urlscan.io logo urlscan.io
SecurityTrails logo

webpayments.billmatrix.com Open in urlscan Pro
107.162.176.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://jmdjaw.com/39EWLXo
Effective URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Submission: On February 20 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 34 HTTP transactions. The main IP is 107.162.176.132, located in United States and belongs to DEFENSE-NET, US. The main domain is webpayments.billmatrix.com. The Cisco Umbrella rank of the primary domain is 229971.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 21st 2023. Valid for: a year.
This is the only time webpayments.billmatrix.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.107.198.97 396982 (GOOGLE-CL...)
17 107.162.176.132 55002 (DEFENSE-NET)
2 172.253.122.95 15169 (GOOGLE)
4 142.251.163.92 15169 (GOOGLE)
1 142.251.16.94 15169 (GOOGLE)
4 172.253.122.94 15169 (GOOGLE)
6 172.253.63.138 15169 (GOOGLE)
34 6
1    34.107.198.97 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.198.107.34.bc.googleusercontent.com
jmdjaw.com
17    107.162.176.132 (United States)

ASN55002 (DEFENSE-NET, US)
webpayments.billmatrix.com
2    172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net
fonts.googleapis.com
4    142.251.163.92 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f92.1e100.net
pay.google.com
1    142.251.16.94 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net
fonts.gstatic.com
4    172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net
www.gstatic.com
6    172.253.63.138 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f138.1e100.net
play.google.com
Apex Domain
Subdomains		 Transfer
17 billmatrix.com
webpayments.billmatrix.com — Cisco Umbrella Rank: 229971
585 KB
10 google.com
pay.google.com — Cisco Umbrella Rank: 2908
play.google.com — Cisco Umbrella Rank: 44
422 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
254 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
1 KB
1 jmdjaw.com
jmdjaw.com
370 B
34 5
Domain Requested by
17 webpayments.billmatrix.com webpayments.billmatrix.com
6 play.google.com www.gstatic.com
4 www.gstatic.com pay.google.com
www.gstatic.com
4 pay.google.com webpayments.billmatrix.com
pay.google.com
www.gstatic.com
2 fonts.googleapis.com webpayments.billmatrix.com
1 fonts.gstatic.com fonts.googleapis.com
1 jmdjaw.com 1 redirects
34 7

This site contains no links.

Subject Issuer Validity Valid
*.billmatrix.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-21 -
2024-09-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://webpayments.billmatrix.com/WellcareGuestPortal
Frame ID: 14AB250F9BD2E480DB76C16E997979B9
Requests: 21 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwebpayments.billmatrix.com&mid=
Frame ID: CF16E1954CAE22ADB09C0612F1B66942
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BillMatrix - Welcome

Page URL History Show full URLs

  1. http://jmdjaw.com/39EWLXo HTTP 302
    https://webpayments.billmatrix.com/WellcareGuestPortal Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/material(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

6
IPs

1
Countries

1262 kB
Transfer

3396 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://jmdjaw.com/39EWLXo HTTP 302
    https://webpayments.billmatrix.com/WellcareGuestPortal Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request WellcareGuestPortal
webpayments.billmatrix.com/
Redirect Chain
  • http://jmdjaw.com/39EWLXo
  • https://webpayments.billmatrix.com/WellcareGuestPortal
65 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.176.132 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
e46d96c2dcc10262fff010db862925a5e3ec77b7f58763753a89452e7819f3e2
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 includeSubDomains; preload max-age=157680000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST
Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Feb 2024 21:51:56 GMT
Expires
-1
Pragma
no-cache,no-cache
Strict-Transport-Security
max-age=31536000 includeSubDomains; preload max-age=157680000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 dca1-bit11033
X-Content-Type-Options
nosniff
X-FRAME-OPTIONS
DENY
X-Frame-Options
SAMEORIGIN
X-Robots-Tag
noindex
X-XSS-Protection
1; mode=block
ntCoent-Length
66661

Redirect headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
325
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Feb 2024 21:51:55 GMT
Function-Execution-Id
3aohdzkaliaw
Location
https://webpayments.billmatrix.com/WellcareGuestPortal
Server
Google Frontend
Via
1.1 google
X-Cloud-Trace-Context
5745cce3c30bebbf482cab2b276a4295
jquery-3.6.0.min.js
webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/Scripts/ 		87 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/Scripts/jquery-3.6.0.min.js
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.176.132 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://webpayments.billmatrix.com/WellcareGuestPortal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security
max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 20 Feb 2024 21:51:56 GMT
Via
1.1 dca1-bit11039
Content-Length
89503
X-XSS-Protection
1; mode=block
Pragma
no-cache,no-cache
Last-Modified
Mon, 19 Feb 2024 04:22:04 GMT
ETag
"91401331eb62da1:0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST
Content-Type
application/javascript
Cache-Control
no-cache, no-store
Accept-Ranges
bytes
X-Robots-Tag
noindex
Access-Control-Allow-Headers
Content-Type
Expires
-1
ThemeSupport
webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/Scripts/ 		58 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/Scripts/ThemeSupport
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.176.132 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
51741af57f8e60c93b227f28112a29c01ffe503da9673e64fb817f3b9bdbdb7e
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://webpayments.billmatrix.com/WellcareGuestPortal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security
max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 20 Feb 2024 21:51:56 GMT
Content-Encoding
gzip
Via
1.1 dca1-bit16010
ntCoent-Length
59868
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Pragma
no-cache,no-cache
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Access-Control-Allow-Headers
Content-Type
Expires
-1
CSS
webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/v2/Content/ 		683 KB
111 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/v2/Content/CSS
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.176.132 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
64061bb7f73213e25ffbda428f241edf4f8d272df77660b1db3a690fd9717c04
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://webpayments.billmatrix.com/WellcareGuestPortal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security
max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 20 Feb 2024 21:51:56 GMT
Content-Encoding
gzip
Via
1.1 dca1-bit11033
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Pragma
no-cache,no-cache
Cteonnt-Length
699123
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Access-Control-Allow-Headers
Content-Type
Expires
-1
FsDatepicker
webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/v2/Content/CSS/ 		9 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/v2/Content/CSS/FsDatepicker
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.176.132 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
c014f4d9e820a2c12c2162752e74813a5e4a2774bfa0a277d16bc12ebc0c5d49
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://webpayments.billmatrix.com/WellcareGuestPortal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security
max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 20 Feb 2024 21:51:56 GMT
Content-Encoding
gzip
Via
1.1 dca1-bit11033
Content-Length
1817
X-XSS-Protection
1; mode=block
Pragma
no-cache,no-cache
Cteonnt-Length
8883
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Access-Control-Allow-Headers
Content-Type
Expires
-1
FsDropdown
webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/v2/Content/CSS/ 		4 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/v2/Content/CSS/FsDropdown
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.176.132 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
8af8ae0a4858bd56274339790d86482b577c206e9de44cedae5713da37b36d1c
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://webpayments.billmatrix.com/WellcareGuestPortal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security
max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 20 Feb 2024 21:51:56 GMT
Content-Encoding
gzip
Via
1.1 dca1-bit17014
Content-Length
1211
X-XSS-Protection
1; mode=block
Pragma
no-cache,no-cache
Cteonnt-Length
4201
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Access-Control-Allow-Headers
Content-Type
Expires
-1
Biller.WellcareproviderGuest.css
webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/BillerCSS/ 		640 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/BillerCSS/Biller.WellcareproviderGuest.css
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.176.132 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
b39530ec5bc85d8f4c160e15572dd351f937dc03c3714a3d23455bf2190e22d8
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://webpayments.billmatrix.com/WellcareGuestPortal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security
max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 20 Feb 2024 21:51:56 GMT
Content-Encoding
gzip
Via
1.1 dca1-bit19011
Content-Length
310
X-XSS-Protection
1; mode=block
Pragma
no-cache,no-cache
Cteonnt-Length
640
Last-Modified
Mon, 14 Aug 2023 02:02:21 GMT
ETag
"4f3e715c53ced91:0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST
Content-Type
text/css
Cache-Control
no-cache, no-store
Accept-Ranges
bytes
X-Robots-Tag
noindex
Access-Control-Allow-Headers
Content-Type
Expires
-1
icon
fonts.googleapis.com/ 		569 B
416 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
ESF /
Resource Hash
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://webpayments.billmatrix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 21:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 21:51:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Feb 2024 21:51:56 GMT
icon
fonts.googleapis.com/ 		616 B
799 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons+Outlined
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
ESF /
Resource Hash
3f93939a32d53667337d1f980bb4fcac832e561c97882de60da2b9e49426d95a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://webpayments.billmatrix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 21:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 21:51:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Feb 2024 21:51:56 GMT
wellcare_logo.jpg
webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/billerlogo/ 		39 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/billerlogo/wellcare_logo.jpg
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.176.132 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
1c7c59bd09a5e374cc156db11439d7cb3654b98f27bcaf8c8474aabfcc30a923
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://webpayments.billmatrix.com/WellcareGuestPortal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security
max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 20 Feb 2024 21:51:56 GMT
Via
1.1 dca1-bit11033
Content-Length
40106
X-XSS-Protection
1; mode=block
Pragma
no-cache,no-cache
Last-Modified
Mon, 14 Aug 2023 02:02:21 GMT
ETag
"da65785c53ced91:0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST
Content-Type
image/jpeg
Cache-Control
no-cache, no-store
Accept-Ranges
bytes
X-Robots-Tag
noindex
Access-Control-Allow-Headers
Content-Type
Expires
-1
pay.js
pay.google.com/gp/p/js/ 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.92 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f92.1e100.net
Software
ESF /
Resource Hash
9a8915aea1dbb6b2ef9752558fd5d49345859c75806cb19bdae6bbdca814e667
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-Se0C4Be547TboApaJKav9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://webpayments.billmatrix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 21:51:57 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-Se0C4Be547TboApaJKav9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjKtHikmLw0pBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-PqSSQKI1YB4h48Hi5jPdFa-ddNZVYBYc_101kAgdkqfwRoAxD71M1ijgFiIh-Pv3ivr2AQ29N7dwwgAL8M0tA"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 20 Feb 2024 21:51:57 GMT
Plugins
webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/v2/Scripts/ 		294 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/v2/Scripts/Plugins
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.176.132 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
c3229b0a6fafed2d4fb7f557a9ed201d19cafb6440706d271da460d4f6f5500c
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://webpayments.billmatrix.com/WellcareGuestPortal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security
max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 20 Feb 2024 21:51:56 GMT
Content-Encoding
gzip
Via
1.1 dca1-bit11033
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Pragma
no-cache,no-cache
Cteonnt-Length
301058
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Access-Control-Allow-Headers
Content-Type
Expires
-1
Layout
webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/Scripts/ODWebPages/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/Scripts/ODWebPages/Layout
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.176.132 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
f8c1ef169d57f96afb9686924bf8b903ff13b98523ac79250120aef1cc14309a
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://webpayments.billmatrix.com/WellcareGuestPortal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security
max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 20 Feb 2024 21:51:56 GMT
Content-Encoding
gzip
Via
1.1 dca1-bit11033
Content-Length
5727
X-XSS-Protection
1; mode=block
Pragma
no-cache,no-cache
Cteonnt-Length
19264
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Access-Control-Allow-Headers
Content-Type
Expires
-1
bootstrap.bundle.min.js
webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/Scripts/ 		77 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/Scripts/bootstrap.bundle.min.js
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.176.132 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
5d97e438677a16e845f3c8791a0126448a576e6fa1064168ef8c980cf639adbc
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://webpayments.billmatrix.com/WellcareGuestPortal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security
max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 20 Feb 2024 21:51:56 GMT
Via
1.1 dca1-bit11033
Content-Length
78641
X-XSS-Protection
1; mode=block
Pragma
no-cache,no-cache
Last-Modified
Mon, 19 Feb 2024 04:25:08 GMT
ETag
"2974c39eeb62da1:0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST
Content-Type
application/javascript
Cache-Control
no-cache, no-store
Accept-Ranges
bytes
X-Robots-Tag
noindex
Access-Control-Allow-Headers
Content-Type
Expires
-1
material.min.js
webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/Content/Themes/v2/material-4.1.1/js/ 		36 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/Content/Themes/v2/material-4.1.1/js/material.min.js
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.176.132 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
b2fa6ede26e808fcc212046dd77dd888a90891dd120a03eb278ac58b8b8d8468
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://webpayments.billmatrix.com/WellcareGuestPortal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security
max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 20 Feb 2024 21:51:56 GMT
Via
1.1 dca1-bit11033
Content-Length
36847
X-XSS-Protection
1; mode=block
Pragma
no-cache,no-cache
Last-Modified
Mon, 19 Feb 2024 04:22:26 GMT
ETag
"fe21593eeb62da1:0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST
Content-Type
application/javascript
Cache-Control
no-cache, no-store
Accept-Ranges
bytes
X-Robots-Tag
noindex
Access-Control-Allow-Headers
Content-Type
Expires
-1
FsDatepicker
webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/v2/Scripts/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/v2/Scripts/FsDatepicker
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.176.132 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
8a69150c2b7e86388cccb860e0552946e860f0d7d28115703254ceceaa5c7a50
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://webpayments.billmatrix.com/WellcareGuestPortal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security
max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 20 Feb 2024 21:51:56 GMT
Content-Encoding
gzip
Via
1.1 dca1-bit11033
Content-Length
2344
X-XSS-Protection
1; mode=block
Pragma
no-cache,no-cache
Cteonnt-Length
7880
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Access-Control-Allow-Headers
Content-Type
Expires
-1
FsPhoneNumber
webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/v2/Scripts/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/v2/Scripts/FsPhoneNumber
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.176.132 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
00fc05d6204a27ac759f9f89dcf8d380978bb8bfde28259917df2c1b76c07758
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://webpayments.billmatrix.com/WellcareGuestPortal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security
max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 20 Feb 2024 21:51:57 GMT
Content-Encoding
gzip
Via
1.1 dca1-bit11033
Content-Length
803
X-XSS-Protection
1; mode=block
Pragma
no-cache,no-cache
Cteonnt-Length
2484
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Access-Control-Allow-Headers
Content-Type
Expires
-1
FsMask
webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/v2/Scripts/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/v2/Scripts/FsMask
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.176.132 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
3aa815055fe7235eae45ba027a950a47e7934014a42f0275ee4274034564d569
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://webpayments.billmatrix.com/WellcareGuestPortal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security
max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 20 Feb 2024 21:51:56 GMT
Content-Encoding
gzip
Via
1.1 dca1-bit11039
Content-Length
1058
X-XSS-Protection
1; mode=block
Pragma
no-cache,no-cache
Cteonnt-Length
2802
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Access-Control-Allow-Headers
Content-Type
Expires
-1
Theme
webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/v2/ 		155 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/v2/Theme
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.176.132 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
9c299a4fa628f490420d6f861642a50eb4dd40afee227d3261bde0e32c8df273
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://webpayments.billmatrix.com/WellcareGuestPortal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security
max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 20 Feb 2024 21:51:56 GMT
Content-Encoding
gzip
Via
1.1 dca1-bit16010
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Pragma
no-cache,no-cache
Cteonnt-Length
158847
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Access-Control-Allow-Headers
Content-Type
Expires
-1
wellcare_logo.jpg
webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/billerlogo/ 		39 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webpayments.billmatrix.com/WellcareGuestPortal/StaticContent/billerlogo/wellcare_logo.jpg
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.176.132 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
1c7c59bd09a5e374cc156db11439d7cb3654b98f27bcaf8c8474aabfcc30a923
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://webpayments.billmatrix.com/WellcareGuestPortal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security
max-age=31536000 includeSubDomains; preload, max-age=157680000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Tue, 20 Feb 2024 21:51:56 GMT
Via
1.1 dca1-bit19011
Content-Length
40106
X-XSS-Protection
1; mode=block
Pragma
no-cache,no-cache
Last-Modified
Mon, 14 Aug 2023 02:02:21 GMT
ETag
"da65785c53ced91:0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST
Content-Type
image/jpeg
Cache-Control
no-cache, no-store
Accept-Ranges
bytes
X-Robots-Tag
noindex
Access-Control-Allow-Headers
Content-Type
Expires
-1
gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2
fonts.gstatic.com/s/materialiconsoutlined/v109/ 		152 KB
152 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialiconsoutlined/v109/gok-H7zzDkdnRel8-DQ6KAXJ69wP1tGnf4ZGhUce.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons+Outlined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://webpayments.billmatrix.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 04:14:59 GMT
x-content-type-options
nosniff
age
322618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
155276
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 20:24:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Feb 2025 04:14:59 GMT
payframe
pay.google.com/gp/p/ui/ Frame CF16 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwebpayments.billmatrix.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.92 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f92.1e100.net
Software
ESF /
Resource Hash
c88fe0f4747f8c89cfc24a9f933e0194a666807fb16236918b0483cd165f1941
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b8iUkzbvsQUpKmtTFSYYeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webpayments.billmatrix.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-b8iUkzbvsQUpKmtTFSYYeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Tue, 20 Feb 2024 21:51:57 GMT
expires
Tue, 20 Feb 2024 21:51:57 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjKtHikmLw0pBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-PqSSQKI1YB4h48Hi5jPdFa-ddNZVYBYc_101kAgdkqfwRoAxD71M1ijgFiIh-Pv3ivr2AQWzL_ZxgQAL0Q0fQ"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.4H-Iq1nCVwk.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame CF16 		157 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.4H-Iq1nCVwk.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjE-6hHop0t9IAxt-ztE4UjZMWMfQ/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwebpayments.billmatrix.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
537db9f8420e6dba396ff32a69513eb911dbeec3a725bf70e4dc55651b51381b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56911
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 12:02:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Feb 2025 17:22:33 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame CF16 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: webpayments.billmatrix.com
URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.92 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f92.1e100.net
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 20 Feb 2024 21:51:57 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.4H-Iq1nCVwk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ufb... Frame CF16 		75 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.4H-Iq1nCVwk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ufbaBSu4aqg.L.B1.O/am=wCAN/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriUHq3GE4riEsVPti5mmuKxoSTsSg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.4H-Iq1nCVwk.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjE-6hHop0t9IAxt-ztE4UjZMWMfQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
492f110c857f2a45fe0e56aaa7f4294aa258550d1f6281a747c07f08782b605b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 18:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27766
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 07:38:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Feb 2025 18:21:24 GMT
pay
pay.google.com/gp/p/ui/ Frame CF16 		1 MB
376 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.4H-Iq1nCVwk.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjE-6hHop0t9IAxt-ztE4UjZMWMfQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.92 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f92.1e100.net
Software
ESF /
Resource Hash
3d46b75ea2e07c712a598cfcb1ad4df369cb7bdc9e4ed8145e79e220afbe48d6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rLwB-q1n-IKFnJzoUakUmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 21:51:57 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-rLwB-q1n-IKFnJzoUakUmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjKtHikmLw0pBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-PqSSQKI1YB4h48Hi5jPdFa-ddNZVYBYc_101kAgdkqfwRoAxD71M1ijgFiIh-Pv3ivr2AQmXD-zgRkAMAI0ww"
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 20 Feb 2024 21:51:57 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.4H-Iq1nCVwk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ufb... Frame CF16 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.4H-Iq1nCVwk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ufbaBSu4aqg.L.B1.O/am=wCAN/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriUHq3GE4riEsVPti5mmuKxoSTsSg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.4H-Iq1nCVwk.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjE-6hHop0t9IAxt-ztE4UjZMWMfQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
529abaffc427a17df2e0cc5a1b098992030183c194491272f161e42fa885b00a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 18:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4154
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 07:38:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Feb 2025 18:21:26 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.4H-Iq1nCVwk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ufb... Frame CF16 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.4H-Iq1nCVwk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ufbaBSu4aqg.L.B1.O/am=wCAN/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriUHq3GE4riEsVPti5mmuKxoSTsSg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.4H-Iq1nCVwk.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjE-6hHop0t9IAxt-ztE4UjZMWMfQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
a330e03a32c0ee2cfcc0b8f12997b6836bbbffe6fd71b91812e7e6384c165fab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 18:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14359
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 07:38:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Feb 2025 18:21:26 GMT
log
play.google.com/ Frame CF16 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.4H-Iq1nCVwk.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjE-6hHop0t9IAxt-ztE4UjZMWMfQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f138.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 20 Feb 2024 21:51:58 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 20 Feb 2024 21:51:58 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f138.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 20 Feb 2024 21:51:57 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame CF16 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.4H-Iq1nCVwk.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjE-6hHop0t9IAxt-ztE4UjZMWMfQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f138.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 20 Feb 2024 21:51:58 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 20 Feb 2024 21:51:58 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f138.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 20 Feb 2024 21:51:57 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame CF16 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.4H-Iq1nCVwk.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjE-6hHop0t9IAxt-ztE4UjZMWMfQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f138.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 20 Feb 2024 21:51:58 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 20 Feb 2024 21:51:58 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f138.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 20 Feb 2024 21:51:57 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| antiClickjack function| $ function| jQuery object| newServerVars undefined| currentTheme string| ScheduledPayment_MaximumStartIntervalInDays string| ScheduledPayment_MaximumScheduleDurationInDays string| Recurring_MaximumStartIntervalInDays string| Recurring_MaximumScheduleDurationInDays string| COOKIE_IS_SUPPORTED string| PaymentInformation_EmailAddress_Required string| GetSystemStringDateWithTimeOffset string| NewGuid string| userInActivityUrl string| timeOutUrl string| sessionTimeoutVal number| timeToDisplayTimeoutScreen string| logOutUrl string| welcomePageUrl string| stayLoggedInUrl string| maskCharacter object| serverVars boolean| isApplePayEnabled string| pathAndQuery function| Themes function| BaseTheme object| themes string| theme string| IsConcurrentSessionPopupVisible string| IsFormPostUser string| CardSwapSupportedLayout string| showSessionTimeout string| CardSwipeDeviceConnectivityMessage string| MaxPaymentAmount string| MinPaymentAmount boolean| isGooglePayEnabled string| WalletExpiresSoonMessage string| WalletExpiredMessage function| manageWalletExpirationCue function| preventDrag function| printDiv function| setCookie function| CreateBrowserObjectForJquery function| CheckSubmit function| RedirecttoMainPage function| RedirecttoPopuporMainPage function| HideConfirmationPopUp function| HidePopUp function| SetTabIndex function| OnLoading function| OnLoadComplete function| showProgress function| isSessionTimedOut function| GetCurrentBrowser function| IsCookieSupported function| setSessionTimeoutTicks function| Logout function| MaskTextBox function| UnmaskTextBox function| IsUndefinedOrNull function| MaskNumber function| RegisterMaskCardNumberEvents function| RegisterMaskAccountNumberEvents function| validateEmailReceiptInput function| DoValidation function| DaysInMonth function| parseDateFromFormattedValue function| addCommas number| setCountDown undefined| countDownId object| userInactivityDiv boolean| skipTimeOnAjaxStart boolean| displayTnC undefined| isGooglePayEnabledCW undefined| IsAutoFocus function| startCountDownForTimeoutScreen object| bootstrap object| material function| FsDatepicker function| FsPhoneNumber function| v2Theme function| isDonationAmountInValid function| inViewport function| anchorPaymentDrawerButton function| checkIfMobile function| normalizePaymentInfo function| setPaymentMethodAttrsOnElement object| Utility function| SetupToken object| matched object| browser object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchantIdsHashedValueListForGpayButtonVariant string| dynamicGpayButtonVariant object| google

8 Cookies

Domain/Path Name / Value
webpayments.billmatrix.com/WellcareGuestPortal Name: OD4WebCookie
Value: 0607d935fc814e3591ec7395752ef102
webpayments.billmatrix.com/WellcareGuestPortal Name: SessionItem::Identifiers::SecureSessionCookie
Value: 001-1fca16bda8f73ca59149f9cc8acaed5d-0392744719-7bc6918fb37f3a1989a6814fdac64dac$$
webpayments.billmatrix.com/WellcareGuestPortal Name: TS01421506
Value: 01b1b9c5c59fee01988c7e867c27c122c2394797c828f47fe2e8c24a95614cfd3cc7008184526598e9570c7e27c4c3b2413b533b9e
webpayments.billmatrix.com/ Name: SameSite
Value: None
webpayments.billmatrix.com/ Name: __RequestVerificationToken
Value: IZeK-OORDW5f4btZUgeBgGblD12ut8twANABpwlYkm7E7NYsnNQ36NJ-Thwj2JNWyi9BeEsYZjmrBpjtmjMert4EDbVkx78DgGWjpw_VW11jEPIO6arGEcNcv3UFeiljxQLaMg2
webpayments.billmatrix.com/ Name: ADRUM_BTa
Value: R:54|g:c821c940-74d7-4b6d-ab35-f1f5552235b1|n:customer1_3de35df6-8a19-4314-9fce-e14ef03e00f5
webpayments.billmatrix.com/ Name: TS01d4e29a
Value: 01d6b712cbe08c0dd749eb4555c16b275fe4ed033b9b871986591c0f38eb5e2b199029b8f7916c6cbf344dff76cf2e1ba1713131f7
.google.com/ Name: NID
Value: 511=fI7F_E_LD85888i5hggpUnGYGmbFHODs8C7EFxfborVzovbHId3KCachNquvFlwIDh7VxdLJTf2DERJtl4OOvmObDDftLtWwZ_7U7A2i5wgPqnlYBQo1ZGX9Aedgn4hYgqXbpIbrKT0JXm0ZQUZ4_4I6FpMxID7Pe1EDcxT_H54

12 Console Messages

Source Level URL
Text
other warning URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://webpayments.billmatrix.com/WellcareGuestPortal
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.google-analytics.com *.paypal.com *.braintreegateway.com *.braintree-api.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.paypal.com *.braintreegateway.com *.braintree-api.com; font-src 'self' *.googleapis.com *.gstatic.com *.paypal.com *.braintreegateway.com *.braintree-api.com; img-src 'self' *.gstatic.com *.google.com *.paypal.com *.braintreegateway.com *.braintree-api.com data:; connect-src 'self' *.google.com https://google.com/pay *.paypal.com *.braintreegateway.com *.braintree-api.com; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000 includeSubDomains; preload max-age=157680000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
jmdjaw.com
pay.google.com
play.google.com
webpayments.billmatrix.com
www.gstatic.com
107.162.176.132
142.251.16.94
142.251.163.92
172.253.122.94
172.253.122.95
172.253.63.138
34.107.198.97
00fc05d6204a27ac759f9f89dcf8d380978bb8bfde28259917df2c1b76c07758
1c7c59bd09a5e374cc156db11439d7cb3654b98f27bcaf8c8474aabfcc30a923
35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577
3aa815055fe7235eae45ba027a950a47e7934014a42f0275ee4274034564d569
3d46b75ea2e07c712a598cfcb1ad4df369cb7bdc9e4ed8145e79e220afbe48d6
3f93939a32d53667337d1f980bb4fcac832e561c97882de60da2b9e49426d95a
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
492f110c857f2a45fe0e56aaa7f4294aa258550d1f6281a747c07f08782b605b
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51741af57f8e60c93b227f28112a29c01ffe503da9673e64fb817f3b9bdbdb7e
529abaffc427a17df2e0cc5a1b098992030183c194491272f161e42fa885b00a
537db9f8420e6dba396ff32a69513eb911dbeec3a725bf70e4dc55651b51381b
5d97e438677a16e845f3c8791a0126448a576e6fa1064168ef8c980cf639adbc
64061bb7f73213e25ffbda428f241edf4f8d272df77660b1db3a690fd9717c04
8a69150c2b7e86388cccb860e0552946e860f0d7d28115703254ceceaa5c7a50
8af8ae0a4858bd56274339790d86482b577c206e9de44cedae5713da37b36d1c
9a8915aea1dbb6b2ef9752558fd5d49345859c75806cb19bdae6bbdca814e667
9c299a4fa628f490420d6f861642a50eb4dd40afee227d3261bde0e32c8df273
a330e03a32c0ee2cfcc0b8f12997b6836bbbffe6fd71b91812e7e6384c165fab
b2fa6ede26e808fcc212046dd77dd888a90891dd120a03eb278ac58b8b8d8468
b39530ec5bc85d8f4c160e15572dd351f937dc03c3714a3d23455bf2190e22d8
c014f4d9e820a2c12c2162752e74813a5e4a2774bfa0a277d16bc12ebc0c5d49
c3229b0a6fafed2d4fb7f557a9ed201d19cafb6440706d271da460d4f6f5500c
c88fe0f4747f8c89cfc24a9f933e0194a666807fb16236918b0483cd165f1941
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
e46d96c2dcc10262fff010db862925a5e3ec77b7f58763753a89452e7819f3e2
f8c1ef169d57f96afb9686924bf8b903ff13b98523ac79250120aef1cc14309a