ef2fecba8465ec0ef7967553ca4bee54.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

0e43d949cc9d097b10ab0e2023fd0048bc61ab08fd4a49b175c3a9795a8d534b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 8044
x-response-time: 144
surrogate-key: card_img card_img/bucket/3 card_img/1129054808214855680
last-modified: Thu, 16 May 2019 16:01:37 GMT
server: ECS (fcn/41A3)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a8ef2c62a55f011595cca42d55c5b42a
accept-ranges: bytes

GET
H2 200 udQOxrJ4
pbs.twimg.com/card_img/1129550530647351296/ Frame 0C8C 27 KB
27 KB 15ms
13ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1129550530647351296/udQOxrJ4?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ef2fecba8465ec0ef7967553ca4bee54.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/419A) /

Resource Hash

d13f976b1565b8880e8dd6aece6adabb4b8335efd510f01e785d22fc936dc475

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 27165
x-response-time: 147
surrogate-key: card_img card_img/bucket/6 card_img/1129550530647351296
last-modified: Sat, 18 May 2019 00:51:27 GMT
server: ECS (fcn/419A)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: be31cfd314a807145d4035a3d9cfebbe
accept-ranges: bytes

GET
H2 200 XkRTVF6G
pbs.twimg.com/card_img/1129113403618930689/ Frame 0C8C 16 KB
16 KB 15ms
13ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1129113403618930689/XkRTVF6G?format=png&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ef2fecba8465ec0ef7967553ca4bee54.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E7) /

Resource Hash

5e999f56ce3dff6f2a8c270945b3731ef9952f3dcd8a6e7f96638b4147536df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 16126
x-response-time: 145
surrogate-key: card_img card_img/bucket/3 card_img/1129113403618930689
last-modified: Thu, 16 May 2019 19:54:27 GMT
server: ECS (fcn/40E7)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3f36a2832e8469326c2dce5790c8968f
accept-ranges: bytes

GET
H2 200 nz3GE7Xf
pbs.twimg.com/card_img/1130041133659230208/ Frame 0C8C 27 KB
27 KB 16ms
14ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1130041133659230208/nz3GE7Xf?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ef2fecba8465ec0ef7967553ca4bee54.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A1) /

Resource Hash

ad55d4d85cf1d3095c979df3ba2f11d2339795b207dadef0e653305b0cfd6d89

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:24 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 27417
x-response-time: 154
surrogate-key: card_img card_img/bucket/4 card_img/1130041133659230208
last-modified: Sun, 19 May 2019 09:20:56 GMT
server: ECS (fcn/41A1)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8e0e5338a56fefe985dc1eeed15d5a97
accept-ranges: bytes

GET
H2 200 xgEsQw0u
pbs.twimg.com/card_img/1129327766267138048/ Frame 0C8C 32 KB
32 KB 15ms
14ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1129327766267138048/xgEsQw0u?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ef2fecba8465ec0ef7967553ca4bee54.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A7) /

Resource Hash

2523a5e845b5461728028e569a070773e480daf46d55859e8d4e22d40a31d5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 32267
x-response-time: 150
surrogate-key: card_img card_img/bucket/5 card_img/1129327766267138048
last-modified: Fri, 17 May 2019 10:06:16 GMT
server: ECS (fcn/41A7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: da0e867ae33680740f45d9a9ddd635bf
accept-ranges: bytes

GET
H2 200 Nc6XhQ_P
pbs.twimg.com/card_img/1129387539817783297/ Frame 0C8C 23 KB
23 KB 15ms
15ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1129387539817783297/Nc6XhQ_P?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ef2fecba8465ec0ef7967553ca4bee54.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

3a63061edc5ec0e79fa4df153884b6a4bb8acaa0ba3697ed4e3389ef21865a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 23834
x-response-time: 145
surrogate-key: card_img card_img/bucket/2 card_img/1129387539817783297
last-modified: Fri, 17 May 2019 14:03:47 GMT
server: ECS (fcn/41A3)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3c4a8a9bc2898a8a519d01cb3b1bcd1f
accept-ranges: bytes

GET
H2 200 Zmdgyg1J_normal.png
pbs.twimg.com/profile_images/552708941537218560/ Frame 0C8C 5 KB
5 KB 42ms
42ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/552708941537218560/Zmdgyg1J_normal.png

Requested by

Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40AE) /

Resource Hash

3b5d48f137a314ff5d9236b5c5f5ee03c5b8511ce305ede49fa01290041317d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 5151
x-response-time: 134
surrogate-key: profile_images profile_images/bucket/0 profile_images/552708941537218560
last-modified: Wed, 07 Jan 2015 06:08:55 GMT
server: ECS (fcn/40AE)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cff9ba8911efc16d7d86fc357eae5c78
accept-ranges: bytes

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 0C8C 44 KB
7 KB 34ms
6ms Stylesheet
text/css 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 45170
x-cache: HIT
status: 200
strict-transport-security: max-age=631138519
content-length: 6839
x-response-time: 22
surrogate-key: tfw
last-modified: Fri, 25 Jan 2019 15:01:44 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-connection-hash: edec633916272eb40f426e37d093e363
accept-ranges: bytes
expires: Mon, 27 May 2019 06:05:28 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 38ms
11ms Image
text/css 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 45170
x-cache: HIT
status: 200
strict-transport-security: max-age=631138519
content-length: 6839
x-response-time: 22
surrogate-key: tfw
last-modified: Fri, 25 Jan 2019 15:01:44 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-connection-hash: edec633916272eb40f426e37d093e363
accept-ranges: bytes
expires: Mon, 27 May 2019 06:05:28 GMT

GET
DATA 200
OK truncated
/ Frame 0C8C 707 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0C8C 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7617ed30b8adef52b9e11ad72dd08abec0947acf8a609e599093efa9f83b28af

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0C8C 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d67cbe62c3c2c50fa3af647e3f7910c28a9927aeca37463ae28ffff9a240376d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0C8C 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46448909ce97ba850c6c0753a47bba758da621333b0fa3a11931a396a8bac43e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 websiteTriggerIframe
ece88010.infusionsoft.app/app/webTracking/ Frame D87B 0
0 422ms
214ms Document
text/html 35.241.35.127
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ece88010.infusionsoft.app/app/webTracking/websiteTriggerIframe

Requested by

Host: ece88010.infusionsoft.com
URL: https://ece88010.infusionsoft.com/app/webTracking/getTrackingCode

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.241.35.127 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

127.35.241.35.bc.googleusercontent.com

Software

Apache-Coyote /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: ece88010.infusionsoft.app
:scheme: https
:path: /app/webTracking/websiteTriggerIframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Response headers

status: 200
pragma: no-cache
cache-control: no-cache, no-store
expires: Mon, 20 May 2019 06:05:28 GMT
set-cookie: JSESSIONID=BE41A5B9EFE72DD433E20A35694C8239; Path=/; Secure; HttpOnly GCLB=CM6-n7qohJOVgQE; path=/; HttpOnly
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-type: text/html;charset=UTF-8
content-language: en-US
content-encoding: gzip
vary: Accept-Encoding
date: Mon, 20 May 2019 06:05:27 GMT
server: Apache-Coyote
via: 1.1 google
alt-svc: clear

GET
H2 200 oPDfDea_
pbs.twimg.com/card_img/1129054808214855680/ Frame 0C8C 8 KB
8 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1129054808214855680/oPDfDea_?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

0e43d949cc9d097b10ab0e2023fd0048bc61ab08fd4a49b175c3a9795a8d534b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 8044
x-response-time: 144
surrogate-key: card_img card_img/bucket/3 card_img/1129054808214855680
last-modified: Thu, 16 May 2019 16:01:37 GMT
server: ECS (fcn/41A3)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a8ef2c62a55f011595cca42d55c5b42a
accept-ranges: bytes

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 32 KB
11 KB 143ms
41ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6d73aa32774fb131ebbc1faf3f931aaf66e998f808757cbafbcc737f8d769580

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: klCMkkZ2KrP23WENoyTfE8xH3JcQw64E
Content-Encoding: gzip
x-amz-request-id: 633033B8B971D9BC
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Mon, 20 May 2019 06:05:28 GMT
Connection: keep-alive
Content-Length: 10245
x-amz-id-2: 1WDcDYLqgLLBuCc8jcK6giWVQv0AB7uI7jsdRvXLSscuiVwNzFOig5fr6wrWk+/R8QMfDK6C6xE=
Last-Modified: Thu, 16 May 2019 21:22:08 GMT
Server: AmazonS3
ETag: "a75c16aa500b21e32e06699919372ec4"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 udQOxrJ4
pbs.twimg.com/card_img/1129550530647351296/ Frame 0C8C 27 KB
27 KB 9ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1129550530647351296/udQOxrJ4?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/419A) /

Resource Hash

d13f976b1565b8880e8dd6aece6adabb4b8335efd510f01e785d22fc936dc475

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 27165
x-response-time: 147
surrogate-key: card_img card_img/bucket/6 card_img/1129550530647351296
last-modified: Sat, 18 May 2019 00:51:27 GMT
server: ECS (fcn/419A)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: be31cfd314a807145d4035a3d9cfebbe
accept-ranges: bytes

GET
H2 200 gdpr-penalties.png
www.hipaajournal.com/wp-content/uploads/2018/06/ 267 KB
267 KB 122ms
122ms Image
image/png 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hipaajournal.com/wp-content/uploads/2018/06/gdpr-penalties.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: 539fdfbdc2342c0cbbc0a476d10768faafa71dafb9e47f7e652edb608629777f

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
last-modified: Sat, 14 Jul 2018 21:02:58 GMT
server: nginx
etag: "5b4a6502-42b77"
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 273271
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 spufont.woff
www.hipaajournal.com/wp-content/plugins/popups/public/assets/fonts/ 4 KB
4 KB 236ms
235ms Font
application/font-woff 64.91.246.83
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hipaajournal.com/wp-content/plugins/popups/public/assets/fonts/spufont.woff?sze5my
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.91.246.83 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: nginx /
Resource Hash: f977bbfe60485a85dd1622f29685463298de1e22044826895f1b631c1ac3de16

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.hipaajournal.com/wp-content/plugins/popups/public/assets/css/public.css?ver=1.9.3.6
Origin: https://www.hipaajournal.com

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
last-modified: Sat, 04 May 2019 05:39:14 GMT
server: nginx
etag: "5ccd2582-1090"
content-type: application/font-woff
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4240
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 XkRTVF6G
pbs.twimg.com/card_img/1129113403618930689/ Frame 0C8C 16 KB
16 KB 7ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1129113403618930689/XkRTVF6G?format=png&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E7) /

Resource Hash

5e999f56ce3dff6f2a8c270945b3731ef9952f3dcd8a6e7f96638b4147536df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 16126
x-response-time: 145
surrogate-key: card_img card_img/bucket/3 card_img/1129113403618930689
last-modified: Thu, 16 May 2019 19:54:27 GMT
server: ECS (fcn/40E7)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3f36a2832e8469326c2dce5790c8968f
accept-ranges: bytes

GET
H2 200 nz3GE7Xf
pbs.twimg.com/card_img/1130041133659230208/ Frame 0C8C 27 KB
27 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1130041133659230208/nz3GE7Xf?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A1) /

Resource Hash

ad55d4d85cf1d3095c979df3ba2f11d2339795b207dadef0e653305b0cfd6d89

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:24 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 27417
x-response-time: 154
surrogate-key: card_img card_img/bucket/4 card_img/1130041133659230208
last-modified: Sun, 19 May 2019 09:20:56 GMT
server: ECS (fcn/41A1)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8e0e5338a56fefe985dc1eeed15d5a97
accept-ranges: bytes

GET
H2 200 xgEsQw0u
pbs.twimg.com/card_img/1129327766267138048/ Frame 0C8C 32 KB
32 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1129327766267138048/xgEsQw0u?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A7) /

Resource Hash

2523a5e845b5461728028e569a070773e480daf46d55859e8d4e22d40a31d5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 32267
x-response-time: 150
surrogate-key: card_img card_img/bucket/5 card_img/1129327766267138048
last-modified: Fri, 17 May 2019 10:06:16 GMT
server: ECS (fcn/41A7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: da0e867ae33680740f45d9a9ddd635bf
accept-ranges: bytes

GET
H2 200 Nc6XhQ_P
pbs.twimg.com/card_img/1129387539817783297/ Frame 0C8C 23 KB
23 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1129387539817783297/Nc6XhQ_P?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

3a63061edc5ec0e79fa4df153884b6a4bb8acaa0ba3697ed4e3389ef21865a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 23834
x-response-time: 145
surrogate-key: card_img card_img/bucket/2 card_img/1129387539817783297
last-modified: Fri, 17 May 2019 14:03:47 GMT
server: ECS (fcn/41A3)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3c4a8a9bc2898a8a519d01cb3b1bcd1f
accept-ranges: bytes

POST
H2 200 /
www.facebook.com/tr/ Frame 913E 0
0 6ms
6ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 5895
pragma: no-cache
cache-control: no-cache
origin: https://www.hipaajournal.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
accept-encoding: gzip, deflate, br
cookie: fr=0SNFGsmtWsJl3iBSe..Bc4kOn...1.0.Bc4kOn.
Origin: https://www.hipaajournal.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://www.hipaajournal.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
server: proxygen-bolt
date: Mon, 20 May 2019 06:05:28 GMT

GET
H2 200 Z5dHif7B
pbs.twimg.com/card_img/1128652022033440768/ Frame 0C8C 23 KB
24 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1128652022033440768/Z5dHif7B?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40FD) /

Resource Hash

056ffb1f4ae28157b6a1e534673d7568d909cd8cfe7505abf9d867dafaef2237

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:35 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 24026
x-response-time: 166
surrogate-key: card_img card_img/bucket/2 card_img/1128652022033440768
last-modified: Wed, 15 May 2019 13:21:06 GMT
server: ECS (fcn/40FD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 714177a83212da4de2322ee9c9f544fa
accept-ranges: bytes

GET
H2 200 it8YskY7
pbs.twimg.com/card_img/1129092177517322241/ Frame 0C8C 37 KB
37 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1129092177517322241/it8YskY7?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

e192d49afadf0333c4889a5e74f4138bb96374ecbe128cb9d7360d3f1874da34

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 38235
x-response-time: 151
surrogate-key: card_img card_img/bucket/4 card_img/1129092177517322241
last-modified: Thu, 16 May 2019 18:30:07 GMT
server: ECS (fcn/41A3)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cbec88e4864347c4cde0a16570d4c96b
accept-ranges: bytes

GET
H2 200 UjRByh8x
pbs.twimg.com/card_img/1126782385838858241/ Frame 0C8C 15 KB
15 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1126782385838858241/UjRByh8x?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40FC) /

Resource Hash

b24bd6f31bb109cd0bee656ee8dbe864929355b48d7dad12d4effaebd81fbf1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 15238
x-response-time: 268
surrogate-key: card_img card_img/bucket/8 card_img/1126782385838858241
last-modified: Fri, 10 May 2019 09:31:50 GMT
server: ECS (fcn/40FC)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 233efd32342e83d370512c137a36d2fe
accept-ranges: bytes

GET
H2 200 nY_NKTsQ
pbs.twimg.com/card_img/1128143757654806529/ Frame 0C8C 17 KB
17 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1128143757654806529/nY_NKTsQ?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D9) /

Resource Hash

520426481473705a618661192d653ea7882924c43e8dfad53e21531fbea30972

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 16994
x-response-time: 164
surrogate-key: card_img card_img/bucket/6 card_img/1128143757654806529
last-modified: Tue, 14 May 2019 03:41:26 GMT
server: ECS (fcn/40D9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d3c33d90cf46385872b63fc065d16aa1
accept-ranges: bytes

GET
H/1.1 200
OK LTHV47DMHVARJMNMZJ3YUN Show response
d.adroll.com/consent/check/ 40 B
476 B 174ms
40ms Script
application/javascript 54.228.197.102
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/LTHV47DMHVARJMNMZJ3YUN?_s=8f9d7e9d58ce488c13c7e1d31054e16e
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.197.102 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-197-102.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: 867bd168728faba904fe15de941932d1d7537130b0edb918970901435cf39929

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 May 2019 06:05:28 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 40

GET
H2 200 oTf0mKUk
pbs.twimg.com/card_img/1128847476365115393/ Frame 0C8C 61 KB
61 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1128847476365115393/oTf0mKUk?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A8) /

Resource Hash

076c74c651a686ede87400456155fe618aff27e7756778a5c2b8df083ce48e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 62189
x-response-time: 154
surrogate-key: card_img card_img/bucket/2 card_img/1128847476365115393
last-modified: Thu, 16 May 2019 02:17:45 GMT
server: ECS (fcn/41A8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7e13c3c8a8345ea225655734430e094a
accept-ranges: bytes

GET
H2 200 OxmZzafX
pbs.twimg.com/card_img/1128989708741169152/ Frame 0C8C 42 KB
43 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1128989708741169152/OxmZzafX?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A4) /

Resource Hash

3a0a8909905f7eac1a61a25a880ffe4543cb81d316dd14f1aa66815e549e2a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 43358
x-response-time: 167
surrogate-key: card_img card_img/bucket/5 card_img/1128989708741169152
last-modified: Thu, 16 May 2019 11:42:56 GMT
server: ECS (fcn/41A4)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a4c51cc4adb7e7b085aa4d74ca4d9859
accept-ranges: bytes

GET
H2 200 QSuIwEfI
pbs.twimg.com/card_img/1127141766233067521/ Frame 0C8C 41 KB
41 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1127141766233067521/QSuIwEfI?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D8) /

Resource Hash

7ecf2b45474fc1bd66ad15486463d2f546736e7836834d479a3bc437681d5dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:18 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 42111
x-response-time: 161
surrogate-key: card_img card_img/bucket/3 card_img/1127141766233067521
last-modified: Sat, 11 May 2019 09:19:53 GMT
server: ECS (fcn/40D8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5c960e759376847c04ec1be822505372
accept-ranges: bytes

GET
H2 200 3DmTvKF6
pbs.twimg.com/card_img/1128563002842787841/ Frame 0C8C 21 KB
21 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1128563002842787841/3DmTvKF6?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A4) /

Resource Hash

af2d3257fdfaa92e4cfce8cd586ebe9b498914a911604c2445815142f67a8cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 21842
x-response-time: 164
surrogate-key: card_img card_img/bucket/3 card_img/1128563002842787841
last-modified: Wed, 15 May 2019 07:27:22 GMT
server: ECS (fcn/41A4)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5aca5ebc27f434a5f804d881a73292e0
accept-ranges: bytes

GET
H2 200 yCOycjCh
pbs.twimg.com/card_img/1128576990301175808/ Frame 0C8C 24 KB
24 KB 8ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1128576990301175808/yCOycjCh?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40B5) /

Resource Hash

465081b059f66faf1ed952743301cfdd0cf12c342f5649705c05c1f4e68b1091

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 24088
x-response-time: 164
surrogate-key: card_img card_img/bucket/7 card_img/1128576990301175808
last-modified: Wed, 15 May 2019 08:22:57 GMT
server: ECS (fcn/40B5)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a5e936babd73bb76e0fc679a5489aac7
accept-ranges: bytes

GET
H2 200 if2snGgH
pbs.twimg.com/card_img/1127906122860462080/ Frame 0C8C 21 KB
22 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1127906122860462080/if2snGgH?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418F) /

Resource Hash

af2d3257fdfaa92e4cfce8cd586ebe9b498914a911604c2445815142f67a8cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 21842
x-response-time: 265
surrogate-key: card_img card_img/bucket/3 card_img/1127906122860462080
last-modified: Mon, 13 May 2019 11:57:09 GMT
server: ECS (fcn/418F)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4b38cc45e65289ab74cb51f0797d1d56
accept-ranges: bytes

GET
H2 200 ByNDAqWf
pbs.twimg.com/card_img/1128231437121904646/ Frame 0C8C 20 KB
20 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1128231437121904646/ByNDAqWf?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DF) /

Resource Hash

e4b0960248a1159225de5be1ae828eea6a18fe79e40ce9385d3450d3eb879bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 20212
x-response-time: 139
surrogate-key: card_img card_img/bucket/3 card_img/1128231437121904646
last-modified: Tue, 14 May 2019 09:29:50 GMT
server: ECS (fcn/40DF)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ec68f5a122cb32f399d149408ae269e2
accept-ranges: bytes

GET
H/1.1

200
OK

PNCJMFMN35EA3FLQST54I7.js Show response
s.adroll.com/pixel/LTHV47DMHVARJMNMZJ3YUN/ACDEF2AO4BEFTLBNC4PX4V/
Redirect Chain

https://d.adroll.com/pixel/LTHV47DMHVARJMNMZJ3YUN/ACDEF2AO4BEFTLBNC4PX4V?adroll_fpc=cc48e152b1a0f11e3855013d81a169d2-1558332328519&pv=90889502952.11028&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2...
https://s.adroll.com/pixel/LTHV47DMHVARJMNMZJ3YUN/ACDEF2AO4BEFTLBNC4PX4V/PNCJMFMN35EA3FLQST54I7.js

5 KB
2 KB

245ms
244ms

Script
text/javascript

2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/LTHV47DMHVARJMNMZJ3YUN/ACDEF2AO4BEFTLBNC4PX4V/PNCJMFMN35EA3FLQST54I7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 69d17a214ac53fd4800e2ce3e9d911ea6c66e11164da4cae20220a7bea64a956

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: Q3JRVVABQ.7siG6lMV6NWFQBkV35Qt_v
Content-Encoding: gzip
x-amz-request-id: 875ADC48ABF9E78C
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Mon, 20 May 2019 06:05:28 GMT
Connection: keep-alive
Content-Length: 1427
x-amz-id-2: 22pxX0QPfK0LyOdi8ZpSdCcBKOQlatGUC9oK0B54+kX+7qh1UWrw4sk4LmVrlOY+M+R+ZunCAbU=
Last-Modified: Tue, 23 Apr 2019 18:17:11 GMT
Server: AmazonS3
ETag: "0afe70b3cd26a407d2ad931c3ead4d80"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Mon, 20 May 2019 06:05:28 GMT
X-Segment-Display-Name
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
X-Conversion-Value: 0.0
Server: nginx/1.14.1
X-Rule: *
X-Segment-Eid: PNCJMFMN35EA3FLQST54I7
Location: https://s.adroll.com/pixel/LTHV47DMHVARJMNMZJ3YUN/ACDEF2AO4BEFTLBNC4PX4V/PNCJMFMN35EA3FLQST54I7.js
Cache-Control: no-store, no-cache, must-revalidate
X-Pixel-Eid: ACDEF2AO4BEFTLBNC4PX4V
X-Segment-Name: *
X-Advertisable-Eid: LTHV47DMHVARJMNMZJ3YUN
X-Conversion-Currency

GET
H2

200

spacer.gif
ece88010.infusionsoft.app/slices/
Redirect Chain

https://ece88010.infusionsoft.app/app/webTracking/contact/1558332327816?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=www.hipaajournal.com&location=https://www.hipaajourn...
https://ece88010.infusionsoft.app/slices/spacer.gif

43 B
236 B

158ms
157ms

Image
image/gif

35.241.35.127
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ece88010.infusionsoft.app/slices/spacer.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.241.35.127 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

127.35.241.35.bc.googleusercontent.com

Software

Apache-Coyote /

Resource Hash

89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: clear
x-xss-protection: 1; mode=block
last-modified: Sat, 18 May 2019 01:06:46 GMT
server: Apache-Coyote
date: Mon, 20 May 2019 06:05:27 GMT
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=UTF-8
via: 1.1 google
vary: Accept-Encoding
etag: W/"43-1558141606000"
accept-ranges: bytes
expires: Tue, 19 May 2020 11:05:28 GMT

Redirect headers

pragma: no-cache, no-cache
strict-transport-security: max-age=31536000;includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: clear
server: Apache-Coyote
date: Mon, 20 May 2019 06:05:27 GMT
location: /slices/spacer.gif
status: 302
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, no-cache, no-store
vary: Accept-Encoding
via: 1.1 google
expires: Mon, 20 May 2019 06:05:28 GMT, -1

GET
H2 200 578418169177004 Show response
connect.facebook.net/signals/config/ 207 KB
55 KB 72ms
72ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/578418169177004?v=2.8.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

2475c91cb979a8be0716058ed7eac3b50cff4e38f8575c042fb85e7da75f21b7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: AR9e9GMt+eV8Sa50ivAXYoI6irJNV9gPAqV/v+Ir3LUeWliNlSsMqV7OnLBzRQNUKtW+V5Mk4g1rgQhQpk83Xw==
date: Mon, 20 May 2019 06:05:28 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

sync
pixel.advertising.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?advertisable=LTHV47DMHVARJMNMZJ3YUN
https://pixel.advertising.com/ups/55980/sync?uid=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

0
298 B

20ms
19ms

Image
text/plain

54.93.132.148
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.advertising.com/ups/55980/sync?uid=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.132.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-93-132-148.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Mon, 20 May 2019 06:05:28 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Mon, 20 May 2019 06:05:28 GMT
content-length: 0
location: https://pixel.advertising.com/ups/55980/sync?uid=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?advertisable=LTHV47DMHVARJMNMZJ3YUN
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&expiration=1589868328
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&expiration=1589868328&C=1

43 B
898 B

37ms
36ms

Image
image/gif

2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&expiration=1589868328&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 May 2019 06:05:29 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 20 May 2019 06:05:29 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 20 May 2019 06:05:29 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&expiration=1589868328&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Mon, 20 May 2019 06:05:29 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?advertisable=LTHV47DMHVARJMNMZJ3YUN
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&expires=365

42 B
371 B

136ms
26ms

Image
image/gif

213.19.162.90
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.90 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 May 2019 06:05:28 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: DWpk6HUHU143TCowGsuS2w
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 20 May 2019 06:05:28 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&expires=365
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 124

GET
H2

200

pixel
sync.outbrain.com/adroll/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?advertisable=LTHV47DMHVARJMNMZJ3YUN
https://sync.outbrain.com/adroll/pixel?user_id=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE

0
351 B

157ms
139ms

Image
text/plain

151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/adroll/pixel?user_id=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, HHN, Europe1
x-timer: S1558332329.980236,VS0,VE126
date: Mon, 20 May 2019 06:05:29 GMT
x-cache: MISS, MISS
status: 200
accept-ranges: bytes, bytes
backend-ip: 157.52.75.72
x-cache-hits: 0, 0
x-traceid: 7c07ae066c92ee0f12cf0afdb91d7840
content-length: 0
x-served-by: cache-mdw17372-MDW, cache-hhn1520-HHN

Redirect headers

Pragma: no-cache
Date: Mon, 20 May 2019 06:05:28 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://sync.outbrain.com/adroll/pixel?user_id=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 96

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?advertisable=LTHV47DMHVARJMNMZJ3YUN
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
817 B

114ms
23ms

Image
text/html

185.64.189.110
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 May 2019 06:05:29 GMT
X-lat: Pug22046:0:432
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Cache-Control: no-store, no-cache, private
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection: close
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

Pragma: no-cache
Date: Mon, 20 May 2019 06:05:28 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 220

GET
H2

204

/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain

https://d.adroll.com/cm/taboola/out?advertisable=LTHV47DMHVARJMNMZJ3YUN
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE

0
215 B

27ms
21ms

Image
text/plain

151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
via: 1.1 varnish
server: nginx
x-timer: S1558332329.983669,VS0,VE8
x-cache: MISS
status: 204
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn1520-HHN

Redirect headers

Pragma: no-cache
Date: Mon, 20 May 2019 06:05:28 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 111

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?advertisable=LTHV47DMHVARJMNMZJ3YUN
https://eb2.3lift.com/xuid?mid=4714&xuid=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&dongle=c85e&gdpr=1&cmp_cs=

37 B
336 B

18ms
18ms

Image
image/gif

52.29.21.152
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&dongle=c85e&gdpr=1&cmp_cs=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.21.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-29-21-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Mon, 20 May 2019 06:05:29 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 37
content-type: image/gif

Redirect headers

status: 302
date: Mon, 20 May 2019 06:05:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: /xuid?ld=1&mid=4714&xuid=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE&dongle=c85e&gdpr=1&cmp_cs=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

pixel
ads.yahoo.com/
Redirect Chain

https://d.adroll.com/cm/r/out?advertisable=LTHV47DMHVARJMNMZJ3YUN
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_con...

0
341 B

129ms
40ms

Image
text/plain

2a00:1288:110:833::4000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:833::4000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 20 May 2019 06:05:29 GMT
X-Content-Type-Options: nosniff
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

Redirect headers

Pragma: no-cache
Date: Mon, 20 May 2019 06:05:29 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 248

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?advertisable=LTHV47DMHVARJMNMZJ3YUN
https://x.bidswitch.net/sync?dsp_id=44&user_id=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE

43 B
575 B

27ms
27ms

Image
image/gif

18.153.11.18
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.11.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-153-11-18.eu-central-1.compute.amazonaws.com
Software: nginx/1.12.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 20 May 2019 06:05:29 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 43

Redirect headers

Date: Mon, 20 May 2019 06:05:29 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?advertisable=LTHV47DMHVARJMNMZJ3YUN
https://ib.adnxs.com/setuid?entity=172&code=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE

43 B
851 B

57ms
13ms

Image
image/gif

37.252.173.62
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 May 2019 06:05:31 GMT
AN-X-Request-Uuid: ee097ce0-b14d-42a6-bea1-96b817bafae6
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 83.97.23.44; 83.97.23.44; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.164:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 20 May 2019 06:05:29 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ib.adnxs.com/setuid?entity=172&code=ZDg0NWExNzkzNGI4YzZkYWE1Y2MxODQ0YzFhYTdiOGE
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 93

GET
H2

204

377928.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?advertisable=LTHV47DMHVARJMNMZJ3YUN
https://idsync.rlcdn.com/377928.gif?partner_uid=d845a17934b8c6daa5cc1844c1aa7b8a

0
62 B

152ms
120ms

Image
text/plain

34.95.92.78
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=d845a17934b8c6daa5cc1844c1aa7b8a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.92.78 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 78.92.95.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Mon, 20 May 2019 06:05:29 GMT
via: 1.1 google
alt-svc: clear

Redirect headers

Pragma: no-cache
Date: Mon, 20 May 2019 06:05:29 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://idsync.rlcdn.com/377928.gif?partner_uid=d845a17934b8c6daa5cc1844c1aa7b8a
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 86

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?advertisable=LTHV47DMHVARJMNMZJ3YUN
https://us-u.openx.net/w/1.0/sd?id=537103138&val=d845a17934b8c6daa5cc1844c1aa7b8a
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=d845a17934b8c6daa5cc1844c1aa7b8a

43 B
256 B

28ms
28ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=d845a17934b8c6daa5cc1844c1aa7b8a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.139.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 May 2019 06:05:29 GMT
server: OXGW/16.139.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
date: Mon, 20 May 2019 06:05:29 GMT
server: OXGW/16.139.0
content-length: 0
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=d845a17934b8c6daa5cc1844c1aa7b8a
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?advertisable=LTHV47DMHVARJMNMZJ3YUN&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=2EWheTS4xtqlzBhEwap7ig&google_ula=1535926
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=2EWheTS4xtqlzBhEwap7ig&google_ula=1535926&google_tc=
https://d.adroll.com/cm/g/in?google_ula=1535926,0

42 B
510 B

35ms
34ms

Image
image/gif

46.51.181.97
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in?google_ula=1535926,0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.181.97 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-46-51-181-97.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 May 2019 06:05:29 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-Result: g.-1.-1.1535926.0.-1

Redirect headers

pragma: no-cache
date: Mon, 20 May 2019 06:05:29 GMT
server: HTTP server (unknown)
location: https://d.adroll.com/cm/g/in?google_ula=1535926,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 246
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
122 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=578418169177004&ev=PageView&dl=https%3A%2F%2Fwww.hipaajournal.com%2Fphishing-attack-reported-by-verity-healths-st-vincent-medical-center%2F&rl=&if=false&ts=1558332328890&cd[segment_eid]=PNCJMFMN35EA3FLQST54I7&sw=1600&sh=1200&v=2.8.47&r=stable&ec=0&o=29&fbp=fb.1.1558332327762.1857032219&it=1558332327647&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hipaajournal.com/phishing-attack-reported-by-verity-healths-st-vincent-medical-center/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 20 May 2019 06:05:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 20 May 2019 06:05:28 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 2B4D
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

7ms
7ms

Document
text/html

2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/419D) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 20 May 2019 06:05:21 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Wed, 15 May 2019 16:55:40 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/419D)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Mon, 20 May 2019 06:05:29 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Mon, 20 May 2019 06:05:29 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_f
strict-transport-security: max-age=631138519
x-connection-hash: fb0953069e809a338396dacf35fd9102
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 121
x-transaction: 00d6f3f400dabf34
x-tsa-request-body-time: 26
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hipaajournal.com/	1970-01-19 00:52:12	Name: _gat Value: 1
.hipaajournal.com/	1970-01-19 00:53:38	Name: _gid Value: GA1.2.476543342.1558332328
.hipaajournal.com/	1970-01-19 18:23:24	Name: _ga Value: GA1.2.251632259.1558332328
.hipaajournal.com/	1970-01-19 03:01:48	Name: _fbp Value: fb.1.1558332327762.1857032219
www.hipaajournal.com/	1970-01-19 01:35:24	Name: advanced_ads_browser_width Value: 1600

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.hipaajournal.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	info	URL: https://platform.twitter.com/widgets.js(Line 1) Message: You may have been affected by an update to settings in embedded timelines. See https://twittercommunity.com/t/deprecating-widget-settings/102295.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
cdn.syndication.twimg.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
ece88010.infusionsoft.app
ece88010.infusionsoft.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
idsync.rlcdn.com
pbs.twimg.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.wp.com
platform.twitter.com
s.adroll.com
s0.wp.com
simage2.pubmatic.com
stats.wp.com
sync.outbrain.com
syndication.twitter.com
ton.twimg.com
trc.taboola.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.hipaajournal.com
x.bidswitch.net
104.244.42.72
151.101.2.2
172.217.22.34
173.241.240.143
18.153.11.18
185.64.189.110
192.0.76.3
192.0.77.32
2.18.233.40
2.18.234.21
213.19.162.90
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6810:9f6a
2a00:1288:110:833::4000
2a00:1450:4001:808::2003
2a00:1450:4001:816::200e
2a00:1450:4001:824::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.95.92.78
35.241.35.127
37.252.173.62
46.51.181.97
52.29.21.152
54.228.197.102
54.93.132.148
64.91.246.83
056ffb1f4ae28157b6a1e534673d7568d909cd8cfe7505abf9d867dafaef2237
076c74c651a686ede87400456155fe618aff27e7756778a5c2b8df083ce48e56
09d6b809aaa789cddd5f691e42003021eb681cc2e67a864b3d3deb7e55478bd9
0c9324a7ef7c7fa437089705282d0c5bb60e9e50b569fb8f1123cb691af7941e
0e43d949cc9d097b10ab0e2023fd0048bc61ab08fd4a49b175c3a9795a8d534b
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
156a6dfd9a25b183d6af4d65dac0c62fc0b35881354908eabb5b162c2ba8514f
1f15f2d97f062f1de7517c9778c01310aaa18b9080b420272e8875bc01bb0e35
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2357a44ceeeb7d4cade95868044bc246f6361ed45c61a76c5e6368cf8bf00bb2
2475c91cb979a8be0716058ed7eac3b50cff4e38f8575c042fb85e7da75f21b7
2523a5e845b5461728028e569a070773e480daf46d55859e8d4e22d40a31d5c2
270604abfdfd15770df1790c95277046de5adacaed4801ae8ce46367ea97e0b9
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29
37c558263ba695539d83e2b57c33595763d1b7b36e27e4d2b0a654ef00027690
3a0a8909905f7eac1a61a25a880ffe4543cb81d316dd14f1aa66815e549e2a09
3a63061edc5ec0e79fa4df153884b6a4bb8acaa0ba3697ed4e3389ef21865a9c
3a923c50c91e0fb7b1ff0b2806fa088087b441339c15fda5747dcde2eb4ae112
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
3b5d48f137a314ff5d9236b5c5f5ee03c5b8511ce305ede49fa01290041317d3
46448909ce97ba850c6c0753a47bba758da621333b0fa3a11931a396a8bac43e
465081b059f66faf1ed952743301cfdd0cf12c342f5649705c05c1f4e68b1091
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef3ef92cf19e9dd4d888a9b0cb7d022523eb63948e8f9b48ce04bdb7b9e3b69
4f1e3f9c291dba00660eee791dd6fffeac84e7bd4e66aa248792b12632706a77
51f6757186bc2ffd28f2c2aab16b1b86ee001cc5bff18fa322129f3419c41b91
520426481473705a618661192d653ea7882924c43e8dfad53e21531fbea30972
539fdfbdc2342c0cbbc0a476d10768faafa71dafb9e47f7e652edb608629777f
542d7ac98520cc51ffd764d6e590d929e8e38b783a37882729503ef180256554
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5841eb6d1895c740317d98a4cd9e5aeced865f5c50182647401afc3d303367e1
5881b4f2ae1a4f45ae43f7b68d1fde8de01885d0c05ba9e35d135bf21c6d3e8a
5acca27f3097c6da956676a92031f1e21bef065618481ea762de8367ab0c43a1
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5e999f56ce3dff6f2a8c270945b3731ef9952f3dcd8a6e7f96638b4147536df5
630c370a5f7d2bf0aca78f60c8d9430f4537dec75b93182453e366bdd2a0044d
67f34b99750032ddca98f373145cc187098c593fd870681a3418d697362ddb40
68a21402dc8bbd85d41b7bf206a9819d583d6b81f39bb67f744d3c39d8d68d36
6910d34663cc4b0f3d0309c38805e795f8745f73106c96ae1c4d31db83899cdb
6935b2c1940b4f74e22834aa671716c4f1a8f15c581e11fe02e21f4e4bf54cc1
69d17a214ac53fd4800e2ce3e9d911ea6c66e11164da4cae20220a7bea64a956
6d73aa32774fb131ebbc1faf3f931aaf66e998f808757cbafbcc737f8d769580
7024edcdaf0df65faa293f396ddc883b9b2d389f8220903f535ffa10de110f06
72c186e3649c620aa209d95bbebb9f34568298786662eeb639a25233f921c9cb
7617ed30b8adef52b9e11ad72dd08abec0947acf8a609e599093efa9f83b28af
7975fa7bd4d959cba0a0c34761d5fc5bd7175bd84df61a2a3efb32605bb188ed
7a215beed25ae1a7e058c584bb780e6f3f7ffad9923733f46eabe2c77905b2ed
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
7e0923903d8152c3f779a2512c1df0d311fb9adf9564f7ef87b79b81c0250732
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
7e57efd5c193edff190bda2bbb8426ce1488c24e96df5a22e0a55de6608febfe
7ecf2b45474fc1bd66ad15486463d2f546736e7836834d479a3bc437681d5dfa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
867bd168728faba904fe15de941932d1d7537130b0edb918970901435cf39929
878001af03bacbecc479a0d0f54a7a76e2af82097fde9565378a3a1fed14e67a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f
8dfa5e7ea7c85b7aca59c99a5c7f0b1337fc63fc078823f41ed27daf008341e1
92c35f839d90ea55730d05ce3ea859cb598cd85eb20be3ed55621bb8baa3aa36
9c695acb1fb9e1a8739e6ae5621d41fc1ff3d13bbf370ea9c1fc95e879109890
9e76b47947d1b97c780b6b06e7ff05feebfd7983561576e4733f9029f67a95ad
9f631a420046a8b71ac053be19ba69f97670176a840b2881ce61251b5062143d
a2803d446329723a43797979d31f264939b8e18d1b93727b7b490107da73e5bc
a37d3624086675554078137e1df705b7dd0cae87bf39b588759a94157fdefd73
a459dcece09f81ed33c3ae6c831b3791e0e421b31c532f75e1fa37609c783c70
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756
a75f9e638f8a1de35a8ff9f5d30332f7b771db727504b872831b71f3b5e857f8
abb78e1e0bc2d0b747e8c5131a16b36250411f96a6d0d2bf8f7298ac6e4f07e9
ac588a22069fd96f7979ef0eb66728f0c45d9594c49bea515afe79d229591cdd
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad55d4d85cf1d3095c979df3ba2f11d2339795b207dadef0e653305b0cfd6d89
af2d3257fdfaa92e4cfce8cd586ebe9b498914a911604c2445815142f67a8cc8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24bd6f31bb109cd0bee656ee8dbe864929355b48d7dad12d4effaebd81fbf1d
b4b08107aecca4a4360e146bb81f166921ba7d9b1ba6d7e18db8ced68152f62d
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc462b8920124b34fffa9f466debcfb0e097317ed6b76b73a547ad39c374fe34
bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c
cbe5066888bfd1ccdb3e39d2597f3462e531353c5648fe20d5e6ad3b9801c766
ccdc7c6d47474aab7cab23ad64d7d9422362e340661989b597e14f3aa7324d2c
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
ce7ecc07f7f0f8c44e1a52e071803108b5264846ab20245d7d5a677db55b8cd9
cfe34af05e3edba257d3d7e5ac187d4c515911e3abd7c09d4b2550140ddb9a68
d0ccbc24431f9a7a2b9a06050496031a842f312d7dccdbeb7ca5e68f3b0c5780
d13f976b1565b8880e8dd6aece6adabb4b8335efd510f01e785d22fc936dc475
d634c628955d81fe9375e3fb8b4959179e9adbe2765baa4e0aa4969b7aee6853
d67cbe62c3c2c50fa3af647e3f7910c28a9927aeca37463ae28ffff9a240376d
e119a4547abc45b8e07bd2f7bbd4d58e43a06ac1fc30a11c99948558a2e8fb75
e192d49afadf0333c4889a5e74f4138bb96374ecbe128cb9d7360d3f1874da34
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b0960248a1159225de5be1ae828eea6a18fe79e40ce9385d3450d3eb879bc5
e8fa875a4f8a94f893e168e54c93d7b299da58d43e62d1def500a2844ee9009c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143
f977bbfe60485a85dd1622f29685463298de1e22044826895f1b631c1ac3de16
fa055f2f7c5b735dbbb71954f434aed79925bc00ff2ffbc3ecfc4a790689a723
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
fc2af5b14342362c75a9c19f2ae570ae3a54c0f0f43eddaf3b575252501bbf9c
fd21104dc97db6fc980c0f12ba157f3cc9fddac84dde4367f02f6f9db05c13d6

www.hipaajournal.com Open in urlscan Pro 64.91.246.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

145 Requests

100 %HTTPS

32 %IPv6

25 Domains

31 Subdomains

28 IPs

6 Countries

2088 kBTransfer

3415 kBSize

5 Cookies

9 Outgoing links

Page URL History

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hipaajournal.com Open in urlscan Pro
64.91.246.83 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

100 %
HTTPS

32 %
IPv6

25
Domains

31
Subdomains

28
IPs

6
Countries

2088 kB
Transfer

3415 kB
Size

5
Cookies

145 HTTP transactions
4 data transactions