urlscan.io logo urlscan.io
SecurityTrails logo

www.hipaajournal.com Open in urlscan Pro
172.67.13.62  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Effective URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Submission Tags: 0xscam
Submission: On September 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 9 domains to perform 68 HTTP transactions. The main IP is 172.67.13.62, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hipaajournal.com. The Cisco Umbrella rank of the primary domain is 580594.
TLS certificate: Issued by WE1 on July 25th 2024. Valid for: 3 months.
This is the only time www.hipaajournal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23 172.67.13.62 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
29 104.16.118.43 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2620:1ec:33:1... 8075 (MICROSOFT...)
2 2620:1ec:bdf::40 8075 (MICROSOFT...)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 20.231.53.73 8075 (MICROSOFT...)
68 13
23    172.67.13.62 (United States)

ASN13335 (CLOUDFLARENET, US)
hipaajournal.com
www.hipaajournal.com
2    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:80e::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
29    104.16.118.43 (None, )

ASN13335 (CLOUDFLARENET, US)
ws.zoominfo.com
ws-assets.zoominfo.com
2    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c08::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
3    2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    20.231.53.73 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
q.clarity.ms
Apex Domain
Subdomains		 Transfer
29 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 10891
ws-assets.zoominfo.com — Cisco Umbrella Rank: 34577
45 KB
23 hipaajournal.com
hipaajournal.com — Cisco Umbrella Rank: 577465
www.hipaajournal.com — Cisco Umbrella Rank: 580594
699 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
c.clarity.ms — Cisco Umbrella Rank: 1838
q.clarity.ms — Cisco Umbrella Rank: 8520
29 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 534
c.bing.com — Cisco Umbrella Rank: 341
17 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
td.doubleclick.net — Cisco Umbrella Rank: 481
258 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
215 KB
1 google.com
analytics.google.com — Cisco Umbrella Rank: 238
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
968 B
68 9
Domain Requested by
28 ws.zoominfo.com www.hipaajournal.com
ws-assets.zoominfo.com
22 www.hipaajournal.com www.hipaajournal.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.hipaajournal.com
2 q.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 www.google-analytics.com www.hipaajournal.com
www.google-analytics.com
2 www.googletagmanager.com www.hipaajournal.com
1 c.bing.com 1 redirects
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 ws-assets.zoominfo.com www.hipaajournal.com
1 fonts.googleapis.com www.hipaajournal.com
1 hipaajournal.com 1 redirects
68 15

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
Subject Issuer Validity Valid
hipaajournal.com
WE1		 2024-07-25 -
2024-10-23		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
zoominfo.com
E5		 2024-08-14 -
2024-11-12		 3 months crt.sh
*.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Frame ID: 5A7FC8C8C103D3F7CC71A840236B32A5
Requests: 61 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-PT2PNR2FCR&gacid=980736688.1726232802&gtm=45je49b0v877966664za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1770708367
Frame ID: 90EB64E1EDB689458692D88D4EA7A667
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Email Accounts Compromised at Welcome Health & United Way of Connecticut

Page URL History Show full URLs

  1. https://hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/ HTTP 301
    https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

68
Requests

97 %
HTTPS

69 %
IPv6

9
Domains

15
Subdomains

13
IPs

2
Countries

1026 kB
Transfer

3219 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/ HTTP 301
    https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A7764548F7D14B0AA016A7123CE8293A&RedC=c.clarity.ms&MXFR=1148EEE15AE26AEF37CDFA185EE26468 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A7764548F7D14B0AA016A7123CE8293A&MUID=21718181FA2C68D204E39578FBBE699E

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Redirect Chain
  • https://hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
  • https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
390 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e8cd726ee4a8ac81bebd526b2f4b1dce21b232ad6b8863f466083d2e59f6945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c285b176f6ecbaf-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 13 Sep 2024 13:06:40 GMT
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache-handler
cache-enabler-engine
x-cache-nxaccel
BYPASS
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
8c285b14180dcbaf-LAX
content-type
text/html; charset=UTF-8
date
Fri, 13 Sep 2024 13:06:39 GMT
expires
Fri, 13 Sep 2024 14:06:39 GMT
location
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=31536000
x-cache-nxaccel
BYPASS
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-redirect-by
WordPress
x-xss-protection
1; mode=block
Raleway-Regular.woff2
www.hipaajournal.com/wp-content/themes/Nexus-child/fonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hipaajournal.com/wp-content/themes/Nexus-child/fonts/Raleway-Regular.woff2
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5d667b4b3a608950ea6bdf4a88c0393bffeb9a209f2e65a257a3c6213a5c930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Origin
https://www.hipaajournal.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
age
1169
x-cache-nxaccel
HIT
content-length
64764
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 30 Sep 2021 15:20:40 GMT
server
cloudflare
etag
"fcfc-5cd37fd4c2ce2"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8c285b19fcadcbaf-LAX
opensans-light-webfont.woff2
www.hipaajournal.com/wp-content/themes/Nexus-child/fonts/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hipaajournal.com/wp-content/themes/Nexus-child/fonts/opensans-light-webfont.woff2
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a05452bc7b20ddd019c29e827315e0674d2dceb6e57f90d16339d6c21ce8c76

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Origin
https://www.hipaajournal.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:40 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 09:36:50 GMT
server
cloudflare
age
2190
etag
"45c4-5cd474d89999b"
vary
Accept-Encoding
x-cache-nxaccel
STALE
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8c285b19fcafcbaf-LAX
content-length
17860
bg_sidebar_checklist_btn_hover.png
www.hipaajournal.com/wp-content/themes/Nexus-child/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hipaajournal.com/wp-content/themes/Nexus-child/images/bg_sidebar_checklist_btn_hover.png
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40b3034af4e2a64b6f2f5683dfa0541a0b91ca401cba297b3d78581bc202fdef

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:40 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Jul 2022 13:46:44 GMT
server
cloudflare
age
3700
etag
"233a-5e4149938f949"
vary
Accept-Encoding
x-cache-nxaccel
STALE
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8c285b1e2dbfcbaf-LAX
content-length
9018
autoptimize_7ab84f0a041838f2bed9569ec9b094ef.css
www.hipaajournal.com/wp-content/cache/autoptimize/css/ 		480 KB
83 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hipaajournal.com/wp-content/cache/autoptimize/css/autoptimize_7ab84f0a041838f2bed9569ec9b094ef.css
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a196432841eb124ad2ba6f0c25141614552233563cde65935cdf7f64694f65b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
247522
x-cache-nxaccel
STALE
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 10 Sep 2024 15:59:33 GMT
server
cloudflare
etag
"780f7-621c5f5a19847-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=30672000, immutable
cf-ray
8c285b19fc9ecbaf-LAX
expires
Sun, 31 Aug 2025 16:20:09 GMT
autoptimize_775412dfc2eb5fcf9098cb7929398133.css
www.hipaajournal.com/wp-content/cache/autoptimize/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hipaajournal.com/wp-content/cache/autoptimize/css/autoptimize_775412dfc2eb5fcf9098cb7929398133.css
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
925bc4a7cd362260ffa9d614e85acad31a428ea86734358c44efc2a68ce0b066

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 17 Mar 2024 17:38:43 GMT
server
cloudflare
age
15454627
etag
"3f38-613deb65c7c36-gzip"
vary
Accept-Encoding
x-cache-nxaccel
MISS
content-type
text/css
cache-control
public, max-age=30672000, immutable
accept-ranges
bytes
cf-ray
8c285b19fca3cbaf-LAX
content-length
3596
expires
Sat, 08 Mar 2025 16:09:33 GMT
autoptimize_single_08e7349de6262fbb17ec174da9ad53da.css
www.hipaajournal.com/wp-content/cache/autoptimize/css/ 		134 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hipaajournal.com/wp-content/cache/autoptimize/css/autoptimize_single_08e7349de6262fbb17ec174da9ad53da.css?ver=df599e
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7cb751cd141ccb5087b8dd3e2078e2b69a6a2a16e4b4de564e9dc487e886f21

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 17 Mar 2024 17:38:43 GMT
server
cloudflare
age
15450617
etag
"217b6-613deb65bad2e-gzip"
vary
Accept-Encoding
x-cache-nxaccel
STALE
content-type
text/css
cache-control
public, max-age=30672000, immutable
accept-ranges
bytes
cf-ray
8c285b19fca7cbaf-LAX
content-length
9430
expires
Sat, 08 Mar 2025 17:15:05 GMT
dashicons.min.css
www.hipaajournal.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hipaajournal.com/wp-includes/css/dashicons.min.css?ver=6.6.2
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
4949
x-nocache
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 15 Apr 2021 13:10:10 GMT
server
cloudflare
etag
W/"e688-5c00295438ecc"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=14400
cf-ray
8c285b19fcaacbaf-LAX
autoptimize_single_345a06a10a1ee732931d72b50e617bc0.css
www.hipaajournal.com/wp-content/cache/autoptimize/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hipaajournal.com/wp-content/cache/autoptimize/css/autoptimize_single_345a06a10a1ee732931d72b50e617bc0.css?generated=1725448085&ver=1.19.1
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ddbe24eb448530f00d1d213487e7f1325eb2ce9f12d9d4e63a28180d870ad70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
784426
x-cache-nxaccel
HIT
content-length
3444
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 04 Sep 2024 11:10:17 GMT
server
cloudflare
etag
"494c-621493818ae22-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=30672000, immutable
accept-ranges
bytes
cf-ray
8c285b19fcabcbaf-LAX
expires
Mon, 25 Aug 2025 11:12:27 GMT
jquery.min.js
www.hipaajournal.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hipaajournal.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 20:58:51 GMT
server
cloudflare
age
7023
etag
W/"15601-609963cea3083"
vary
Accept-Encoding
content-type
application/javascript
x-nocache
1
cache-control
max-age=14400
cf-ray
8c285b19fcb0cbaf-LAX
hooks.min.js
www.hipaajournal.com/wp-includes/js/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hipaajournal.com/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Apr 2024 17:29:02 GMT
server
cloudflare
age
7023
etag
W/"10d3-615348f0aaad4"
vary
Accept-Encoding
content-type
application/javascript
x-nocache
1
cache-control
max-age=14400
cf-ray
8c285b19fcb2cbaf-LAX
gtm.js
www.googletagmanager.com/ 		469 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TGLX97F
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5cf246da0a943596888bbafa467e79268981f3f35cf4e7e3d6c33848c5e0f89a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112218
x-xss-protection
0
last-modified
Fri, 13 Sep 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 Sep 2024 13:06:41 GMT
css
fonts.googleapis.com/ 		2 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/wp-content/cache/autoptimize/css/autoptimize_single_345a06a10a1ee732931d72b50e617bc0.css?generated=1725448085&ver=1.19.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c55bb187432531f48be10df58477eb1ab34d4ec4b7aecfb4c179845a5227fcd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hipaajournal.com/wp-content/cache/autoptimize/css/autoptimize_single_345a06a10a1ee732931d72b50e617bc0.css?generated=1725448085&ver=1.19.1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 13 Sep 2024 13:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Sep 2024 11:10:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Sep 2024 13:06:41 GMT
et--customizer-global-17259183308531.min.css
www.hipaajournal.com/wp-content/cache/et/global/ 		141 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hipaajournal.com/wp-content/cache/et/global/et--customizer-global-17259183308531.min.css
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec98107335f3b6b1301d99a9544a0548619b0d2f3f0c1329d7504b00a9e1abc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
3855
x-cache-nxaccel
HIT
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Sep 2024 21:45:30 GMT
server
cloudflare
etag
W/"23495-621b6ad071bce"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=14400
cf-ray
8c285b1d8bdbcbaf-LAX
lazysizes.min.js
www.hipaajournal.com/wp-content/plugins/autoptimize/classes/external/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hipaajournal.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.12
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1169
x-cache-nxaccel
HIT
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 05 Aug 2024 01:42:04 GMT
server
cloudflare
etag
W/"2655-61ee5c8bf95d0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8c285b205a4acbaf-LAX
js
www.googletagmanager.com/gtag/ 		332 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PT2PNR2FCR
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5bc699315a25048a2bbcf4f72e28828fc34d2777ccea41df93e16a0c0b65c1e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107418
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 13 Sep 2024 13:06:41 GMT
autoptimize_d6eca71c99615edf89822ea703c917be.js
www.hipaajournal.com/wp-content/cache/autoptimize/js/ 		423 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hipaajournal.com/wp-content/cache/autoptimize/js/autoptimize_d6eca71c99615edf89822ea703c917be.js
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce2a6756a6460c8fd6bd4096193c96a3585bbf32a29b93a695f8e1921196c0b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
2496954
x-cache-nxaccel
HIT
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 15 Aug 2024 15:30:18 GMT
server
cloudflare
etag
W/"69b25-61fba852be699-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=30672000, immutable
cf-ray
8c285b20aaf6cbaf-LAX
expires
Tue, 05 Aug 2025 15:30:19 GMT
637b9b515fd38781980816b8
ws.zoominfo.com/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/637b9b515fd38781980816b8
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b1fe902406038a5b4529b22bb1d7f178a54012771067ece6b680259ea094c8a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc
h3=":443"; ma=86400
cf-ray
8c285b213cdc15e3-SJC
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d39a7aa67bb7db471cf3a88eedf3c8271a8762a7a5ddd7b524fa36ca4cdf5ac1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cf502a113cb6d40e378c1f8f68c365d5fd3af21c3e7d9e9b666da3f7ae4dcfa

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 13 Sep 2024 11:49:31 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4630
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 13 Sep 2024 13:49:31 GMT
btn.webp
www.hipaajournal.com/wp-content/uploads/2023/01/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hipaajournal.com/wp-content/uploads/2023/01/btn.webp
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a3a4301617a54a1684e392a5c714aa41b8971b19b0f235be654c7c57a732994
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
age
4948
x-cache-nxaccel
BYPASS
content-length
10586
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 24 Jan 2023 11:38:08 GMT
server
cloudflare
etag
"295a-5f300f3268b33"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8c285b211c0bcbaf-LAX
Raleway-SemiBold.woff2
www.hipaajournal.com/wp-content/themes/Nexus-child/fonts/ 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hipaajournal.com/wp-content/themes/Nexus-child/fonts/Raleway-SemiBold.woff2
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/wp-content/cache/autoptimize/css/autoptimize_7ab84f0a041838f2bed9569ec9b094ef.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
180ee44a439191dcc93d9d179dc236226b2d1358b5e2d0f1cd3ac82fad84539c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hipaajournal.com/wp-content/cache/autoptimize/css/autoptimize_7ab84f0a041838f2bed9569ec9b094ef.css
Origin
https://www.hipaajournal.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
age
4948
x-cache-nxaccel
STALE
content-length
67308
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 30 Sep 2021 15:20:40 GMT
server
cloudflare
etag
"106ec-5cd37fd4d55c0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8c285b21cd7ecbaf-LAX
Raleway-Black.woff2
www.hipaajournal.com/wp-content/themes/Nexus-child/fonts/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hipaajournal.com/wp-content/themes/Nexus-child/fonts/Raleway-Black.woff2
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/wp-content/cache/autoptimize/css/autoptimize_7ab84f0a041838f2bed9569ec9b094ef.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18738529ad029ef8f013062ad3c9a074d91375f257d3b539a8ec4404ed81a9cd

Request headers

Referer
https://www.hipaajournal.com/wp-content/cache/autoptimize/css/autoptimize_7ab84f0a041838f2bed9569ec9b094ef.css
Origin
https://www.hipaajournal.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:41 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Sep 2021 15:20:38 GMT
server
cloudflare
age
4948
etag
"f720-5cd37fd2d5a74"
vary
Accept-Encoding
x-cache-nxaccel
STALE
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8c285b21cd7fcbaf-LAX
content-length
63264
formcomplete.js
ws-assets.zoominfo.com/ 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws-assets.zoominfo.com/formcomplete.js
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
age
2177
x-guploader-uploadid
AD-8ljvR4yRDa3huy0oNgmesChEGcyKsiMFEVx8EcbluchxaWHz8v19qBGds8LLEWdsOGr3yg1iPsqWh4A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 May 2024 10:14:37 GMT
server
cloudflare
etag
W/"006455bd44ed289ddcc403d0ecd96ab0"
x-goog-hash
crc32c=p5SAHw==, md5=AGRVvUTtKJ3cxAPQ7NlqsA==
x-goog-generation
1715854477710382
content-type
application/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
91778
cf-ray
8c285b221d7515e3-SJC
expires
Fri, 13 Sep 2024 13:30:24 GMT
the-hipaa-journal.svg
www.hipaajournal.com/wp-content/themes/Nexus-child/images/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hipaajournal.com/wp-content/themes/Nexus-child/images/the-hipaa-journal.svg
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c1edea36231085cb77954de01a654391546c646d37fd92c87429896237c9d57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
4946
x-cache-nxaccel
HIT
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Feb 2023 09:48:06 GMT
server
cloudflare
etag
W/"2f60-5f56f06b500a6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8c285b221e0acbaf-LAX
dip_breaches_1.jpg
www.hipaajournal.com/wp-content/uploads/2024/06/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hipaajournal.com/wp-content/uploads/2024/06/dip_breaches_1.jpg
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0baab39d27dcc08f92d781d2db854a487fa3d3e3f1588edf20a9efde13f230b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-cache-nxaccel
MISS
content-length
96778
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Thu, 20 Jun 2024 09:14:01 GMT
server
cloudflare
etag
"17a0a-61b4ebc58d46f"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8c285b221e0ecbaf-LAX
logo-ro.png
www.hipaajournal.com/wp-content/uploads/2023/02/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hipaajournal.com/wp-content/uploads/2023/02/logo-ro.png
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2131acf510a60fd254d6cc760d58415265028572db5a60ba32c3c69e447cbee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
age
3672
x-cache-nxaccel
MISS
content-length
17495
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Feb 2023 09:52:18 GMT
server
cloudflare
etag
"4457-5f56f15c0c4b4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8c285b221e10cbaf-LAX
admin-ajax.php
www.hipaajournal.com/wp-admin/ 		27 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hipaajournal.com/wp-admin/admin-ajax.php
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb494294561d1b11be41aa16100530711be7969f48359a2bab26878b6d0bfd91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 13 Sep 2024 13:06:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-nocache
1
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.hipaajournal.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
8c285b233881cbaf-LAX
expires
Wed, 11 Jan 1984 05:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=12088074&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hipaajournal.com%2Femail-accounts-compromised-at-welcome-health-united-way-of-connecticut%2F&ul=en-us&de=UTF-8&dt=Email%20Accounts%20Compromised%20at%20Welcome%20Health%20%26%20United%20Way%20of%20Connecticut&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1658676392&gjid=1023308221&cid=980736688.1726232802&tid=UA-57448128-1&_gid=1042594856.1726232802&_r=1&_slc=1&z=22124587
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Sep 2024 13:06:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hipaajournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
getMapping
ws.zoominfo.com/formcomplete-v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=ebdb2415-8ab4-4d7d-a66b-7489baf90904
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_zitok,visitorid
Access-Control-Request-Method
GET
Origin
https://www.hipaajournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin
https://www.hipaajournal.com
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c285b256a236462-SJC
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 13 Sep 2024 13:06:42 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
getMapping
ws.zoominfo.com/formcomplete-v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=472c0c8e-c628-4e10-aadd-47b60b12b96a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_zitok,visitorid
Access-Control-Request-Method
GET
Origin
https://www.hipaajournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin
https://www.hipaajournal.com
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c285b256a256462-SJC
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 13 Sep 2024 13:06:42 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
getMapping
ws.zoominfo.com/formcomplete-v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=fa2af680-7952-4bfd-914d-63bf52b2a867
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_zitok,visitorid
Access-Control-Request-Method
GET
Origin
https://www.hipaajournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin
https://www.hipaajournal.com
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c285b256a246462-SJC
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 13 Sep 2024 13:06:42 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
getMapping
ws.zoominfo.com/formcomplete-v2/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=ebdb2415-8ab4-4d7d-a66b-7489baf90904
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
903bbc6217ed0a35fdc4a9721e619f48d005d0b9c404c1025772910970cd1d0a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
_zitok
visitorId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"11a5-QtB+s3CIzmTesZY0ofYoIw4QNTE"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hipaajournal.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray
8c285b269ff215e3-SJC
getMapping
ws.zoominfo.com/formcomplete-v2/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=472c0c8e-c628-4e10-aadd-47b60b12b96a
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1775c6ce048a6e636cc202ac5aa7fec6b88f3983d9bb436b3a4f4fd37526667e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
_zitok
visitorId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"11a5-j3IED2MURVn4BvVexHiy1QNpeII"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hipaajournal.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray
8c285b26c80f15e3-SJC
getMapping
ws.zoominfo.com/formcomplete-v2/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=fa2af680-7952-4bfd-914d-63bf52b2a867
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
68d7269aa3d305fde66002e814bc977b3abbedcc8f14a6a7d763e6be5ae8b4c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
_zitok
visitorId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"11a5-fZqYd4H/iQ6AItWuE5ymyQUP6Ws"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hipaajournal.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray
8c285b269ff015e3-SJC
getMapping
ws.zoominfo.com/formcomplete-v2/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=8b3c9d9f-f212-4800-9c30-639727950283
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1fe6364594508c610369cf2ab9503e04d8e80a02de29d12acf5a2cfc97fd7aea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
_zitok
visitorId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"121c-BFEthfenswFSDMJ9b0iAkmeovsA"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hipaajournal.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray
8c285b269ff415e3-SJC
getMapping
ws.zoominfo.com/formcomplete-v2/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=f1cc245c-f176-47ab-a666-466d67873358
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b2afdf6d0bab6153a69ab3e07d2e630d394f0f70c4cb3000439af40f7afe493e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
_zitok
visitorId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"11ef-25lKSc7ovV9HHyUodWe0Tbsx5Wc"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hipaajournal.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray
8c285b26b80715e3-SJC
getMapping
ws.zoominfo.com/formcomplete-v2/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=a516ed58-220e-4722-8dcf-826c8ee00a87
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b5f98b4c1c686da66d26c14d71128da17217b1944816329d530836d490850197
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
_zitok
visitorId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"a11-YYoNzdCWHzOUK1SMDNW4Az1kbyQ"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hipaajournal.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray
8c285b26d81415e3-SJC
getMapping
ws.zoominfo.com/formcomplete-v2/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=818a6f99-64eb-463f-ad24-21576a05a682
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2beaf68ce7fc4ae081469d6f13d9cf9ead2a4087349bcb3592c606a20f079ed2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
_zitok
visitorId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"11e3-aT1T5DJT/NdIpW44geeqxwTwD1E"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hipaajournal.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray
8c285b26c81115e3-SJC
getMapping
ws.zoominfo.com/formcomplete-v2/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=6df722b9-2cc6-4502-a7b0-f3c49199b80c
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8fb5215a009756c6b8c3fe20ce4749396ab3a1131fea03027ed45e4db9b14509
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
_zitok
visitorId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"11db-deBaO4ahibMYxfmBkrTZSgujiIU"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hipaajournal.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray
8c285b26d81315e3-SJC
getMapping
ws.zoominfo.com/formcomplete-v2/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=079d1fd0-4994-4fd6-9d2e-2546b6a5d2c3
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
95ee3203e7b71004f387dea14b5c675655ceca4cbaa997a13432c0990110606e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
_zitok
visitorId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"11d9-s8hK8AGS9wIcNo3tmKdwMJMITSs"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hipaajournal.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray
8c285b26c80e15e3-SJC
getMapping
ws.zoominfo.com/formcomplete-v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=8b3c9d9f-f212-4800-9c30-639727950283
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_zitok,visitorid
Access-Control-Request-Method
GET
Origin
https://www.hipaajournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin
https://www.hipaajournal.com
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c285b256a286462-SJC
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 13 Sep 2024 13:06:42 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
getMapping
ws.zoominfo.com/formcomplete-v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=f1cc245c-f176-47ab-a666-466d67873358
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_zitok,visitorid
Access-Control-Request-Method
GET
Origin
https://www.hipaajournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin
https://www.hipaajournal.com
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c285b256a2a6462-SJC
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 13 Sep 2024 13:06:42 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
getMapping
ws.zoominfo.com/formcomplete-v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=a516ed58-220e-4722-8dcf-826c8ee00a87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_zitok,visitorid
Access-Control-Request-Method
GET
Origin
https://www.hipaajournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin
https://www.hipaajournal.com
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c285b256a2f6462-SJC
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 13 Sep 2024 13:06:42 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
getMapping
ws.zoominfo.com/formcomplete-v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=818a6f99-64eb-463f-ad24-21576a05a682
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_zitok,visitorid
Access-Control-Request-Method
GET
Origin
https://www.hipaajournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin
https://www.hipaajournal.com
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c285b256a2c6462-SJC
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 13 Sep 2024 13:06:42 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
getMapping
ws.zoominfo.com/formcomplete-v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=6df722b9-2cc6-4502-a7b0-f3c49199b80c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_zitok,visitorid
Access-Control-Request-Method
GET
Origin
https://www.hipaajournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin
https://www.hipaajournal.com
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c285b256a276462-SJC
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 13 Sep 2024 13:06:42 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
getMapping
ws.zoominfo.com/formcomplete-v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=079d1fd0-4994-4fd6-9d2e-2546b6a5d2c3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_zitok,visitorid
Access-Control-Request-Method
GET
Origin
https://www.hipaajournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin
https://www.hipaajournal.com
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c285b256a2b6462-SJC
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 13 Sep 2024 13:06:42 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-PT2PNR2FCR&gtm=45je49b0v877966664za200&_p=1726232800790&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=980736688.1726232802&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1726232802&sct=1&seg=0&dl=https%3A%2F%2Fwww.hipaajournal.com%2Femail-accounts-compromised-at-welcome-health-united-way-of-connecticut%2F&dt=Email%20Accounts%20Compromised%20at%20Welcome%20Health%20%26%20United%20Way%20of%20Connecticut&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3779
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PT2PNR2FCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Sep 2024 13:06:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hipaajournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PT2PNR2FCR&cid=980736688.1726232802&gtm=45je49b0v877966664za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PT2PNR2FCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Sep 2024 13:06:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hipaajournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rul
td.doubleclick.net/td/ga/ Frame 90EB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-PT2PNR2FCR&gacid=980736688.1726232802&gtm=45je49b0v877966664za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1770708367
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PT2PNR2FCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 13 Sep 2024 13:06:42 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bat.js
bat.bing.com/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGLX97F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
60ed45fe20ede817f77c4e774e77fd9a9a4f4046c67456f1442eac2095918438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 13 Sep 2024 13:06:41 GMT
last-modified
Fri, 06 Sep 2024 21:17:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 370F0A337EDC48CC9E8364E98F1164C2 Ref B: LAX311000109031 Ref C: 2024-09-13T13:06:42Z
etag
"016326a20db1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14305
entitlementCheck
ws.zoominfo.com/formcomplete-v2/ 		18 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/entitlementCheck?formId=fa2af680-7952-4bfd-914d-63bf52b2a867
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1d921f25ecbb79c2d9404e247fdce4e9fe3f8ccecf0f237c5524b5975c62cbea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"12-6lq1h4LOKy3FCGyvW8ncJRrsJDw"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hipaajournal.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
content-length
18
cf-ray
8c285b27c8b215e3-SJC
alt-svc
h3=":443"; ma=86400
entitlementCheck
ws.zoominfo.com/formcomplete-v2/ 		18 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/entitlementCheck?formId=8b3c9d9f-f212-4800-9c30-639727950283
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1d921f25ecbb79c2d9404e247fdce4e9fe3f8ccecf0f237c5524b5975c62cbea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"12-6lq1h4LOKy3FCGyvW8ncJRrsJDw"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hipaajournal.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
content-length
18
cf-ray
8c285b27c8b415e3-SJC
alt-svc
h3=":443"; ma=86400
entitlementCheck
ws.zoominfo.com/formcomplete-v2/ 		18 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/entitlementCheck?formId=ebdb2415-8ab4-4d7d-a66b-7489baf90904
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1d921f25ecbb79c2d9404e247fdce4e9fe3f8ccecf0f237c5524b5975c62cbea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"12-6lq1h4LOKy3FCGyvW8ncJRrsJDw"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hipaajournal.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
content-length
18
cf-ray
8c285b27e8c415e3-SJC
alt-svc
h3=":443"; ma=86400
entitlementCheck
ws.zoominfo.com/formcomplete-v2/ 		18 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/entitlementCheck?formId=f1cc245c-f176-47ab-a666-466d67873358
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1d921f25ecbb79c2d9404e247fdce4e9fe3f8ccecf0f237c5524b5975c62cbea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"12-6lq1h4LOKy3FCGyvW8ncJRrsJDw"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hipaajournal.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
content-length
18
cf-ray
8c285b27e8c515e3-SJC
alt-svc
h3=":443"; ma=86400
entitlementCheck
ws.zoominfo.com/formcomplete-v2/ 		18 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/entitlementCheck?formId=079d1fd0-4994-4fd6-9d2e-2546b6a5d2c3
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1d921f25ecbb79c2d9404e247fdce4e9fe3f8ccecf0f237c5524b5975c62cbea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"12-6lq1h4LOKy3FCGyvW8ncJRrsJDw"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hipaajournal.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
content-length
18
cf-ray
8c285b28291a15e3-SJC
alt-svc
h3=":443"; ma=86400
entitlementCheck
ws.zoominfo.com/formcomplete-v2/ 		18 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/entitlementCheck?formId=818a6f99-64eb-463f-ad24-21576a05a682
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1d921f25ecbb79c2d9404e247fdce4e9fe3f8ccecf0f237c5524b5975c62cbea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"12-6lq1h4LOKy3FCGyvW8ncJRrsJDw"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hipaajournal.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
content-length
18
cf-ray
8c285b28291b15e3-SJC
alt-svc
h3=":443"; ma=86400
entitlementCheck
ws.zoominfo.com/formcomplete-v2/ 		18 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/entitlementCheck?formId=472c0c8e-c628-4e10-aadd-47b60b12b96a
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1d921f25ecbb79c2d9404e247fdce4e9fe3f8ccecf0f237c5524b5975c62cbea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"12-6lq1h4LOKy3FCGyvW8ncJRrsJDw"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hipaajournal.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
content-length
18
cf-ray
8c285b28392315e3-SJC
alt-svc
h3=":443"; ma=86400
entitlementCheck
ws.zoominfo.com/formcomplete-v2/ 		18 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/entitlementCheck?formId=a516ed58-220e-4722-8dcf-826c8ee00a87
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1d921f25ecbb79c2d9404e247fdce4e9fe3f8ccecf0f237c5524b5975c62cbea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"12-6lq1h4LOKy3FCGyvW8ncJRrsJDw"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hipaajournal.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
content-length
18
cf-ray
8c285b28392415e3-SJC
alt-svc
h3=":443"; ma=86400
entitlementCheck
ws.zoominfo.com/formcomplete-v2/ 		18 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/entitlementCheck?formId=6df722b9-2cc6-4502-a7b0-f3c49199b80c
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1d921f25ecbb79c2d9404e247fdce4e9fe3f8ccecf0f237c5524b5975c62cbea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"12-6lq1h4LOKy3FCGyvW8ncJRrsJDw"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hipaajournal.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
content-length
18
cf-ray
8c285b28392515e3-SJC
alt-svc
h3=":443"; ma=86400
343071845.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/343071845.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e06cba1a67af07e8512327f8ee255a0231ceafcd5ddac8d7e9ba973b4ddbefde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Fri, 13 Sep 2024 13:06:42 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 287B226145404DF89C9BD6677053A396 Ref B: LAX311000109031 Ref C: 2024-09-13T13:06:42Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
343071845
www.clarity.ms/tag/uet/ 		816 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/343071845
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/343071845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
00d1fc5eb9518d0a60118b673a9b5070a35bfb90621f44b07a54123ec0fb8db5

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
date
Fri, 13 Sep 2024 13:06:43 GMT
x-azure-ref
20240913T130643Z-1757759d8f6vvk2v8n93p1h0r400000000tg00000000bafg
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
816
expires
-1
0
bat.bing.com/action/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=343071845&tm=gtm002&Ver=2&mid=b2670248-3aef-40ba-afdc-b44369758118&sid=05937b5071d111ef86e5298bc4d4616b&vid=0594fc8071d111ef9e1e4b6e87b3bcd6&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Email%20Accounts%20Compromised%20at%20Welcome%20Health%20%26%20United%20Way%20of%20Connecticut&p=https%3A%2F%2Fwww.hipaajournal.com%2Femail-accounts-compromised-at-welcome-health-united-way-of-connecticut%2F&r=&lt=3254&evt=pageLoad&sv=1&cdb=AQAQ&rn=890800
Requested by
Host: www.hipaajournal.com
URL: https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 13 Sep 2024 13:06:42 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0E7359DF61D9454D97E7DCDF3A031C84 Ref B: LAX311000109031 Ref C: 2024-09-13T13:06:42Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.46/ 		64 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.46/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/343071845
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4ac65dcc5ed84285cfd19c18f2b715a53f07f708f34198aa96ed8b846a78ef58

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:43 GMT
content-encoding
br
last-modified
Thu, 12 Sep 2024 19:33:15 GMT
etag
W/"0x8DCD361BF61C3C9"
vary
Accept-Encoding
x-azure-ref
20240913T130643Z-1757759d8f6vvk2v8n93p1h0r400000000tg00000000bafq
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
2638f4e8-301e-0000-5d88-052edb000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A7764548F7D14B0AA016A7123CE8293A&RedC=c.clarity.ms&MXFR=1148EEE15AE26AEF37CDFA185EE26468
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A7764548F7D14B0AA016A7123CE8293A&MUID=21718181FA2C68D204E39578FBBE699E
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A7764548F7D14B0AA016A7123CE8293A&MUID=21718181FA2C68D204E39578FBBE699E
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Sep 2024 13:06:43 GMT
last-modified
Wed, 14 Aug 2024 17:35:32 GMT
server
Microsoft-IIS/10.0
etag
"bb391b5d70eeda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 13 Sep 2024 13:06:43 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E740FB2EA9BA41E2954193F37CFF13CB Ref B: LAXEDGE1507 Ref C: 2024-09-13T13:06:44Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A7764548F7D14B0AA016A7123CE8293A&MUID=21718181FA2C68D204E39578FBBE699E
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
favicon-144x144-1.png
www.hipaajournal.com/wp-content/uploads/2022/09/ 		6 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.hipaajournal.com/wp-content/uploads/2022/09/favicon-144x144-1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a1e1db1a1ab7a71db18d571de5140b73f18925d9cbc2c3fac51e8fb04f6c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:06:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
age
889
x-cache-nxaccel
STALE
content-length
6224
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 23 Sep 2022 15:02:10 GMT
server
cloudflare
etag
"1850-5e959765ce66f"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8c285b2e38a5cbaf-LAX
collect
q.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.46/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.hipaajournal.com
Date
Fri, 13 Sep 2024 13:06:43 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
collect
q.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.46/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.hipaajournal.com/email-accounts-compromised-at-welcome-health-united-way-of-connecticut/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.hipaajournal.com
Date
Fri, 13 Sep 2024 13:06:44 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
collect
analytics.google.com/g/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics.google.com
URL
https://analytics.google.com/g/collect?v=2&tid=G-PT2PNR2FCR&gtm=45je49b0v877966664z8893198143za200&_p=1726232800790&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=980736688.1726232802&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sid=1726232802&sct=1&seg=0&dl=https%3A%2F%2Fwww.hipaajournal.com%2Femail-accounts-compromised-at-welcome-health-united-way-of-connecticut%2F&dt=Email%20Accounts%20Compromised%20at%20Welcome%20Health%20%26%20United%20Way%20of%20Connecticut&_s=2&tfd=8944

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer string| et_site_url string| et_post_id function| et_core_page_resource_fallback function| advanced_ads_ready object| advanced_ads_ready_queue function| jQuery object| wp object| wppopups_pro_vars object| advads_options object| mc4wp object| lazySizesConfig string| GoogleAnalyticsObject function| ga function| trackOutboundLink function| trackOutboundLinkB function| outboundClick function| outboundClickCG function| submitCgForm function| outboundClickHeader function| submitTrainingForm function| outboundClickCertification function| outboundClickM function| gtag object| wppopups_vars object| hp_filter_js object| et_custom object| pum_vars object| pum_sub_vars object| pum_popups object| megamenu object| et_ptemplates_strings object| wpforms_settings function| getPresentForms object| _zi object| lazySizes object| PUM object| PUM_Accessibility object| PUM_Analytics function| pm_cookie function| pm_cookie_json function| pm_remove_cookie object| Mailcheck object| punycode object| wpforms object| wppopups_pro object| advads object| wppopups string| ajaxurl object| pum function| FormSerializer function| Inputmask function| default object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ZILogs object| ziws object| regeneratorRuntime object| _zi_fc object| google_tag_manager function| onYouTubeIframeAPIReady object| el function| UET function| UET_init function| UET_push object| ueto_67ded08a05 object| uetq function| clarity object| clarityuetq

26 Cookies

Domain/Path Name / Value
hipaajournal.com/ Name: PHPSESSID
Value: aa27b923d055edbec8c8f9cf252e52d5
.hipaajournal.com/ Name: __cf_bm
Value: J_UwtGo4tx2cRWSPwJrWdFAGTwz3ZDNkyQEgdeyMZF4-1726232799-1.0.1.1-6pePjkrY6yUseL924YlP3sUMcxKK5NUL9VJI4E7BXh.R2SP3yMvZ803BnsxwJef7nS2IR9HZqvGWPCkWtk7_xg
.ws.zoominfo.com/ Name: visitorId
Value: f8b65fd752166a3b3c4c42e5fa51e4e7f31273934f9a8307a799d6f6173fb452
.zoominfo.com/ Name: __cf_bm
Value: ngyEA99luW9r1YQj8C6kuMx1uiw0_B90mVenOGhQnew-1726232801-1.0.1.1-MgN_AwGb6lyWo7T81L7HcH_m6vm_8Vq94XR_Wa37NjYiXrfoPhuBlavPpxascwtMgqMiAq9rgt2MI8YvC.w5ng
.zoominfo.com/ Name: _cfuvid
Value: 9BLWzYjSoRbqGRGQ5sK3UKxx2YpmIoPMUxiJrb.wXpo-1726232801639-0.0.1.1-604800000
www.hipaajournal.com/ Name: _wpfuuid
Value: ef63ffa1-e858-4523-88ce-d9ae53e953f2
.hipaajournal.com/ Name: _gid
Value: GA1.2.1042594856.1726232802
.hipaajournal.com/ Name: _gat
Value: 1
.hipaajournal.com/ Name: _ga
Value: GA1.1.980736688.1726232802
www.hipaajournal.com/ Name: PHPSESSID
Value: 278182111f11d6464830a8973409f3d1
.hipaajournal.com/ Name: _gcl_au
Value: 1.1.1183942877.1726232802
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.hipaajournal.com/ Name: _uetsid
Value: 05937b5071d111ef86e5298bc4d4616b
.hipaajournal.com/ Name: _uetvid
Value: 0594fc8071d111ef9e1e4b6e87b3bcd6
.bing.com/ Name: MUID
Value: 21718181FA2C68D204E39578FBBE699E
.bat.bing.com/ Name: MR
Value: 0
www.clarity.ms/ Name: CLID
Value: 838a7a74064f470da635ea543e86c0fd.20240913.20250913
.hipaajournal.com/ Name: _clck
Value: 1v2mdyf%7C2%7Cfp5%7C0%7C1717
.hipaajournal.com/ Name: _ga_PT2PNR2FCR
Value: GS1.1.1726232802.1.0.1726232803.59.0.0
.hipaajournal.com/ Name: _clsk
Value: tnqbrx%7C1726232804083%7C1%7C1%7Cq.clarity.ms%2Fcollect
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 21718181FA2C68D204E39578FBBE699E
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 21718181FA2C68D204E39578FBBE699E
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bat.bing.com
c.bing.com
c.clarity.ms
fonts.googleapis.com
hipaajournal.com
q.clarity.ms
stats.g.doubleclick.net
td.doubleclick.net
ws-assets.zoominfo.com
ws.zoominfo.com
www.clarity.ms
www.google-analytics.com
www.googletagmanager.com
www.hipaajournal.com
analytics.google.com
104.16.118.43
172.67.13.62
20.110.205.119
20.231.53.73
2001:4860:4802:36::181
2001:4860:4802:38::178
2607:f8b0:4004:c08::9d
2607:f8b0:4006:80e::200a
2607:f8b0:4006:821::2008
2607:f8b0:4006:823::2002
2620:1ec:33:1::10
2620:1ec:bdf::40
2620:1ec:c11::237
00d1fc5eb9518d0a60118b673a9b5070a35bfb90621f44b07a54123ec0fb8db5
0e8cd726ee4a8ac81bebd526b2f4b1dce21b232ad6b8863f466083d2e59f6945
11a1e1db1a1ab7a71db18d571de5140b73f18925d9cbc2c3fac51e8fb04f6c89
1775c6ce048a6e636cc202ac5aa7fec6b88f3983d9bb436b3a4f4fd37526667e
180ee44a439191dcc93d9d179dc236226b2d1358b5e2d0f1cd3ac82fad84539c
18738529ad029ef8f013062ad3c9a074d91375f257d3b539a8ec4404ed81a9cd
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d921f25ecbb79c2d9404e247fdce4e9fe3f8ccecf0f237c5524b5975c62cbea
1fe6364594508c610369cf2ab9503e04d8e80a02de29d12acf5a2cfc97fd7aea
2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4
2beaf68ce7fc4ae081469d6f13d9cf9ead2a4087349bcb3592c606a20f079ed2
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
3cf502a113cb6d40e378c1f8f68c365d5fd3af21c3e7d9e9b666da3f7ae4dcfa
40b3034af4e2a64b6f2f5683dfa0541a0b91ca401cba297b3d78581bc202fdef
4ac65dcc5ed84285cfd19c18f2b715a53f07f708f34198aa96ed8b846a78ef58
5bc699315a25048a2bbcf4f72e28828fc34d2777ccea41df93e16a0c0b65c1e8
5cf246da0a943596888bbafa467e79268981f3f35cf4e7e3d6c33848c5e0f89a
60ed45fe20ede817f77c4e774e77fd9a9a4f4046c67456f1442eac2095918438
68d7269aa3d305fde66002e814bc977b3abbedcc8f14a6a7d763e6be5ae8b4c1
6a05452bc7b20ddd019c29e827315e0674d2dceb6e57f90d16339d6c21ce8c76
6c1edea36231085cb77954de01a654391546c646d37fd92c87429896237c9d57
7ddbe24eb448530f00d1d213487e7f1325eb2ce9f12d9d4e63a28180d870ad70
8fb5215a009756c6b8c3fe20ce4749396ab3a1131fea03027ed45e4db9b14509
903bbc6217ed0a35fdc4a9721e619f48d005d0b9c404c1025772910970cd1d0a
925bc4a7cd362260ffa9d614e85acad31a428ea86734358c44efc2a68ce0b066
95ee3203e7b71004f387dea14b5c675655ceca4cbaa997a13432c0990110606e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a3a4301617a54a1684e392a5c714aa41b8971b19b0f235be654c7c57a732994
a0baab39d27dcc08f92d781d2db854a487fa3d3e3f1588edf20a9efde13f230b
a196432841eb124ad2ba6f0c25141614552233563cde65935cdf7f64694f65b6
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
b1fe902406038a5b4529b22bb1d7f178a54012771067ece6b680259ea094c8a8
b2afdf6d0bab6153a69ab3e07d2e630d394f0f70c4cb3000439af40f7afe493e
b5f98b4c1c686da66d26c14d71128da17217b1944816329d530836d490850197
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c55bb187432531f48be10df58477eb1ab34d4ec4b7aecfb4c179845a5227fcd2
c7cb751cd141ccb5087b8dd3e2078e2b69a6a2a16e4b4de564e9dc487e886f21
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce2a6756a6460c8fd6bd4096193c96a3585bbf32a29b93a695f8e1921196c0b2
d39a7aa67bb7db471cf3a88eedf3c8271a8762a7a5ddd7b524fa36ca4cdf5ac1
d5d667b4b3a608950ea6bdf4a88c0393bffeb9a209f2e65a257a3c6213a5c930
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e06cba1a67af07e8512327f8ee255a0231ceafcd5ddac8d7e9ba973b4ddbefde
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec98107335f3b6b1301d99a9544a0548619b0d2f3f0c1329d7504b00a9e1abc4
f2131acf510a60fd254d6cc760d58415265028572db5a60ba32c3c69e447cbee
fb494294561d1b11be41aa16100530711be7969f48359a2bab26878b6d0bfd91