urlscan.io logo urlscan.io
SecurityTrails logo

vendorservices.epic.com Open in urlscan Pro
199.204.57.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.yesware.com/tt/0dbc40be40bc861221d8ea1b3070e694af03e6d3/63c733dc8f3e8866f00315ab9fbc3701/ff548d23f28d67e8ecf...
Effective URL: https://vendorservices.epic.com/Showroom/stage?id=1
Submission: On February 26 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 33 HTTP transactions. The main IP is 199.204.57.25, located in Madison, United States and belongs to EPICSYS, US. The main domain is vendorservices.epic.com. The Cisco Umbrella rank of the primary domain is 470357.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on November 16th 2023. Valid for: a year.
This is the only time vendorservices.epic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54.85.40.224 14618 (AMAZON-AES)
1 151.101.130.137 54113 (FASTLY)
18 199.204.57.25 10359 (EPICSYS)
1 162.247.241.14 23467 (NEWRELIC-...)
6 199.204.56.121 10359 (EPICSYS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::649 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
33 9
1    54.85.40.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-40-224.compute-1.amazonaws.com
t.yesware.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
18    199.204.57.25 (Madison, United States)

ASN10359 (EPICSYS, US)
PTR: vendorservices.epic.com
vendorservices.epic.com
1    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
6    199.204.56.121 (Madison, United States)

ASN10359 (EPICSYS, US)
PTR: userweb.epic.com
userweb.epic.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
24 epic.com
vendorservices.epic.com — Cisco Umbrella Rank: 470357
userweb.epic.com — Cisco Umbrella Rank: 39335
2 MB
1 gstatic.com
fonts.gstatic.com
27 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 729
88 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
831 B
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 242
462 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 592
25 KB
1 yesware.com
t.yesware.com — Cisco Umbrella Rank: 32464
50 KB
33 7
Domain Requested by
18 vendorservices.epic.com t.yesware.com
vendorservices.epic.com
6 userweb.epic.com vendorservices.epic.com
1 fonts.gstatic.com fonts.googleapis.com
1 code.jquery.com vendorservices.epic.com
1 fonts.googleapis.com vendorservices.epic.com
1 bam.nr-data.net t.yesware.com
js-agent.newrelic.com
1 js-agent.newrelic.com t.yesware.com
1 t.yesware.com
33 8

This site contains links to these domains. Also see Links.

Domain
www.epic.com
www.epicshare.org
www.epicresearch.org
mychart.org
open.epic.com
userweb.epic.com
Subject Issuer Validity Valid
*.yesware.com
Amazon RSA 2048 M03		 2023-09-23 -
2024-10-21		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-15 -
2025-02-15		 a year crt.sh
vendorservices.epic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-16 -
2024-12-16		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh
*.epic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-03 -
2024-04-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://vendorservices.epic.com/Showroom/stage?id=1
Frame ID: C35991C38005721A7D3FDBA63B2BAD7D
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Epic ShowroomVisit Epic.comVisit EpicShareVisit EpicResearchVisit MyChartVisit open.epicVisit UserWebVisit Showroom

Page URL History Show full URLs

  1. https://t.yesware.com/tt/0dbc40be40bc861221d8ea1b3070e694af03e6d3/63c733dc8f3e8866f00315ab9fbc3701... Page URL
  2. https://vendorservices.epic.com/Showroom/stage?id=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

91 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

9
IPs

2
Countries

2144 kB
Transfer

3295 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.yesware.com/tt/0dbc40be40bc861221d8ea1b3070e694af03e6d3/63c733dc8f3e8866f00315ab9fbc3701/ff548d23f28d67e8ecfcc83c593eb827/vendorservices.epic.com/Showroom/stage?id=1 Page URL
  2. https://vendorservices.epic.com/Showroom/stage?id=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
stage
t.yesware.com/tt/0dbc40be40bc861221d8ea1b3070e694af03e6d3/63c733dc8f3e8866f00315ab9fbc3701/ff548d23f28d67e8ecfcc83c593eb827/vendorservices.epic.com/Showroom/ 		49 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.yesware.com/tt/0dbc40be40bc861221d8ea1b3070e694af03e6d3/63c733dc8f3e8866f00315ab9fbc3701/ff548d23f28d67e8ecfcc83c593eb827/vendorservices.epic.com/Showroom/stage?id=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.40.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-40-224.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
50296
content-type
text/html; charset=utf-8
date
Mon, 26 Feb 2024 16:11:38 GMT
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
fb0bfe0d-b873-446a-bf7d-1ce1c2102680
x-robots-tag
noindex
x-runtime
0.008822
x-xss-protection
1; mode=block
nr-full-1.252.0.min.js
js-agent.newrelic.com/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-full-1.252.0.min.js
Requested by
Host: t.yesware.com
URL: https://t.yesware.com/tt/0dbc40be40bc861221d8ea1b3070e694af03e6d3/63c733dc8f3e8866f00315ab9fbc3701/ff548d23f28d67e8ecfcc83c593eb827/vendorservices.epic.com/Showroom/stage?id=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://t.yesware.com/
Origin
https://t.yesware.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id
erpQAsDFxG_6aM4W2oXrEE2UTrC4hTVP
content-encoding
br
via
1.1 varnish
date
Mon, 26 Feb 2024 16:11:38 GMT
strict-transport-security
max-age=300
x-amz-request-id
6DDWQMZ0DGY8SFMR
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
24959
x-amz-id-2
k6/vSazPmZaEhSqmw8ha/R8HxDEFDHSbDs2g0P31mmpMVFBzk9dCkrsNgRpjp39xz4qrcwHuMqU=
x-served-by
cache-fra-eddf8230082-FRA
last-modified
Tue, 13 Feb 2024 00:41:07 GMT
server
AmazonS3
x-timer
S1708963899.744663,VS0,VE0
etag
"2f8ac62328d6fa35d0edb414cf141d02"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
48844
Primary Request stage
vendorservices.epic.com/Showroom/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vendorservices.epic.com/Showroom/stage?id=1
Requested by
Host: t.yesware.com
URL: https://t.yesware.com/tt/0dbc40be40bc861221d8ea1b3070e694af03e6d3/63c733dc8f3e8866f00315ab9fbc3701/ff548d23f28d67e8ecfcc83c593eb827/vendorservices.epic.com/Showroom/stage?id=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.57.25 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
vendorservices.epic.com
Software
/
Resource Hash
475da59aca245ce458fda6afa19d586ce7b3e3f157440bde202ef5a76f19c782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://t.yesware.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Length
2221
Content-Type
text/html; charset=utf-8
Date
Mon, 26 Feb 2024 16:11:38 GMT
Expires
-1
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
1a5da492d2
bam.nr-data.net/1/ 		40 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/1a5da492d2?a=2164051&v=1.252.0&to=Il9eRkQKCVtSERkICA9bH1FaDAZc&rst=745&ck=0&s=70afbd2949c8148b&ref=https://t.yesware.com/tt/0dbc40be40bc861221d8ea1b3070e694af03e6d3/63c733dc8f3e8866f00315ab9fbc3701/ff548d23f28d67e8ecfcc83c593eb827/vendorservices.epic.com/Showroom/stage&hr=0&af=err,xhr,stn,ins&ap=9&be=516&fe=131&dc=129&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1708963898030,%22n%22:0,%22f%22:0,%22dn%22:31,%22dne%22:31,%22c%22:31,%22s%22:149,%22ce%22:270,%22rq%22:271,%22rp%22:517,%22rpe%22:634,%22di%22:645,%22ds%22:645,%22de%22:645,%22dc%22:645,%22l%22:645,%22le%22:647%7D,%22navigation%22:%7B%7D%7D
Requested by
Host: t.yesware.com
URL: https://t.yesware.com/tt/0dbc40be40bc861221d8ea1b3070e694af03e6d3/63c733dc8f3e8866f00315ab9fbc3701/ff548d23f28d67e8ecfcc83c593eb827/vendorservices.epic.com/Showroom/stage?id=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://t.yesware.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 26 Feb 2024 16:11:39 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://t.yesware.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
85b977100e7c1c0b-FRA
Content-Length
40
1a5da492d2
bam.nr-data.net/jserrors/1/ 		0
0
1a5da492d2
bam.nr-data.net/events/1/ 		0
0
1a5da492d2
bam.nr-data.net/jserrors/1/ 		0
0
main.1e919ee9.chunk.css
vendorservices.epic.com/Scripts/React/css/ 		406 B
642 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vendorservices.epic.com/Scripts/React/css/main.1e919ee9.chunk.css
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Showroom/stage?id=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.57.25 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
vendorservices.epic.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d45fb3f4b77e3a561abb44c5d077d64d76430b109354fc39347ac9825ea2a2c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/Showroom/stage?id=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Mon, 26 Feb 2024 16:11:38 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 23 Feb 2024 02:05:28 GMT
Server
Microsoft-IIS/10.0
ETag
"aef6efc5fc65da1:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
307
17.98297a24.chunk.js
vendorservices.epic.com/Scripts/React/js/ 		693 KB
268 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vendorservices.epic.com/Scripts/React/js/17.98297a24.chunk.js
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Showroom/stage?id=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.57.25 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
vendorservices.epic.com
Software
Microsoft-IIS/10.0 /
Resource Hash
50684546867b1e854756fb963ed876c0982281dce4b4d02a17b0db77792d32ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/Showroom/stage?id=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Mon, 26 Feb 2024 16:11:39 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 23 Feb 2024 02:05:28 GMT
Server
Microsoft-IIS/10.0
ETag
"6fe0f0c5fc65da1:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
main.5f6e5357.chunk.js
vendorservices.epic.com/Scripts/React/js/ 		580 KB
275 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vendorservices.epic.com/Scripts/React/js/main.5f6e5357.chunk.js
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Showroom/stage?id=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.57.25 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
vendorservices.epic.com
Software
Microsoft-IIS/10.0 /
Resource Hash
eb8f07d8ff95894ed4895272f13928511e62a42ddf99d6b1f8ed7df6284cb6f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/Showroom/stage?id=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Mon, 26 Feb 2024 16:11:39 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 23 Feb 2024 02:05:29 GMT
Server
Microsoft-IIS/10.0
ETag
"6e704cc6fc65da1:0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
TinyIconStylesheet
userweb.epic.com/Customer/ 		98 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://userweb.epic.com/Customer/TinyIconStylesheet
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Scripts/React/css/main.1e919ee9.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.56.121 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
userweb.epic.com
Software
/
Resource Hash
89e1aa6d8497779f002ac0b2e0761d3147ae9b3a4cf428ebd1699e4fce20a68a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.epic.com; img-src 'self' *.epic.com data: blob:; style-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline'; frame-ancestors 'self' *.epic.com https://login.microsoftonline.com; frame-src 'self' https://login.microsoftonline.com *.epic.com; child-src 'self' https://login.microsoftonline.com *.epic.com; report-uri https://userweb.epic.com/Error/CspReport
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.epic.com; img-src 'self' *.epic.com data: blob:; style-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline'; frame-ancestors 'self' *.epic.com https://login.microsoftonline.com; frame-src 'self' https://login.microsoftonline.com *.epic.com; child-src 'self' https://login.microsoftonline.com *.epic.com; report-uri https://userweb.epic.com/Error/CspReport
Date
Mon, 26 Feb 2024 16:11:39 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Mon, 26 Feb 2024 15:15:13 GMT
Vary
*, Accept-Encoding
Content-Type
text/css; charset=utf-8
P3P
CP="Not a privacy policy"
Cache-Control
public, max-age=213
Connection
Keep-Alive
Content-Length
11442
Expires
Mon, 26 Feb 2024 16:15:13 GMT
SmallIconStylesheet
userweb.epic.com/Customer/ 		101 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://userweb.epic.com/Customer/SmallIconStylesheet
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Scripts/React/css/main.1e919ee9.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.56.121 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
userweb.epic.com
Software
/
Resource Hash
48ee4d147142dc13250b44b311ee533c53b84dfb3c1b699e4e2a7cc81f800744
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.epic.com; img-src 'self' *.epic.com data: blob:; style-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline'; frame-ancestors 'self' *.epic.com https://login.microsoftonline.com; frame-src 'self' https://login.microsoftonline.com *.epic.com; child-src 'self' https://login.microsoftonline.com *.epic.com; report-uri https://userweb.epic.com/Error/CspReport
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.epic.com; img-src 'self' *.epic.com data: blob:; style-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline'; frame-ancestors 'self' *.epic.com https://login.microsoftonline.com; frame-src 'self' https://login.microsoftonline.com *.epic.com; child-src 'self' https://login.microsoftonline.com *.epic.com; report-uri https://userweb.epic.com/Error/CspReport
Date
Mon, 26 Feb 2024 16:11:39 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Mon, 26 Feb 2024 15:54:30 GMT
Vary
*, Accept-Encoding
Content-Type
text/css; charset=utf-8
P3P
CP="Not a privacy policy"
Cache-Control
public, max-age=2570
Connection
Keep-Alive
Content-Length
11658
Expires
Mon, 26 Feb 2024 16:54:30 GMT
MediumIconStylesheet
userweb.epic.com/Customer/ 		104 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://userweb.epic.com/Customer/MediumIconStylesheet
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Scripts/React/css/main.1e919ee9.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.56.121 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
userweb.epic.com
Software
/
Resource Hash
020539711b7f3fed4c0cb2ac9a6d1eb04ffd2a37490d0011519ad6f86dc2a5a9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.epic.com; img-src 'self' *.epic.com data: blob:; style-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline'; frame-ancestors 'self' *.epic.com https://login.microsoftonline.com; frame-src 'self' https://login.microsoftonline.com *.epic.com; child-src 'self' https://login.microsoftonline.com *.epic.com; report-uri https://userweb.epic.com/Error/CspReport
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.epic.com; img-src 'self' *.epic.com data: blob:; style-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline'; frame-ancestors 'self' *.epic.com https://login.microsoftonline.com; frame-src 'self' https://login.microsoftonline.com *.epic.com; child-src 'self' https://login.microsoftonline.com *.epic.com; report-uri https://userweb.epic.com/Error/CspReport
Date
Mon, 26 Feb 2024 16:11:39 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Mon, 26 Feb 2024 15:54:12 GMT
Vary
*, Accept-Encoding
Content-Type
text/css; charset=utf-8
P3P
CP="Not a privacy policy"
Cache-Control
public, max-age=2551
Connection
Keep-Alive
Content-Length
11506
Expires
Mon, 26 Feb 2024 16:54:12 GMT
LargeIconStylesheet
userweb.epic.com/Customer/ 		101 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://userweb.epic.com/Customer/LargeIconStylesheet
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Scripts/React/css/main.1e919ee9.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.56.121 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
userweb.epic.com
Software
/
Resource Hash
dbf301a558fed464eb654c4077cb288d16eb53ad4c8410f6f156172f9cac76c4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.epic.com; img-src 'self' *.epic.com data: blob:; style-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline'; frame-ancestors 'self' *.epic.com https://login.microsoftonline.com; frame-src 'self' https://login.microsoftonline.com *.epic.com; child-src 'self' https://login.microsoftonline.com *.epic.com; report-uri https://userweb.epic.com/Error/CspReport
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.epic.com; img-src 'self' *.epic.com data: blob:; style-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline'; frame-ancestors 'self' *.epic.com https://login.microsoftonline.com; frame-src 'self' https://login.microsoftonline.com *.epic.com; child-src 'self' https://login.microsoftonline.com *.epic.com; report-uri https://userweb.epic.com/Error/CspReport
Date
Mon, 26 Feb 2024 16:11:39 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Mon, 26 Feb 2024 15:54:12 GMT
Vary
*, Accept-Encoding
Content-Type
text/css; charset=utf-8
P3P
CP="Not a privacy policy"
Cache-Control
public, max-age=2551
Connection
Keep-Alive
Content-Length
11584
Expires
Mon, 26 Feb 2024 16:54:12 GMT
css2
fonts.googleapis.com/ 		1 KB
831 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Jost:wght@200..800&display=swap
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Scripts/React/css/main.1e919ee9.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
566ac95557a56c98d3aa302df1ee27f96914e88fae9f8f10cde7a3a47acad00c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Feb 2024 16:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 16:11:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Feb 2024 16:11:39 GMT
GetUserSecurity
vendorservices.epic.com/api/UserSecurity/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vendorservices.epic.com/api/UserSecurity/GetUserSecurity
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Scripts/React/js/main.5f6e5357.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.57.25 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
vendorservices.epic.com
Software
/
Resource Hash
9f23719ba06bc27610364ebcb19e2aa227d51dabf0da263ca1040d206856f18f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept
application/json
Referer
https://vendorservices.epic.com/Showroom/stage?id=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
application/json; charset=utf-8
Pragma
no-cache
Date
Mon, 26 Feb 2024 16:11:40 GMT
Cache-Control
no-cache, no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
2125
Expires
-1
AvailableOrganizations
vendorservices.epic.com/api/UserOrganizations/ 		47 B
300 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vendorservices.epic.com/api/UserOrganizations/AvailableOrganizations
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Scripts/React/js/main.5f6e5357.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.57.25 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
vendorservices.epic.com
Software
/
Resource Hash
46cc27575897f224475d34f6c4f82f67f9ebaad1ca38c76aee2b06e11d3ca14a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept
application/json
Referer
https://vendorservices.epic.com/Showroom/stage?id=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
application/json; charset=utf-8
Pragma
no-cache
Date
Mon, 26 Feb 2024 16:11:40 GMT
Cache-Control
no-cache, no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
47
Expires
-1
GetSiteInfo
vendorservices.epic.com/api/SiteHelpers/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vendorservices.epic.com/api/SiteHelpers/GetSiteInfo
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Scripts/React/js/main.5f6e5357.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.57.25 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
vendorservices.epic.com
Software
/
Resource Hash
687aae15da9c8241ea9dbbcf40bf2775ee1e718f8eb9b2dab4fa606e5332dca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept
application/json
Referer
https://vendorservices.epic.com/Showroom/stage?id=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
application/json; charset=utf-8
Pragma
no-cache
Date
Mon, 26 Feb 2024 16:11:40 GMT
Cache-Control
no-cache, no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
1046
Expires
-1
GetShowroomHomepage
vendorservices.epic.com/api/Showroom/ 		484 KB
484 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vendorservices.epic.com/api/Showroom/GetShowroomHomepage
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Scripts/React/js/main.5f6e5357.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.57.25 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
vendorservices.epic.com
Software
/
Resource Hash
f03d95afd1de759daee18cdafe52c9755c55ec84ce0953e06f15409570cea570
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept
application/json
Referer
https://vendorservices.epic.com/Showroom/stage?id=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
application/json; charset=utf-8
Pragma
no-cache
Date
Mon, 26 Feb 2024 16:11:40 GMT
Cache-Control
no-cache, no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
495583
Expires
-1
UserWeb.QuickSignIn.css
userweb.epic.com/Styles/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://userweb.epic.com/Styles/UserWeb.QuickSignIn.css
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Scripts/React/js/17.98297a24.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.56.121 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
userweb.epic.com
Software
/
Resource Hash
e6f062f375de90a55c2bea40caa5e267ad973f5e7b7bdacf5b0c0cac7c960663
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.epic.com; img-src 'self' *.epic.com data: blob:; style-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline'; frame-ancestors 'self' *.epic.com https://login.microsoftonline.com; frame-src 'self' https://login.microsoftonline.com *.epic.com; child-src 'self' https://login.microsoftonline.com *.epic.com; report-uri https://userweb.epic.com/Error/CspReport
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.epic.com; img-src 'self' *.epic.com data: blob:; style-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline'; frame-ancestors 'self' *.epic.com https://login.microsoftonline.com; frame-src 'self' https://login.microsoftonline.com *.epic.com; child-src 'self' https://login.microsoftonline.com *.epic.com; report-uri https://userweb.epic.com/Error/CspReport
Date
Mon, 26 Feb 2024 16:11:40 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 15 Apr 2021 01:50:00 GMT
ETag
"439461a59931d71:0"
Vary
Accept-Encoding
P3P
CP="Not a privacy policy"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2257
jquery-3.6.1.min.js
code.jquery.com/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Scripts/React/js/17.98297a24.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 16:11:40 GMT
via
1.1 varnish, 1.1 varnish
age
2270193
x-cache
HIT, HIT
content-length
89664
x-served-by
cache-lga13629-LGA, cache-fra-etou8220111-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1708963901.896820,VS0,VE0
etag
"28feccc0-15e40"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
19, 13319
UserWeb.QuickSignin.js
userweb.epic.com/Scripts/ 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://userweb.epic.com/Scripts/UserWeb.QuickSignin.js
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Scripts/React/js/17.98297a24.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.56.121 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
userweb.epic.com
Software
/
Resource Hash
659878eaede911bbac6939747c6aced33a1a556761bbb8b3b096be972f7b3351
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.epic.com; img-src 'self' *.epic.com data: blob:; style-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline'; frame-ancestors 'self' *.epic.com https://login.microsoftonline.com; frame-src 'self' https://login.microsoftonline.com *.epic.com; child-src 'self' https://login.microsoftonline.com *.epic.com; report-uri https://userweb.epic.com/Error/CspReport
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.epic.com; img-src 'self' *.epic.com data: blob:; style-src 'self' *.epic.com https://www.gstatic.com/charts/ 'unsafe-inline'; frame-ancestors 'self' *.epic.com https://login.microsoftonline.com; frame-src 'self' https://login.microsoftonline.com *.epic.com; child-src 'self' https://login.microsoftonline.com *.epic.com; report-uri https://userweb.epic.com/Error/CspReport
Date
Mon, 26 Feb 2024 16:11:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 18 Aug 2022 12:16:04 GMT
ETag
"2a1f9849fcb2d81:0"
P3P
CP="Not a privacy policy"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
10725
marquee-lights.146052b9.svg
vendorservices.epic.com/Scripts/React/media/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vendorservices.epic.com/Scripts/React/media/marquee-lights.146052b9.svg
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Showroom/stage?id=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.57.25 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
vendorservices.epic.com
Software
Microsoft-IIS/10.0 /
Resource Hash
5075752d2c5a49a3424c2af57309c7f4260354c1062b0d626f2a5f38af759a2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/Showroom/stage?id=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Mon, 26 Feb 2024 16:11:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 23 Feb 2024 02:05:28 GMT
Server
Microsoft-IIS/10.0
ETag
"3d5befc5fc65da1:0"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
7891
header-lights.3cb8598a.svg
vendorservices.epic.com/Scripts/React/media/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vendorservices.epic.com/Scripts/React/media/header-lights.3cb8598a.svg
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Showroom/stage?id=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.57.25 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
vendorservices.epic.com
Software
Microsoft-IIS/10.0 /
Resource Hash
63aed00279000c99a6743846134d4726289b46333d6dddae84b21977e8ae6303
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/Showroom/stage?id=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Mon, 26 Feb 2024 16:11:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 23 Feb 2024 02:05:28 GMT
Server
Microsoft-IIS/10.0
ETag
"3d5befc5fc65da1:0"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
2353
92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v15/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/jost/v15/92zatBhPNqw73oTd4g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Jost:wght@200..800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e3ceb99e33b0f3d149b7d617b24a487d07fe7595aa24d04a7f45a0312b0654c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vendorservices.epic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:01:26 GMT
x-content-type-options
nosniff
age
594614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26620
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:39:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Feb 2025 19:01:26 GMT
29.56bfd1b4.chunk.js
vendorservices.epic.com/Scripts/React/js/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vendorservices.epic.com/Scripts/React/js/29.56bfd1b4.chunk.js
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Showroom/stage?id=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.57.25 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
vendorservices.epic.com
Software
Microsoft-IIS/10.0 /
Resource Hash
c8600210591d9d85bf6f23fe6a44f77aba8a7663a640b629abb610f0c0c4dac0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/Showroom/stage?id=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Mon, 26 Feb 2024 16:11:40 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 23 Feb 2024 02:05:28 GMT
Server
Microsoft-IIS/10.0
ETag
"987f1c5fc65da1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
14543
UserWeb.png
vendorservices.epic.com/Content/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vendorservices.epic.com/Content/images/UserWeb.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.57.25 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
vendorservices.epic.com
Software
Microsoft-IIS/10.0 /
Resource Hash
a89b969b3a9ac694a87da6f7962c6071051a59c634bf0d81fd31d2d8f87a32c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/Showroom/stage?id=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Mon, 26 Feb 2024 16:11:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
Microsoft-IIS/10.0
ETag
/Content/images/UserWeb.png
Vary
*
Content-Type
image/png
Cache-Control
private, max-age=35939
Content-Length
19955
Expires
Tue, 27 Feb 2024 02:10:41 GMT
Bubbles.png
vendorservices.epic.com/Content/images/Showroom/ 		740 KB
741 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vendorservices.epic.com/Content/images/Showroom/Bubbles.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.57.25 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
vendorservices.epic.com
Software
Microsoft-IIS/10.0 /
Resource Hash
2a52f230e40acb87c9f800dd4050f40513de9e0cbd880ed0ea5cbcdf26f4a4e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/Showroom/stage?id=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Mon, 26 Feb 2024 16:11:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 29 Dec 2023 17:37:04 GMT
Server
Microsoft-IIS/10.0
ETag
"649649a37d3ada1:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
758013
Products.svg
vendorservices.epic.com/Content/images/Showroom/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vendorservices.epic.com/Content/images/Showroom/Products.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.57.25 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
vendorservices.epic.com
Software
Microsoft-IIS/10.0 /
Resource Hash
81acbb77109f07b99c7e1da8079034751cfae0b8ed1cdf2e194a22a6ca0306e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/Showroom/stage?id=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Mon, 26 Feb 2024 16:11:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 08 Feb 2024 20:53:12 GMT
Server
Microsoft-IIS/10.0
ETag
"4351bad4d05ada1:0"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
19638
RevCyclePartners.svg
vendorservices.epic.com/Content/images/Showroom/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vendorservices.epic.com/Content/images/Showroom/RevCyclePartners.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.57.25 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
vendorservices.epic.com
Software
Microsoft-IIS/10.0 /
Resource Hash
7346c02066bc85724d22a5a6cc95d5de36e4db7f438eac1ed5d3b0af430a791e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/Showroom/stage?id=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Mon, 26 Feb 2024 16:11:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 08 Feb 2024 20:53:12 GMT
Server
Microsoft-IIS/10.0
ETag
"47a0bad4d05ada1:0"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
5823
RevCyclePartners.svg
vendorservices.epic.com/Content/images/Showroom/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vendorservices.epic.com/Content/images/Showroom/RevCyclePartners.svg
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Scripts/React/js/17.98297a24.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.57.25 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
vendorservices.epic.com
Software
Microsoft-IIS/10.0 /
Resource Hash
7346c02066bc85724d22a5a6cc95d5de36e4db7f438eac1ed5d3b0af430a791e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/Showroom/stage?id=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Mon, 26 Feb 2024 16:11:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 08 Feb 2024 20:53:12 GMT
Server
Microsoft-IIS/10.0
ETag
"47a0bad4d05ada1:0"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
5823
Products.svg
vendorservices.epic.com/Content/images/Showroom/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vendorservices.epic.com/Content/images/Showroom/Products.svg
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Scripts/React/js/17.98297a24.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.57.25 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
vendorservices.epic.com
Software
Microsoft-IIS/10.0 /
Resource Hash
81acbb77109f07b99c7e1da8079034751cfae0b8ed1cdf2e194a22a6ca0306e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/Showroom/stage?id=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Mon, 26 Feb 2024 16:11:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 08 Feb 2024 20:53:12 GMT
Server
Microsoft-IIS/10.0
ETag
"4351bad4d05ada1:0"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
19638
UserWeb.png
vendorservices.epic.com/Content/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vendorservices.epic.com/Content/images/UserWeb.png
Requested by
Host: vendorservices.epic.com
URL: https://vendorservices.epic.com/Scripts/React/js/17.98297a24.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.204.57.25 Madison, United States, ASN10359 (EPICSYS, US),
Reverse DNS
vendorservices.epic.com
Software
Microsoft-IIS/10.0 /
Resource Hash
a89b969b3a9ac694a87da6f7962c6071051a59c634bf0d81fd31d2d8f87a32c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vendorservices.epic.com/Showroom/stage?id=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Mon, 26 Feb 2024 16:11:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
Microsoft-IIS/10.0
ETag
/Content/images/UserWeb.png
Vary
*
Content-Type
image/png
Cache-Control
private, max-age=35939
Content-Length
19955
Expires
Tue, 27 Feb 2024 02:10:41 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam.nr-data.net
URL
https://bam.nr-data.net/jserrors/1/1a5da492d2?a=2164051&v=1.252.0&to=Il9eRkQKCVtSERkICA9bH1FaDAZc&rst=1512&ck=0&s=70afbd2949c8148b&ref=https://t.yesware.com/tt/0dbc40be40bc861221d8ea1b3070e694af03e6d3/63c733dc8f3e8866f00315ab9fbc3701/ff548d23f28d67e8ecfcc83c593eb827/vendorservices.epic.com/Showroom/stage&hr=0
Domain
bam.nr-data.net
URL
https://bam.nr-data.net/events/1/1a5da492d2?a=2164051&v=1.252.0&to=Il9eRkQKCVtSERkICA9bH1FaDAZc&rst=1513&ck=0&s=70afbd2949c8148b&ref=https://t.yesware.com/tt/0dbc40be40bc861221d8ea1b3070e694af03e6d3/63c733dc8f3e8866f00315ab9fbc3701/ff548d23f28d67e8ecfcc83c593eb827/vendorservices.epic.com/Showroom/stage&hr=0
Domain
bam.nr-data.net
URL
https://bam.nr-data.net/jserrors/1/1a5da492d2?a=2164051&v=1.252.0&to=Il9eRkQKCVtSERkICA9bH1FaDAZc&rst=1513&ck=0&s=70afbd2949c8148b&ref=https://t.yesware.com/tt/0dbc40be40bc861221d8ea1b3070e694af03e6d3/63c733dc8f3e8866f00315ab9fbc3701/ff548d23f28d67e8ecfcc83c593eb827/vendorservices.epic.com/Showroom/stage&hr=0

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonpreact-app-template function| applyFocusVisiblePolyfill object| regeneratorRuntime function| $ function| jQuery object| UserWeb

4 Cookies

Domain/Path Name / Value
.yesware.com/ Name: t
Value: u0lujX0fF8pRvAW7e12Vsw
vendorservices.epic.com/ Name: EpicPersistenceCookie
Value: !7P7vMDddmZ9w2WzDnBaZuGaSv3+6GPCMX6Nsp7ajPaxiv12gPIEF7K+mNiguFjFy5ZKiPqZXVEoO+9Y=
userweb.epic.com/ Name: EpicPersistenceCookie
Value: !3ys2fjZz8lNarl7DnBaZuGaSv3+6GF9sxIrCNLD8dSbanSB/oO43OofCaES+dknqtOupgHi9Gal1dw==
vendorservices.epic.com/ Name: AOTimezoneOffset
Value: -60

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
t.yesware.com
userweb.epic.com
vendorservices.epic.com
bam.nr-data.net
151.101.130.137
162.247.241.14
199.204.56.121
199.204.57.25
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200a
2a04:4e42::649
54.85.40.224
020539711b7f3fed4c0cb2ac9a6d1eb04ffd2a37490d0011519ad6f86dc2a5a9
1e3ceb99e33b0f3d149b7d617b24a487d07fe7595aa24d04a7f45a0312b0654c
2a52f230e40acb87c9f800dd4050f40513de9e0cbd880ed0ea5cbcdf26f4a4e1
46cc27575897f224475d34f6c4f82f67f9ebaad1ca38c76aee2b06e11d3ca14a
475da59aca245ce458fda6afa19d586ce7b3e3f157440bde202ef5a76f19c782
48ee4d147142dc13250b44b311ee533c53b84dfb3c1b699e4e2a7cc81f800744
50684546867b1e854756fb963ed876c0982281dce4b4d02a17b0db77792d32ed
5075752d2c5a49a3424c2af57309c7f4260354c1062b0d626f2a5f38af759a2a
566ac95557a56c98d3aa302df1ee27f96914e88fae9f8f10cde7a3a47acad00c
63aed00279000c99a6743846134d4726289b46333d6dddae84b21977e8ae6303
659878eaede911bbac6939747c6aced33a1a556761bbb8b3b096be972f7b3351
687aae15da9c8241ea9dbbcf40bf2775ee1e718f8eb9b2dab4fa606e5332dca6
7346c02066bc85724d22a5a6cc95d5de36e4db7f438eac1ed5d3b0af430a791e
81acbb77109f07b99c7e1da8079034751cfae0b8ed1cdf2e194a22a6ca0306e1
89e1aa6d8497779f002ac0b2e0761d3147ae9b3a4cf428ebd1699e4fce20a68a
9f23719ba06bc27610364ebcb19e2aa227d51dabf0da263ca1040d206856f18f
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a89b969b3a9ac694a87da6f7962c6071051a59c634bf0d81fd31d2d8f87a32c2
c8600210591d9d85bf6f23fe6a44f77aba8a7663a640b629abb610f0c0c4dac0
d45fb3f4b77e3a561abb44c5d077d64d76430b109354fc39347ac9825ea2a2c6
dbf301a558fed464eb654c4077cb288d16eb53ad4c8410f6f156172f9cac76c4
e6f062f375de90a55c2bea40caa5e267ad973f5e7b7bdacf5b0c0cac7c960663
eb8f07d8ff95894ed4895272f13928511e62a42ddf99d6b1f8ed7df6284cb6f0
f03d95afd1de759daee18cdafe52c9755c55ec84ce0953e06f15409570cea570