hayesrcm.com Open in urlscan Pro
173.249.147.106 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hayesbilling.proformawebsites.com/
Effective URL:
https://hayesrcm.com/
Submission: On July 31 via automatic, source certstream-suspicious (July 31st 2024, 10:05:24 am UTC) — Scanned from DE

Summary HTTP 24 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 24 HTTP transactions. The main IP is 173.249.147.106, located in United States and belongs to VPSDATACENTER, US. The main domain is hayesrcm.com.
TLS certificate: Issued by R11 on July 31st 2024. Valid for: 3 months.

This is the only time hayesrcm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	173.249.147.106 173.249.147.106	40819 (VPSDATACE...) (VPSDATACENTER)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
18	2606:4700:440... 2606:4700:4400::ac40:96d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
24	5

2 173.249.147.106 (United States) 1 redirects

ASN40819 (VPSDATACENTER, US)
PTR: cloudhost-2311550.us-west-1.nxcli.net

hayesbilling.proformawebsites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hayesrcm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:4400::ac40:96d7 (United States)

ASN13335 (CLOUDFLARENET, US)

eadn-wc03-12737972.nxedge.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	nxedge.io eadn-wc03-12737972.nxedge.io	562 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	gstatic.com fonts.gstatic.com	19 KB
1	google.com www.google.com — Cisco Umbrella Rank: 10
1	hayesrcm.com hayesrcm.com	30 KB
1	proformawebsites.com 1 redirects hayesbilling.proformawebsites.com	138 B
24	6

	Domain	Requested by
18	eadn-wc03-12737972.nxedge.io	hayesrcm.com
3	fonts.googleapis.com	hayesrcm.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.google.com	hayesrcm.com
1	hayesrcm.com
1	hayesbilling.proformawebsites.com	1 redirects
24	6

This site contains links to these domains. Also see Links.

Domain
ads.proforma.com

Subject Issuer	Validity	Valid
cdf7b0fda7.nxcli.io R11	`2024-07-31` - `2024-10-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
nxedge.io WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://hayesrcm.com/
Frame ID: B1CB3EC3E8E1F09603C113F2A0AA1D9D
Requests: 23 HTTP requests in this frame

Frame: https://www.google.com/maps/embed/v1/place?key=AIzaSyDoXROUgTXZpS-LNbRyBb7P5MK1EwzOxaI&q=17350%20Highway%20249%2C%20Ste.%20220%20Houston%2C%20TX%2077064&zoom=10
Frame ID: 1ED4C6C3941C5A21A0854F4F62FAC852
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Hayes Billing LLC

Page URL History Show full URLs

https://hayesbilling.proformawebsites.com/ HTTP 301
https://hayesrcm.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

24
Requests

100 %
HTTPS

80 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

613 kB
Transfer

2286 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ads.proforma.com/
Title: Proforma

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hayesbilling.proformawebsites.com/ HTTP 301
https://hayesrcm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hayesrcm.com/
Redirect Chain

https://hayesbilling.proformawebsites.com/
https://hayesrcm.com/

175 KB
30 KB

569ms
187ms

Document
text/html

173.249.147.106
VPSDATACENTER

General

Check archive.org

Show headers Download Go to

Full URL: https://hayesrcm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.249.147.106 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS: cloudhost-2311550.us-west-1.nxcli.net
Software: nginx /
Resource Hash: fd7cccd7d3c7b42bd83b0da57d009bb0ce11f79b0408524d4607e732ebc4acd6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 31 Jul 2024 10:05:10 GMT
server: nginx
vary: Accept-Encoding
x-cache-handler: cache-enabler-engine
x-cache-nxaccel: BYPASS

Redirect headers

content-type: text/html; charset=UTF-8
date: Wed, 31 Jul 2024 10:05:09 GMT
location: https://hayesrcm.com/
server: nginx
x-cache-nxaccel: BYPASS
x-redirect-by: WordPress

GET
H2 200 css
fonts.googleapis.com/ 15 KB
797 B 92ms
18ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Questrial%3A400%7CMuli%3A400%2C400i%2C800%2C800i%2C700%2C700i%2C500%2C500i%2C600%2C300%2C200%2C900&subset=latin&display=swap

Requested by

Host: hayesrcm.com
URL: https://hayesrcm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3bc6f642496dd22bf677a5a1ff220e54b0f724d9f04b4d082f1de58752df12ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jul 2024 10:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jul 2024 10:05:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jul 2024 10:05:10 GMT

GET
H3 200 HayesMedicalBillingHeader.jpg
eadn-wc03-12737972.nxedge.io/wp-content/uploads/2024/03/ 65 KB
66 KB 213ms
137ms Image
image/jpeg 2606:4700:4400::ac40:96d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eadn-wc03-12737972.nxedge.io/wp-content/uploads/2024/03/HayesMedicalBillingHeader.jpg
Requested by: Host: hayesrcm.com
URL: https://hayesrcm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22a3b303093ae0f7584a2ef48ed3c574afd5334739652c4050ea25773136f926

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:05:10 GMT
x-edge-region: us-midwest-1
cf-cache-status: HIT
cf-polished: origSize=66904
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
content-length: 66896
x-request-id: req-6997-1720606563.276-34.78.49.210-555-12737972-
cf-bgj: imgq:100,h2pri
last-modified: Thu, 07 Mar 2024 17:20:57 GMT
server: cloudflare
vary: Accept-Encoding
x-edge-server: eadn-wc02-dtw
content-type: image/jpeg
access-control-allow-origin: *
x-edge: MISS
cache-control: public, max-age=10368000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8abcc4bcabe41c9d-FRA
expires: Thu, 28 Nov 2024 10:05:10 GMT

GET
H3 200 style.min.css
eadn-wc03-12737972.nxedge.io/wp-includes/css/dist/block-library/ 110 KB
15 KB 236ms
161ms Stylesheet
text/css 2606:4700:4400::ac40:96d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eadn-wc03-12737972.nxedge.io/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1
Requested by: Host: hayesrcm.com
URL: https://hayesrcm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:05:10 GMT
content-encoding: br
x-edge-region: us-midwest-2
cf-cache-status: HIT
x-nocache: 1
alt-svc: h3=":443"; ma=86400
x-request-id: req-9634-1721766904.604-17.241.227.220-448-12737972-
last-modified: Tue, 23 Jul 2024 18:12:01 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
x-edge-server: eadn-wc02-dtw
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-edge: MISS
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 8abcc4bcabe21c9d-FRA
expires: Thu, 31 Jul 2025 10:05:10 GMT

GET
H3 200 thrive_flat.css
eadn-wc03-12737972.nxedge.io/wp-content/plugins/thrive-visual-editor/editor/css/ 1012 KB
165 KB 265ms
191ms Stylesheet
text/css 2606:4700:4400::ac40:96d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eadn-wc03-12737972.nxedge.io/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css?ver=10.0
Requested by: Host: hayesrcm.com
URL: https://hayesrcm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46a858e05c40dfd12cc50ae719ca608df2876c0a5fcfb475f22e6999c9a2dd80

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:05:10 GMT
content-encoding: br
x-edge-region: us-midwest-1
cf-cache-status: HIT
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
x-request-id: req-3304-1722354181.587-64.132.34.6-438-12737972-
last-modified: Tue, 30 Jul 2024 14:50:30 GMT
server: cloudflare
x-edge-server: eadn-wc02-dtw
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-edge: MISS
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 8abcc4bcabf31c9d-FRA
expires: Thu, 31 Jul 2025 10:05:10 GMT

GET
H3 200 theme.css
eadn-wc03-12737972.nxedge.io/wp-content/cache/min/1/wp-content/themes/thrive-theme/inc/assets/dist/ 32 KB
7 KB 234ms
159ms Stylesheet
text/css 2606:4700:4400::ac40:96d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eadn-wc03-12737972.nxedge.io/wp-content/cache/min/1/wp-content/themes/thrive-theme/inc/assets/dist/theme.css?ver=1717192722
Requested by: Host: hayesrcm.com
URL: https://hayesrcm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73e3441c68fae3746ce2e14e2231c839bd0b2aa902cb726701701347d65e50ce

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:05:10 GMT
content-encoding: br
x-edge-region: us-midwest-1
cf-cache-status: HIT
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
x-request-id: req-20420-1720801367.140-122.161.50.58-562-12737972-
last-modified: Fri, 31 May 2024 21:58:42 GMT
server: cloudflare
x-edge-server: eadn-wc01-dtw
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-edge: MISS
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 8abcc4bcabfb1c9d-FRA
expires: Thu, 31 Jul 2025 10:05:10 GMT

GET
H3 200 style.css
eadn-wc03-12737972.nxedge.io/wp-content/cache/min/1/wp-content/themes/thrive-theme/ 17 KB
4 KB 269ms
195ms Stylesheet
text/css 2606:4700:4400::ac40:96d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eadn-wc03-12737972.nxedge.io/wp-content/cache/min/1/wp-content/themes/thrive-theme/style.css?ver=1717192722
Requested by: Host: hayesrcm.com
URL: https://hayesrcm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ff1e1f6880b100040a34370c0caf212bc3c76ca05ea63fe3ab1d6fe9e703bd2

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:05:10 GMT
content-encoding: br
x-edge-region: us-midwest-1
cf-cache-status: HIT
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
x-request-id: req-25818-1717192722.372-2601:602:87f:9ccb:a838:8db7:1dfe:18d3-587-12737972-
last-modified: Fri, 31 May 2024 21:58:42 GMT
server: cloudflare
x-edge-server: eadn-wc02-dtw
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-edge: MISS
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 8abcc4bcabf21c9d-FRA
expires: Thu, 31 Jul 2025 10:05:10 GMT

GET
H3 200 theme-template-1717709289.css
eadn-wc03-12737972.nxedge.io/wp-content/cache/min/1/wp-content/uploads/thrive/ 460 KB
36 KB 227ms
153ms Stylesheet
text/css 2606:4700:4400::ac40:96d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eadn-wc03-12737972.nxedge.io/wp-content/cache/min/1/wp-content/uploads/thrive/theme-template-1717709289.css?ver=1717711722
Requested by: Host: hayesrcm.com
URL: https://hayesrcm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 791748909392ec5eadb9893119c30d7ac9d05929b3e0dbc8832bacb560577a81

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:05:10 GMT
content-encoding: br
x-edge-region: us-midwest-1
cf-cache-status: HIT
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
x-request-id: req-552-1717748719.916-104.197.69.115-473-12737972-
last-modified: Thu, 06 Jun 2024 22:08:42 GMT
server: cloudflare
x-edge-server: eadn-wc03-dtw
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-edge: MISS
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 8abcc4bcabec1c9d-FRA
expires: Thu, 31 Jul 2025 10:05:10 GMT

GET
H3 200 basic.min.css
eadn-wc03-12737972.nxedge.io/wp-content/cache/min/1/wp-content/plugins/gravityforms/assets/css/dist/ 49 KB
8 KB 248ms
175ms Stylesheet
text/css 2606:4700:4400::ac40:96d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eadn-wc03-12737972.nxedge.io/wp-content/cache/min/1/wp-content/plugins/gravityforms/assets/css/dist/basic.min.css?ver=1717192727
Requested by: Host: hayesrcm.com
URL: https://hayesrcm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43851f3b01d57f781bba15a57548ae95ab11c5cc3d701b52da1d4978477f3b10

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:05:10 GMT
content-encoding: br
x-edge-region: us-midwest-2
cf-cache-status: HIT
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
x-request-id: req-13003-1720679112.964-216.41.235.2-536-12737972-
last-modified: Fri, 31 May 2024 21:58:47 GMT
server: cloudflare
x-edge-server: eadn-wc02-dtw
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-edge: MISS
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 8abcc4bcabe71c9d-FRA
expires: Thu, 31 Jul 2025 10:05:10 GMT

GET
H3 200 theme-components.min.css
eadn-wc03-12737972.nxedge.io/wp-content/plugins/gravityforms/assets/css/dist/ 0
327 B 225ms
152ms Stylesheet
text/css 2606:4700:4400::ac40:96d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eadn-wc03-12737972.nxedge.io/wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css?ver=2.8.15
Requested by: Host: hayesrcm.com
URL: https://hayesrcm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:05:10 GMT
x-edge-region: us-midwest-2
cf-cache-status: HIT
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
content-length: 0
x-request-id: req-31811-1722354181.533-64.132.34.6-443-12737972-
last-modified: Tue, 30 Jul 2024 14:16:33 GMT
server: cloudflare
vary: Accept-Encoding
x-edge-server: eadn-wc02-dtw
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-edge: MISS
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8abcc4bcabe61c9d-FRA
expires: Thu, 31 Jul 2025 10:05:10 GMT

GET
H3 200 theme-ie11.min.css
eadn-wc03-12737972.nxedge.io/wp-content/plugins/gravityforms/assets/css/dist/ 2 KB
716 B 284ms
211ms Stylesheet
text/css 2606:4700:4400::ac40:96d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eadn-wc03-12737972.nxedge.io/wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css?ver=2.8.15
Requested by: Host: hayesrcm.com
URL: https://hayesrcm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fee2241b1a7e456a690a5630244d9a452f20f2a8a241eb242238d418295750b

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:05:10 GMT
content-encoding: br
x-edge-region: us-midwest-1
cf-cache-status: HIT
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
x-request-id: req-24107-1722354181.557-64.132.34.6-439-12737972-
last-modified: Tue, 30 Jul 2024 14:16:33 GMT
server: cloudflare
x-edge-server: eadn-wc03-dtw
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-edge: MISS
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 8abcc4bcabf71c9d-FRA
expires: Thu, 31 Jul 2025 10:05:10 GMT

GET
H3 200 theme.min.css
eadn-wc03-12737972.nxedge.io/wp-content/plugins/gravityforms/assets/css/dist/ 31 KB
6 KB 245ms
172ms Stylesheet
text/css 2606:4700:4400::ac40:96d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eadn-wc03-12737972.nxedge.io/wp-content/plugins/gravityforms/assets/css/dist/theme.min.css?ver=2.8.15
Requested by: Host: hayesrcm.com
URL: https://hayesrcm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca0af6b4ab8d2b645c51e8b2a3e8d3dce3a43f287d9edec5f01277e46526c757

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:05:10 GMT
content-encoding: br
x-edge-region: us-midwest-2
cf-cache-status: HIT
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
x-request-id: req-31811-1722354181.519-64.132.34.6-436-12737972-
last-modified: Tue, 30 Jul 2024 14:16:33 GMT
server: cloudflare
x-edge-server: eadn-wc02-dtw
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-edge: MISS
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 8abcc4bcabfc1c9d-FRA
expires: Thu, 31 Jul 2025 10:05:10 GMT

GET
H3 200 gf_wcag20_form_fields.min.css
eadn-wc03-12737972.nxedge.io/wp-content/plugins/gravity-forms-wcag-20-form-fields/css/ 400 B
528 B 254ms
181ms Stylesheet
text/css 2606:4700:4400::ac40:96d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eadn-wc03-12737972.nxedge.io/wp-content/plugins/gravity-forms-wcag-20-form-fields/css/gf_wcag20_form_fields.min.css?ver=6.6.1
Requested by: Host: hayesrcm.com
URL: https://hayesrcm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ec71d63eb4ca47ca2419f477959a5db4ebdbed4f2efcf5816217f132ac9acf5

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:05:10 GMT
content-encoding: br
x-edge-region: us-midwest-1
cf-cache-status: HIT
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
x-request-id: req-11589-1721767038.211-17.241.75.187-475-12737972-
last-modified: Fri, 02 Apr 2021 17:53:10 GMT
server: cloudflare
x-edge-server: eadn-wc02-dtw
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-edge: MISS
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 8abcc4bcabf91c9d-FRA
expires: Thu, 31 Jul 2025 10:05:10 GMT

GET
H3 200 conditional_logic.min.js Show response
eadn-wc03-12737972.nxedge.io/wp-content/plugins/gravityforms/js/ 9 KB
3 KB 158ms
158ms Script
application/javascript 2606:4700:4400::ac40:96d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eadn-wc03-12737972.nxedge.io/wp-content/plugins/gravityforms/js/conditional_logic.min.js?ver=2.8.15
Requested by: Host: hayesrcm.com
URL: https://hayesrcm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b5b0187242aa0d8873c91877a0c55ec72c66eaffeea0742ca065ad26f52cd89

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:05:10 GMT
content-encoding: br
x-edge-region: us-midwest-1
cf-cache-status: HIT
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
x-request-id: req-30997-1722354181.614-64.132.34.6-424-12737972-
last-modified: Tue, 30 Jul 2024 14:16:33 GMT
server: cloudflare
x-edge-server: eadn-wc01-dtw
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-edge: MISS
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 8abcc4be1df41c9d-FRA
expires: Thu, 31 Jul 2025 10:05:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
855 B 82ms
15ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Questrial:400&subset=latin

Requested by

Host: hayesrcm.com
URL: https://hayesrcm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68cbbe8ff78a2d3639cdde172e4a5daa764ca8e675bfc783a407cce910ebf45e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jul 2024 10:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jul 2024 10:05:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jul 2024 10:05:10 GMT

GET
H3 200 HHLogo.png
eadn-wc03-12737972.nxedge.io/wp-content/uploads/2024/03/ 11 KB
11 KB 155ms
154ms Image
image/png 2606:4700:4400::ac40:96d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eadn-wc03-12737972.nxedge.io/wp-content/uploads/2024/03/HHLogo.png
Requested by: Host: hayesrcm.com
URL: https://hayesrcm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7ff5a28d0082afd8269da320ffca9e8c8323b92632bfab0f813ed2fb6d9370e

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:05:10 GMT
x-edge-region: us-midwest-2
cf-cache-status: HIT
cf-polished: origSize=11212
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11143
x-request-id: req-30289-1720307681.743-2600:3c00::f03c:92ff:feda:14da-494-12737972-
cf-bgj: imgq:100,h2pri
last-modified: Wed, 06 Mar 2024 21:17:50 GMT
server: cloudflare
vary: Accept-Encoding
x-edge-server: eadn-wc01-dtw
content-type: image/png
access-control-allow-origin: *
x-edge: MISS
cache-control: public, max-age=10368000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8abcc4bd9d451c9d-FRA
expires: Thu, 28 Nov 2024 10:05:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
0 0ms
0ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Questrial%3A400%7CMuli%3A400%2C400i%2C800%2C800i%2C700%2C700i%2C500%2C500i%2C600%2C300%2C200%2C900&subset=latin&display=swap

Requested by

Host: hayesrcm.com
URL: https://hayesrcm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3bc6f642496dd22bf677a5a1ff220e54b0f724d9f04b4d082f1de58752df12ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jul 2024 10:05:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jul 2024 10:05:10 GMT

GET
H3 200 place
www.google.com/maps/embed/v1/ Frame 1ED4 0
0 637ms
590ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed/v1/place?key=AIzaSyDoXROUgTXZpS-LNbRyBb7P5MK1EwzOxaI&q=17350%20Highway%20249%2C%20Ste.%20220%20Houston%2C%20TX%2077064&zoom=10

Requested by

Host: hayesrcm.com
URL: https://hayesrcm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-puUvQuPe2tSYrLNds2eveg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hayesrcm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 970
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-puUvQuPe2tSYrLNds2eveg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Wed, 31 Jul 2024 10:05:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: scaffolding on HTTPServer2
vary: Accept-Language Origin X-Origin Referer
x-content-type-options: nosniff
x-robots-tag: noindex,nofollow
x-xss-protection: 0

GET
H3 200 HHLogo.png
eadn-wc03-12737972.nxedge.io/wp-content/uploads/2024/03/ 11 KB
0 3ms
3ms Image
image/png 2606:4700:4400::ac40:96d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eadn-wc03-12737972.nxedge.io/wp-content/uploads/2024/03/HHLogo.png
Requested by: Host: hayesrcm.com
URL: https://hayesrcm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7ff5a28d0082afd8269da320ffca9e8c8323b92632bfab0f813ed2fb6d9370e

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:05:10 GMT
x-edge-region: us-midwest-2
cf-cache-status: HIT
cf-polished: origSize=11212
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11143
x-request-id: req-30289-1720307681.743-2600:3c00::f03c:92ff:feda:14da-494-12737972-
cf-bgj: imgq:100,h2pri
last-modified: Wed, 06 Mar 2024 21:17:50 GMT
server: cloudflare
vary: Accept-Encoding
x-edge-server: eadn-wc01-dtw
content-type: image/png
access-control-allow-origin: *
x-edge: MISS
cache-control: public, max-age=10368000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8abcc4bd9d451c9d-FRA
expires: Thu, 28 Nov 2024 10:05:10 GMT

GET
H3 200 Services-Contracting-and-Credentialing.jpeg
eadn-wc03-12737972.nxedge.io/wp-content/uploads/2024/03/ 31 KB
31 KB 147ms
147ms Image
image/jpeg 2606:4700:4400::ac40:96d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eadn-wc03-12737972.nxedge.io/wp-content/uploads/2024/03/Services-Contracting-and-Credentialing.jpeg
Requested by: Host: hayesrcm.com
URL: https://hayesrcm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad5f931647fd3e99a8316b5595c8ce0390db2d345c6231db019a3601f76ff714

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:05:11 GMT
x-edge-region: us-midwest-2
cf-cache-status: HIT
cf-polished: origSize=31845
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
content-length: 31837
x-request-id: req-22216-1722414541.278-34.123.170.104-493-12737972-
cf-bgj: imgq:100,h2pri
last-modified: Thu, 07 Mar 2024 20:26:30 GMT
server: cloudflare
vary: Accept-Encoding
x-edge-server: eadn-wc01-dtw
content-type: image/jpeg
access-control-allow-origin: *
x-edge: MISS
cache-control: public, max-age=10368000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8abcc4bf2f7a1c9d-FRA
expires: Thu, 28 Nov 2024 10:05:11 GMT

GET
H3 200 MEdical-Billing-Professional.png
eadn-wc03-12737972.nxedge.io/wp-content/uploads/2024/03/ 192 KB
192 KB 186ms
185ms Image
image/png 2606:4700:4400::ac40:96d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eadn-wc03-12737972.nxedge.io/wp-content/uploads/2024/03/MEdical-Billing-Professional.png
Requested by: Host: hayesrcm.com
URL: https://hayesrcm.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2c61030d81a4d296559465bf3ba531689e97bd3080dd04daf28d3600962cd87

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:05:11 GMT
x-edge-region: us-midwest-1
cf-cache-status: HIT
cf-polished: status=not_needed
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
content-length: 196514
x-request-id: req-12718-1720962686.922-74.125.215.98-495-12737972-
cf-bgj: imgq:100,h2pri
last-modified: Tue, 26 Mar 2024 00:31:42 GMT
server: cloudflare
vary: Accept-Encoding
x-edge-server: eadn-wc01-dtw
content-type: image/png
access-control-allow-origin: *
x-edge: MISS
cache-control: public, max-age=10368000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8abcc4bf2f7c1c9d-FRA
expires: Thu, 28 Nov 2024 10:05:11 GMT

GET
H2 200 QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v18/ 19 KB
19 KB 94ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Questrial%3A400%7CMuli%3A400%2C400i%2C800%2C800i%2C700%2C700i%2C500%2C500i%2C600%2C300%2C200%2C900&subset=latin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hayesrcm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 15:11:29 GMT
x-content-type-options: nosniff
age: 68022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19292
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 15:11:29 GMT

GET
H3 200 Hayes-Billing-favicon.png
eadn-wc03-12737972.nxedge.io/wp-content/uploads/2024/03/ 14 KB
15 KB 183ms
183ms Other
image/png 2606:4700:4400::ac40:96d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eadn-wc03-12737972.nxedge.io/wp-content/uploads/2024/03/Hayes-Billing-favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a0578a7bc78e6705eac406381b7379cde6d36ea7dca806f6a85abe9c2f8e5e1

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:05:12 GMT
x-edge-region: us-midwest-1
cf-cache-status: HIT
cf-polished: origSize=14565
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
content-length: 14473
x-request-id: req-28414-1721896217.910-18.236.160.77-341-12737972-
cf-bgj: imgq:100,h2pri
last-modified: Thu, 07 Mar 2024 01:54:20 GMT
server: cloudflare
vary: Accept-Encoding
x-edge-server: eadn-wc02-dtw
content-type: image/png
access-control-allow-origin: *
x-edge: MISS
cache-control: public, max-age=10368000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8abcc4c5ba071c9d-FRA
expires: Thu, 28 Nov 2024 10:05:12 GMT

GET
H3 200 Hayes-Billing-favicon.png
eadn-wc03-12737972.nxedge.io/wp-content/uploads/2024/03/ 14 KB
0 0ms
0ms Other
image/png 2606:4700:4400::ac40:96d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eadn-wc03-12737972.nxedge.io/wp-content/uploads/2024/03/Hayes-Billing-favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a0578a7bc78e6705eac406381b7379cde6d36ea7dca806f6a85abe9c2f8e5e1

Request headers

Referer: https://hayesrcm.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:05:12 GMT
x-edge-region: us-midwest-1
cf-cache-status: HIT
cf-polished: origSize=14565
x-cache-nxaccel: MISS
alt-svc: h3=":443"; ma=86400
content-length: 14473
x-request-id: req-28414-1721896217.910-18.236.160.77-341-12737972-
cf-bgj: imgq:100,h2pri
last-modified: Thu, 07 Mar 2024 01:54:20 GMT
server: cloudflare
vary: Accept-Encoding
x-edge-server: eadn-wc02-dtw
content-type: image/png
access-control-allow-origin: *
x-edge: MISS
cache-control: public, max-age=10368000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8abcc4c5ba071c9d-FRA
expires: Thu, 28 Nov 2024 10:05:12 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eadn-wc03-12737972.nxedge.io
fonts.googleapis.com
fonts.gstatic.com
hayesbilling.proformawebsites.com
hayesrcm.com
www.google.com
173.249.147.106
2606:4700:4400::ac40:96d7
2a00:1450:4001:806::200a
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
1b5b0187242aa0d8873c91877a0c55ec72c66eaffeea0742ca065ad26f52cd89
22a3b303093ae0f7584a2ef48ed3c574afd5334739652c4050ea25773136f926
2ff1e1f6880b100040a34370c0caf212bc3c76ca05ea63fe3ab1d6fe9e703bd2
3bc6f642496dd22bf677a5a1ff220e54b0f724d9f04b4d082f1de58752df12ee
3fee2241b1a7e456a690a5630244d9a452f20f2a8a241eb242238d418295750b
43851f3b01d57f781bba15a57548ae95ab11c5cc3d701b52da1d4978477f3b10
46a858e05c40dfd12cc50ae719ca608df2876c0a5fcfb475f22e6999c9a2dd80
4a0578a7bc78e6705eac406381b7379cde6d36ea7dca806f6a85abe9c2f8e5e1
68cbbe8ff78a2d3639cdde172e4a5daa764ca8e675bfc783a407cce910ebf45e
73e3441c68fae3746ce2e14e2231c839bd0b2aa902cb726701701347d65e50ce
791748909392ec5eadb9893119c30d7ac9d05929b3e0dbc8832bacb560577a81
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
9ec71d63eb4ca47ca2419f477959a5db4ebdbed4f2efcf5816217f132ac9acf5
ad5f931647fd3e99a8316b5595c8ce0390db2d345c6231db019a3601f76ff714
b2c61030d81a4d296559465bf3ba531689e97bd3080dd04daf28d3600962cd87
ca0af6b4ab8d2b645c51e8b2a3e8d3dce3a43f287d9edec5f01277e46526c757
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7ff5a28d0082afd8269da320ffca9e8c8323b92632bfab0f813ed2fb6d9370e
fd7cccd7d3c7b42bd83b0da57d009bb0ce11f79b0408524d4607e732ebc4acd6
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546

hayesrcm.com Open in urlscan Pro 173.249.147.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

80 %IPv6

6 Domains

6 Subdomains

5 IPs

2 Countries

613 kBTransfer

2286 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

0 Cookies

Indicators

hayesrcm.com Open in urlscan Pro
173.249.147.106 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

80 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

613 kB
Transfer

2286 kB
Size

0
Cookies

24 HTTP transactions
0 data transactions