billpay.envisionhealth.com Open in urlscan Pro
34.237.104.192 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://a.smpp.me/OT3Un5
Effective URL:
https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm...
Submission: On January 11 via manual (January 11th 2024, 9:01:25 pm UTC) from US — Scanned from DE

Summary HTTP 38 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 38 HTTP transactions. The main IP is 34.237.104.192, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is billpay.envisionhealth.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on September 16th 2023. Valid for: a year.

This is the only time billpay.envisionhealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:10:... 2606:4700:10::ac43:b46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 25	34.237.104.192 34.237.104.192	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	13.32.145.43 13.32.145.43	16509 (AMAZON-02) (AMAZON-02)
2	34.238.211.110 34.238.211.110	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:202... 2600:9000:2022:7200:1a:ef45:7580:21	16509 (AMAZON-02) (AMAZON-02)
1 4	2606:4700:10:... 2606:4700:10::ac43:c29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	35.193.200.253 35.193.200.253	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
38	9

2 2606:4700:10::ac43:b46 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.smpp.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 34.237.104.192 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-104-192.compute-1.amazonaws.com

billpay.envisionhealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.145.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-145-43.cdg50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.238.211.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-211-110.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2022:7200:1a:ef45:7580:21 (United States)

ASN16509 (AMAZON-02, US)

dxql1etc638wm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:c29 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bot.ivy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.193.200.253 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 253.200.193.35.bc.googleusercontent.com

ai1.ivy-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	envisionhealth.com 1 redirects billpay.envisionhealth.com	4 MB
4	ivy.ai 1 redirects bot.ivy.ai — Cisco Umbrella Rank: 112945	152 KB
3	cloudfront.net dxql1etc638wm.cloudfront.net	40 KB
3	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 5941 heapanalytics.com — Cisco Umbrella Rank: 4932	39 KB
2	ivy-cdn.com ai1.ivy-cdn.com — Cisco Umbrella Rank: 145362	81 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	2 KB
2	smpp.me 2 redirects a.smpp.me	541 B
1	gstatic.com fonts.gstatic.com	35 KB
38	8

	Domain	Requested by
25	billpay.envisionhealth.com	1 redirects billpay.envisionhealth.com
4	bot.ivy.ai	1 redirects billpay.envisionhealth.com
3	dxql1etc638wm.cloudfront.net	billpay.envisionhealth.com
2	ai1.ivy-cdn.com
2	heapanalytics.com
2	fonts.googleapis.com	billpay.envisionhealth.com client
2	a.smpp.me	2 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.heapanalytics.com	billpay.envisionhealth.com
38	9

This site contains links to these domains. Also see Links.

Domain
www.flywire.com

Subject Issuer	Validity	Valid
billpay.envisionhealth.com Amazon RSA 2048 M01	`2023-09-16` - `2024-10-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
bot.ivy.ai GTS CA 1P5	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.ivy-cdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-01-25`	10 months	crt.sh

This page contains 1 frames:

Primary Page: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
Frame ID: C79EF0EACD13F32361ADA2FA11B31243
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

https://a.smpp.me/OT3Un5 HTTP 301
https://a.smpp.me/sl/OT3Un5 HTTP 301
https://billpay.envisionhealth.com/providers/env_rsn18/bills/16652325?utm_campaign=env_rsn18&utm_content=hanks&... HTTP 302
https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hank... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Page Statistics

38
Requests

97 %
HTTPS

56 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

4337 kB
Transfer

4719 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.flywire.com/legal/terms-of-use
Title: Flywire Terms of Use

Search URL Search Domain Scan URL

URL: https://www.flywire.com/legal/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.flywire.com/legal/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://a.smpp.me/OT3Un5 HTTP 301
https://a.smpp.me/sl/OT3Un5 HTTP 301
https://billpay.envisionhealth.com/providers/env_rsn18/bills/16652325?utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills HTTP 302
https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://bot.ivy.ai/storage/bot/z1BaQjXoxVWJ98Mo0nGdgNew5LZyqr6R/image-58f3ba94-a40a-41c2-9cc6-13b9ff8b93ec.jpg HTTP 302
https://ai1.ivy-cdn.com/storage/bot/z1BaQjXoxVWJ98Mo0nGdgNew5LZyqr6R/image-58f3ba94-a40a-41c2-9cc6-13b9ff8b93ec.jpg

38 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request env_rsn18 Show response
billpay.envisionhealth.com/app/login/
Redirect Chain

https://a.smpp.me/OT3Un5
https://a.smpp.me/sl/OT3Un5
https://billpay.envisionhealth.com/providers/env_rsn18/bills/16652325?utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills

934 B
1 KB

96ms
96ms

Document
text/html

34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

0b3c0df8b0c4d620ed5d3669f8143a9fec70bd7f298dbf7d72f0450dcb668953

Security Headers

Name

Value

Content-Security-Policy

default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self' frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org

X-Frame-Options

SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self' frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
content-type: text/html
date: Thu, 11 Jan 2024 21:01:19 GMT
etag: W/"659f9488-3a6"
last-modified: Thu, 11 Jan 2024 07:11:04 GMT
server: nginx/1.24.0
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: no-cache
content-security-policy: default-src 'self' https: 'unsafe-inline' 'unsafe-eval' data:; frame-ancestors 'self' https://everydaywell.memorialhermann.org/ https://qa.everydaywell.memorialhermann.org/ https://dev.everydaywell.memorialhermann.org/ https://test.everydaywell.memorialhermann.org/
content-type: text/html; charset=utf-8
date: Thu, 11 Jan 2024 21:01:19 GMT
location: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-request-id: c13df97f-9353-478b-906f-838a5182b800
x-runtime: 0.998488
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:300,400,500

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5b217be8a5bf6a34908c89d0fe1cd7ba679e78f84a4df58f6f28090e654835f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 21:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 20:54:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 21:01:19 GMT

GET
H2 200 main.05fbef98.js Show response
billpay.envisionhealth.com/app/static/js/ 3 MB
3 MB 192ms
191ms Script
application/javascript 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/main.05fbef98.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

528eac3b326f8b4f242972d213875aaba3589bb29412b2bae12e825ab85a991d

Security Headers

Name

Value

Content-Security-Policy

default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:19 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Thu, 11 Jan 2024 07:11:04 GMT
server: nginx/1.24.0
etag: "659f9488-2a102f"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 2756655

GET
H2 200 appSettings.json Show response
billpay.envisionhealth.com/app/ 58 B
716 B 96ms
95ms Fetch
application/json 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/appSettings.json

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/static/js/main.05fbef98.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

2b041c986f50081033b2353deda522cebaa77a057d76417ad94a607d4cfff93d

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:20 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
content-encoding: gzip
last-modified: Thu, 11 Jan 2024 07:11:06 GMT
server: nginx/1.24.0
etag: W/"659f948a-3a"
x-frame-options: SAMEORIGIN
content-type: application/json

GET
H2 200 432.b218d397.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 4 KB
5 KB 97ms
97ms Script
application/javascript 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/432.b218d397.chunk.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/static/js/main.05fbef98.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

290a2f42ae6c21dace67719e2b03939ba8bb05bc0f77ba9fac1f2294c846ab96

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:20 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Thu, 11 Jan 2024 07:11:04 GMT
server: nginx/1.24.0
etag: "659f9488-fe1"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 4065

GET
H2 200 heap.js Show response
billpay.envisionhealth.com/app/scripts/ 632 B
1 KB 96ms
95ms Script
application/javascript 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/scripts/heap.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/static/js/main.05fbef98.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

b8116dd06f6135d29007e751c20bc66dfd091675390b3fadad5106546a4a75b2

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:20 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Thu, 11 Jan 2024 07:09:17 GMT
server: nginx/1.24.0
etag: "659f941d-278"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 632

POST
H2 200 graphql Show response
billpay.envisionhealth.com/ 279 B
1 KB 177ms
177ms Fetch
application/json 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/graphql

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/static/js/main.05fbef98.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

Resource Hash

cb81bd8b9c9d5b8b147c94213c8bcd99c63e81035c6d3d8d4d65ff43e3b03128

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
source: patient-client
requestid: lr9p2op8a6hwfr3vpog-pe-ui
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json
accept: */*
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
x-request-id: lr9p2oski9cwi7f5jf-pe-ui

Response headers

x-runtime: 0.078609
date: Thu, 11 Jan 2024 21:01:20 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
etag: W/"cb81bd8b9c9d5b8b147c94213c8bcd99"
x-download-options: noopen
vary: Accept, Origin
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-xss-protection: 1; mode=block
x-request-id: lr9p2oski9cwi7f5jf-pe-ui

GET
H2 200 heap-3444644936.js Show response
cdn.heapanalytics.com/js/ 118 KB
38 KB 178ms
111ms Script
application/javascript 13.32.145.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-3444644936.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/heap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.145.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-145-43.cdg50.r.cloudfront.net

Software

nginx / Express

Resource Hash

8c962f8b9ba3e4d8d169d341225b7cd7907bbb3e8d91e03f107dd3f42f2a267f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:00:04 GMT
content-encoding: br
via: 1.1 a06b3af7aeb84a80d60dd16b849e62e0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: CDG50-C2
age: 76
x-powered-by: Express
etag: W/"1d75e-9ZC4Uv1a6lAsa0O3EjZGJnG5JnA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: tTtZXyQs56IMxeCSZ5fYGIQ1R53ZVR_vY6N1JByN9p86smGVIZ-c_g==

GET
H2 200 newRelic.js Show response
billpay.envisionhealth.com/app/scripts/ 28 KB
29 KB 96ms
96ms Script
application/javascript 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/scripts/newRelic.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/static/js/main.05fbef98.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

c47d8c1d8ac10514204fe924e8bbf5c7dba780dd0fbff2954fb8b79c0ed43fdb

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:20 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Thu, 11 Jan 2024 07:09:17 GMT
server: nginx/1.24.0
etag: "659f941d-70d2"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 28882

POST
H2 200 graphql Show response
billpay.envisionhealth.com/ 2 KB
3 KB 108ms
108ms Fetch
application/json 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/graphql

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

Resource Hash

ffc8d115c181eef61013f6fdfd0e1a20693c59ec5154a6d35b5b810a5c6ea54a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

tracestate: 416014@nr=0-1-416014-1120009141-59a779f51cdf7e19----1705006880706
traceparent: 00-e4df10c38faee82029d6cbe20ca2f690-59a779f51cdf7e19-01
accept-language: de-DE,de;q=0.9
source: patient-client
requestid: lr9p2op8a6hwfr3vpog-pe-ui
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQxNjAxNCIsImFwIjoiMTEyMDAwOTE0MSIsImlkIjoiNTlhNzc5ZjUxY2RmN2UxOSIsInRyIjoiZTRkZjEwYzM4ZmFlZTgyMDI5ZDZjYmUyMGNhMmY2OTAiLCJ0aSI6MTcwNTAwNjg4MDcwNn19
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
x-request-id: lr9p2oxssmxg2cea68-pe-ui

Response headers

x-runtime: 0.009674
date: Thu, 11 Jan 2024 21:01:20 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
etag: W/"ffc8d115c181eef61013f6fdfd0e1a20"
x-download-options: noopen
vary: Accept, Origin
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-xss-protection: 1; mode=block
x-request-id: lr9p2oxssmxg2cea68-pe-ui

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 319ms
94ms Image
image/gif 34.238.211.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3444644936&u=2847044219042016&v=918802497399173&s=1682087220631800&b=web&tv=4.0&z=0&h=%2Fapp%2Flogin%2Fenv_rsn18&q=%3Fbill_id%3D16652325%26utm_campaign%3Denv_rsn18%26utm_content%3Dhanks%26utm_medium%3Dsms%26utm_source%3Dbill_reminder%26utm_term%3Dview%2B%2526%2Bpay%2Bbills&d=billpay.envisionhealth.com&t=My%20Bills&us=bill_reminder&um=sms&ut=view%20%26%20pay%20bills&uc=hanks&ua=env_rsn18&ts=1705006880741&st=1705006880742

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.238.211.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-238-211-110.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 21:01:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 en.json Show response
dxql1etc638wm.cloudfront.net/patient_translation_files/ 69 KB
18 KB 455ms
372ms Fetch
application/json 2600:9000:2022:7200:1a:ef45:7580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dxql1etc638wm.cloudfront.net/patient_translation_files/en.json
Requested by: Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2022:7200:1a:ef45:7580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30e53a5b15b2fbf69f4822e183fa6215722fd77be143bc6e4d072c81b058e845

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: QuNjw7bcQsOFTzQtmVLh.nE.lQpIqE95
content-encoding: gzip
via: 1.1 d7df51aafcbd8ccd09aa248564ae5780.cloudfront.net (CloudFront)
date: Thu, 11 Jan 2024 21:01:22 GMT
x-amz-cf-pop: MRS52-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 17505
last-modified: Thu, 04 Jan 2024 09:34:43 GMT
server: AmazonS3
etag: "4f548de319e25cb2183e240a64df1e30"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: n5u4H21wB--n0geWIDmMi-fewXAcNSHQr0W9mRQL_Gzr-Vmi5OWRHQ==

GET
H2 200 en-providers.json Show response
dxql1etc638wm.cloudfront.net/patient_translation_files/ 22 KB
3 KB 445ms
363ms Fetch
application/json 2600:9000:2022:7200:1a:ef45:7580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dxql1etc638wm.cloudfront.net/patient_translation_files/en-providers.json
Requested by: Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2022:7200:1a:ef45:7580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 291bc74d1eff6c4787a6a75c9417fd6766048c3210b17d2cf51124f4f80fd4c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: lx58qAse0DNGqbaZUIyyHptcgGrILCOe
content-encoding: gzip
via: 1.1 d7df51aafcbd8ccd09aa248564ae5780.cloudfront.net (CloudFront)
date: Thu, 11 Jan 2024 21:01:22 GMT
x-amz-cf-pop: MRS52-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 2413
last-modified: Thu, 04 Jan 2024 09:34:41 GMT
server: AmazonS3
etag: "bbd103d8a1ae84d124eeb467f7e3fe6b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: koWRnVbOxwwqjocomLv97lcqownBpJ8r1BOHEUkMWRK-xsSd_oqzyw==

POST
H2 200 graphql Show response
billpay.envisionhealth.com/ 100 B
866 B 107ms
107ms Fetch
application/json 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/graphql

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

Resource Hash

2d9d13551fad7e475be889c3acdaad50a9818854ca7ccd6043d53fa57da0cbe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

tracestate: 416014@nr=0-1-416014-1120009141-f10c247839d9b74b----1705006881287
traceparent: 00-2657349604d6169efb049f4f55adaba0-f10c247839d9b74b-01
accept-language: de-DE,de;q=0.9
source: patient-client
requestid: lr9p2op8a6hwfr3vpog-pe-ui
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQxNjAxNCIsImFwIjoiMTEyMDAwOTE0MSIsImlkIjoiZjEwYzI0NzgzOWQ5Yjc0YiIsInRyIjoiMjY1NzM0OTYwNGQ2MTY5ZWZiMDQ5ZjRmNTVhZGFiYTAiLCJ0aSI6MTcwNTAwNjg4MTI4N319
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
x-request-id: lr9p2pdycsvqwwewspj-pe-ui

Response headers

x-runtime: 0.007735
date: Thu, 11 Jan 2024 21:01:21 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
etag: W/"2d9d13551fad7e475be889c3acdaad50"
x-download-options: noopen
vary: Accept, Origin
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-xss-protection: 1; mode=block
x-request-id: lr9p2pdycsvqwwewspj-pe-ui

POST
H2 200 graphql Show response
billpay.envisionhealth.com/ 4 KB
5 KB 149ms
149ms Fetch
application/json 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/graphql

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

Resource Hash

efcc4ffa31bcef9847187c638554656f83e8e1ed6da5f3f35d3caf9a093078e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

tracestate: 416014@nr=0-1-416014-1120009141-5e130e6736018ea6----1705006881400
traceparent: 00-655b988f230e0caeb572ada512e09df0-5e130e6736018ea6-01
accept-language: de-DE,de;q=0.9
source: patient-client
requestid: lr9p2op8a6hwfr3vpog-pe-ui
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQxNjAxNCIsImFwIjoiMTEyMDAwOTE0MSIsImlkIjoiNWUxMzBlNjczNjAxOGVhNiIsInRyIjoiNjU1Yjk4OGYyMzBlMGNhZWI1NzJhZGE1MTJlMDlkZjAiLCJ0aSI6MTcwNTAwNjg4MTQwMH19
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
x-request-id: lr9p2ph3gdk5jinv5l-pe-ui

Response headers

x-runtime: 0.050361
date: Thu, 11 Jan 2024 21:01:21 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
etag: W/"efcc4ffa31bcef9847187c638554656f"
x-download-options: noopen
vary: Accept, Origin
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-xss-protection: 1; mode=block
x-request-id: lr9p2ph3gdk5jinv5l-pe-ui

POST
H2 200 graphql Show response
billpay.envisionhealth.com/ 107 B
1 KB 485ms
485ms Fetch
application/json 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/graphql

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

Resource Hash

4d6d1fe7fea5c48f8b2db51461d4ea46e77a944501a1fde58ab9d145db342dd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

tracestate: 416014@nr=0-1-416014-1120009141-6b6b9c89115b33a9----1705006881556
traceparent: 00-6c8f8181cbcc78e465f80718a02c8c90-6b6b9c89115b33a9-01
accept-language: de-DE,de;q=0.9
source: patient-client
requestid: lr9p2op8a6hwfr3vpog-pe-ui
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQxNjAxNCIsImFwIjoiMTEyMDAwOTE0MSIsImlkIjoiNmI2YjljODkxMTViMzNhOSIsInRyIjoiNmM4ZjgxODFjYmNjNzhlNDY1ZjgwNzE4YTAyYzhjOTAiLCJ0aSI6MTcwNTAwNjg4MTU1Nn19
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
x-request-id: lr9p2plf4cgo29naucg-pe-ui

Response headers

x-runtime: 0.382511
date: Thu, 11 Jan 2024 21:01:21 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
etag: W/"4d6d1fe7fea5c48f8b2db51461d4ea46"
x-download-options: noopen
vary: Accept, Origin
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-xss-protection: 1; mode=block
x-request-id: lr9p2plf4cgo29naucg-pe-ui

GET
H2 200 354.e67a7ac6.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 65 KB
66 KB 97ms
96ms Script
application/javascript 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/354.e67a7ac6.chunk.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

612080a62e107fde30275890ee492f5cd03cc13c26034fa4ef3968a309d7d91b

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:22 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Thu, 11 Jan 2024 07:11:04 GMT
server: nginx/1.24.0
etag: "659f9488-105f1"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 67057

GET
H2 200 901.48099de2.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 8 KB
8 KB 99ms
98ms Script
application/javascript 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/901.48099de2.chunk.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

35975027f825fc61730711367f202378bcd86a2520b0b4259a657931c6f0f9ae

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:22 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Thu, 11 Jan 2024 07:11:04 GMT
server: nginx/1.24.0
etag: "659f9488-1ecf"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 7887

GET
H2 200 918.cca2047e.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 15 KB
16 KB 98ms
96ms Script
application/javascript 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/918.cca2047e.chunk.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

04bcbc2aaaf600d8f03069765e741ead4cceb672652c81090150e570dce36d8a

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:22 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Thu, 11 Jan 2024 07:11:04 GMT
server: nginx/1.24.0
etag: "659f9488-3c59"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 15449

GET
H2 200 867.95b957ce.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 20 KB
21 KB 100ms
99ms Script
application/javascript 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/867.95b957ce.chunk.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

acb120a60738041d611f5434b95da95ab132e4cc6f4de64be2db2dc0a52c3580

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:22 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Thu, 11 Jan 2024 07:11:04 GMT
server: nginx/1.24.0
etag: "659f9488-5156"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 20822

GET
H2 200 780.1ca93559.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 11 KB
12 KB 100ms
100ms Script
application/javascript 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/780.1ca93559.chunk.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

770f2ac36a1641aa71862926849be8925eb4e711ef603dbe3339d77b041514d8

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:22 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Thu, 11 Jan 2024 07:11:04 GMT
server: nginx/1.24.0
etag: "659f9488-2db1"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 11697

GET
H2 200 277.2804d3e4.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 13 KB
14 KB 101ms
100ms Script
application/javascript 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/277.2804d3e4.chunk.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

0a26cf4c8ba88845b0677451f0f9d9b35773c327aec2bdb6f9fd33e3f285d755

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:22 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Thu, 11 Jan 2024 07:11:04 GMT
server: nginx/1.24.0
etag: "659f9488-34e9"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 13545

GET
H2 200 231.577e3e37.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 23 KB
23 KB 97ms
97ms Script
application/javascript 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/231.577e3e37.chunk.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

bb5c69c5b5a8835f83af2e3904173082b4a4f7de384583d34a9ffc7e4cf78ab8

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:22 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Thu, 11 Jan 2024 07:11:04 GMT
server: nginx/1.24.0
etag: "659f9488-5a88"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 23176

GET
H2 200 382.998a8bbc.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 794 KB
796 KB 99ms
99ms Script
application/javascript 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/382.998a8bbc.chunk.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

e226afa15a2b5810a5858fda78e36a4cc3e180eb8dece684cb9edff4fffac33e

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:22 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Thu, 11 Jan 2024 07:11:04 GMT
server: nginx/1.24.0
etag: "659f9488-c67d0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 813008

GET
H2 200 11.985e1ffc.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 272 KB
273 KB 96ms
96ms Script
application/javascript 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/11.985e1ffc.chunk.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

c208ccf771077034d9d1722390f450d18ed3812d8631f866f10c2fa73513993b

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:22 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Thu, 11 Jan 2024 07:11:04 GMT
server: nginx/1.24.0
etag: "659f9488-4418c"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 278924

GET
H2 200 703.bcb6d01a.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 9 KB
10 KB 100ms
100ms Script
application/javascript 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/703.bcb6d01a.chunk.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

e8db7caab7ff752e2bbc3ba4b0d5adad953cc56cab93f903f480813c6a3767eb

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:22 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Thu, 11 Jan 2024 07:11:04 GMT
server: nginx/1.24.0
etag: "659f9488-2542"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 9538

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4228da17baf2203fb2fb4e83156f7ec2838e715ac1cd84207e0897737ee3441c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 icon-notification-expand.d4a2ce09a825c9f3766edc47e277fb6a.svg
billpay.envisionhealth.com/app/static/media/ 316 B
964 B 96ms
96ms Image
image/svg+xml 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billpay.envisionhealth.com/app/static/media/icon-notification-expand.d4a2ce09a825c9f3766edc47e277fb6a.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

a982f3a540d22d7f99b304ab9f620906313a338d7939bb14a91dec2852ccb80d

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_rsn18?bill_id=16652325&utm_campaign=env_rsn18&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:22 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Thu, 11 Jan 2024 07:11:04 GMT
server: nginx/1.24.0
etag: "659f9488-13c"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 316

GET
H2 200 db80f14c1f_20220114154234_patient_logo_provider_env_gfl26-image.png
dxql1etc638wm.cloudfront.net/settings_service_assets/ 19 KB
19 KB 88ms
36ms Image
image/png 2600:9000:2022:7200:1a:ef45:7580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxql1etc638wm.cloudfront.net/settings_service_assets/db80f14c1f_20220114154234_patient_logo_provider_env_gfl26-image.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2022:7200:1a:ef45:7580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d301216e857444e5b5c45c24fa178a81fa14b5ef76f137d91cebff7803f5fd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 11 Jan 2024 20:58:32 GMT
via: 1.1 a6e32bd914015b20776b115cfb4ba692.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jan 2022 15:42:35 GMT
server: AmazonS3
x-amz-cf-pop: MRS52-C1
age: 171
x-amz-server-side-encryption: AES256
etag: "db80f14c1f28798900a0949d7e638c46"
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 19394
x-amz-cf-id: SbsBTxVdUNzer95XOPAxg0OcFeZOpod7Kw3q7pKri0xUEHPTnTQVlA==

GET
H2 200 z1BaQjXoxVWJ98Mo0nGdgNew5LZyqr6R Show response
bot.ivy.ai/bot/script/category/ 321 KB
79 KB 404ms
358ms Script
application/javascript 2606:4700:10::ac43:c29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bot.ivy.ai/bot/script/category/z1BaQjXoxVWJ98Mo0nGdgNew5LZyqr6R

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37b9f26f8f8ed61e5d68b78dad89175f22a9a32afff42bd68d3263728c64d6de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:22 GMT
x-made-with: <3 in Boulder, CO
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
x-uid: ivy-web-botscript-7c6595f654-5tpjq
etag: W/"1353c-HAiJWKxxlAd5pR9QhwK0RRnCg6U"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 844018370f97bb8f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 powered-by-flywire.a84fe4fd47e9134ca92833f0f59e7347.svg
billpay.envisionhealth.com/app/static/media/ 2 KB
3 KB 97ms
96ms Image
image/svg+xml 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billpay.envisionhealth.com/app/static/media/powered-by-flywire.a84fe4fd47e9134ca92833f0f59e7347.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

a581445a22c3612d31f96a7616ed0f948e3b6fab033d54625e2ac8d124c90301

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:22 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Thu, 11 Jan 2024 07:11:04 GMT
server: nginx/1.24.0
etag: "659f9488-89a"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2202

GET
H2 200 language-icon.0d29d62b9acc9fe6d82f41ffd75d06fe.svg
billpay.envisionhealth.com/app/static/media/ 831 B
1 KB 96ms
95ms Image
image/svg+xml 34.237.104.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billpay.envisionhealth.com/app/static/media/language-icon.0d29d62b9acc9fe6d82f41ffd75d06fe.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.104.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-104-192.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

3eb1c56d8d7e4c4a421fc53e17faf0575d812c47adb37e6906897fbab0693e1e

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:22 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ p1941.playground.patientportal.us-1.healtheintent.com dev.lgh.patientportal.us-1.healtheintent.com my.rogersbh.org tmcmed.patientportal.us-1.healtheintent.com www.mynahealthcare.com mynahealthcare.com demo1.playground.patientportal.us-1.healtheintent.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Thu, 11 Jan 2024 07:11:04 GMT
server: nginx/1.24.0
etag: "659f9488-33f"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 831

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 35 KB
35 KB 27ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://billpay.envisionhealth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:02:14 GMT
x-content-type-options: nosniff
age: 201548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35448
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 13:02:14 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 93ms
93ms Image
image/gif 34.238.211.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3444644936&u=2847044219042016&v=3342441031471805&s=1682087220631800&b=web&tv=4.0&z=2&h=%2Fapp%2Flogin&d=billpay.envisionhealth.com&t=Login&ts=1705006882368&pr=%2Fapp%2Flogin%2Fenv_rsn18&sp=us&sp=bill_reminder&sp=um&sp=sms&sp=ut&sp=view%20%26%20pay%20bills&sp=uc&sp=hanks&sp=ua&sp=env_rsn18&sp=ts&sp=1705006880741&sp=d&sp=billpay.envisionhealth.com&sp=h&sp=%2Fapp%2Flogin%2Fenv_rsn18&sp=q&sp=%3Fbill_id%3D16652325%26utm_campaign%3Denv_rsn18%26utm_content%3Dhanks%26utm_medium%3Dsms%26utm_source%3Dbill_reminder%26utm_term%3Dview%2B%2526%2Bpay%2Bbills&st=1705006882369

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.238.211.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-238-211-110.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 21:01:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 css
fonts.googleapis.com/ 9 KB
819 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,700,900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5008f6d044c9b181a6ff6d108e14fd005eb79d701e9ecee90f7766ca12b3f62f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 21:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 21:01:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 21:01:23 GMT

GET
H2

200

image-58f3ba94-a40a-41c2-9cc6-13b9ff8b93ec.jpg
ai1.ivy-cdn.com/storage/bot/z1BaQjXoxVWJ98Mo0nGdgNew5LZyqr6R/
Redirect Chain

https://bot.ivy.ai/storage/bot/z1BaQjXoxVWJ98Mo0nGdgNew5LZyqr6R/image-58f3ba94-a40a-41c2-9cc6-13b9ff8b93ec.jpg
https://ai1.ivy-cdn.com/storage/bot/z1BaQjXoxVWJ98Mo0nGdgNew5LZyqr6R/image-58f3ba94-a40a-41c2-9cc6-13b9ff8b93ec.jpg

40 KB
41 KB

370ms
370ms

Image
application/octet-stream

35.193.200.253
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ai1.ivy-cdn.com/storage/bot/z1BaQjXoxVWJ98Mo0nGdgNew5LZyqr6R/image-58f3ba94-a40a-41c2-9cc6-13b9ff8b93ec.jpg

Protocol

Server

35.193.200.253 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

253.200.193.35.bc.googleusercontent.com

Software

Resource Hash

a4a219df944cd522ed8bfeb2783f2d85fa78057f6b542cbc6f5395ed90030958

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:23 GMT
x-made-with: <3 in Boulder, CO
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 01 Dec 2020 20:58:01 GMT
x-uid: ivy-web-botscript-7c6595f654-wxxp6
etag: CM6CkI/Wre0CEAE=
x-frame-options: DENY
content-type: application/octet-stream
cache-control: public, max-age=86400
content-length: 41232
x-xss-protection: 1; mode=block

Redirect headers

date: Thu, 11 Jan 2024 21:01:23 GMT
x-made-with: <3 in Boulder, CO
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: BYPASS
server: cloudflare
x-uid: ivy-web-bot-fbb8bbb48-p6w58
x-frame-options: DENY
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://ai1.ivy-cdn.com/storage/bot/z1BaQjXoxVWJ98Mo0nGdgNew5LZyqr6R/image-58f3ba94-a40a-41c2-9cc6-13b9ff8b93ec.jpg
cf-ray: 8440183adda2bb8f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 137
x-xss-protection: 1; mode=block

GET
H2 200 image-17f2d21c-42cd-44d6-b561-705a5d0bad3e.jpg
ai1.ivy-cdn.com/storage/bot/z1BaQjXoxVWJ98Mo0nGdgNew5LZyqr6R/ 40 KB
41 KB 495ms
189ms Image
application/octet-stream 35.193.200.253
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ai1.ivy-cdn.com/storage/bot/z1BaQjXoxVWJ98Mo0nGdgNew5LZyqr6R/image-17f2d21c-42cd-44d6-b561-705a5d0bad3e.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.200.253 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

253.200.193.35.bc.googleusercontent.com

Software

Resource Hash

a4a219df944cd522ed8bfeb2783f2d85fa78057f6b542cbc6f5395ed90030958

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:01:23 GMT
x-made-with: <3 in Boulder, CO
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 11 Jul 2023 22:08:03 GMT
x-uid: ivy-web-botscript-7c6595f654-vft6w
etag: CLusiKrVh4ADEAE=
x-frame-options: DENY
content-type: application/octet-stream
cache-control: public, max-age=86400
content-length: 41232
x-xss-protection: 1; mode=block

GET
H3 200 fontawesome-webfont.woff2
bot.ivy.ai/s/vendor/font-awesome/fonts/ 70 KB
71 KB 589ms
571ms Font
font/woff2 2606:4700:10::ac43:c29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bot.ivy.ai/s/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:c29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://billpay.envisionhealth.com/
Origin: https://billpay.envisionhealth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ivy-static: 1
date: Thu, 11 Jan 2024 21:01:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 71896
last-modified: Thu, 11 Jan 2024 12:48:37 GMT
server: cloudflare
etag: "659fe3a5-118d8"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 8440183afc1c2c3f-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H3 200 ivy-chat-icons.ttf
bot.ivy.ai/s/fonts/ivy-chat-icons/ 2 KB
2 KB 144ms
128ms Font
application/octet-stream 2606:4700:10::ac43:c29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bot.ivy.ai/s/fonts/ivy-chat-icons/ivy-chat-icons.ttf?v=1.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:c29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1cba01207ab687900688dbf4dbfc4990ed2067c8ce3756ad1d2087aadd60959

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://billpay.envisionhealth.com/
Origin: https://billpay.envisionhealth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ivy-static: 1
date: Thu, 11 Jan 2024 21:01:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 2036
last-modified: Thu, 11 Jan 2024 12:48:37 GMT
server: cloudflare
etag: "659fe3a5-7f4"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 8440183afc1d2c3f-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
billpay.envisionhealth.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 7FCYXgYEI32j3uSFCuHHvSBzp1ZBlvA9gV48G3dQypm4FZlt5pDRh82tV9Y%2BsKtSp7RKk%2FBugyQSFDBHxBlR8Q%3D%3D
.envisionhealth.com/	1970-01-20 17:36:48	Name: _hp2_ses_props.3444644936 Value: %7B%22us%22%3A%22bill_reminder%22%2C%22um%22%3A%22sms%22%2C%22ut%22%3A%22view%20%26%20pay%20bills%22%2C%22uc%22%3A%22hanks%22%2C%22ua%22%3A%22env_rsn18%22%2C%22ts%22%3A1705006880741%2C%22d%22%3A%22billpay.envisionhealth.com%22%2C%22h%22%3A%22%2Fapp%2Flogin%2Fenv_rsn18%22%2C%22q%22%3A%22%3Fbill_id%3D16652325%26utm_campaign%3Denv_rsn18%26utm_content%3Dhanks%26utm_medium%3Dsms%26utm_source%3Dbill_reminder%26utm_term%3Dview%2B%2526%2Bpay%2Bbills%22%7D
billpay.envisionhealth.com/	1969-12-31 23:59:59	Name: _simplee_store2 Value: WlRlTXhQSDZnVC9QYXpCQVNPb2JpS280VmJrOU03dTFpM1VGcTdWSHZRU0FabVo5KzZUME4zRXVvNWlmcDJsWXM3dDhHZWN2L0h0dHhRa0dFeG1nSVgrdjVxY0cvM3RaS0dXNDBVV0dtMFNNOHBudVJEd3F6dGpJNHVrZVU2bWhFV1IzcFBod2dweTdjVEkvWWhMSTZic0pyWUlYWTdCcDNDTVFnWU1OK0tFQzNaL0RtcEVlQU9nWW9DK214QysxUWtjczNoeUxud3lXQ3k2bUwrYjdhcWtnTkxJTi9heFVtK25EaHU1ZTZOek5ySVU2dlJmdW9kWGNHcjM4ZXprZjZYQ3V1R1FOS1dqV1RKd2UxVk1SUnRMTWVtNFdoTU9TeUJ2UTUrbWhGRnZlbkxkaUdqbjlBMncra1VZamZFVGI3WnRRaHNDMmc5S05tNC8ycm9ySklNZzJYNHQxa0xSN0NkL2FHQUQxb09GdVpoT0Jra05UcTJWamkxK2hGcmNWWDJkRCsvcVVhc2ZpeHVsOGdLRGpsM1V0bVVXYlNMZ2VCd0pISGhhZUkrU1NQQkFtZzBjcHdsb1k1RTR0ZTV0S1BDNUhkWE5yMmtjSjNYbSs0ZXpZR2xKK2JiZEZWMzB5Y2U1VkxBb3djMUc3WWpiVmkwWDIvRHRqYVlXSWw0V0stLWVENUVua3hmWnRsWDMvbHBSdFFobGc9PQ%3D%3D--3d8ee219cf45058c016aaec821b13dfcb84e9e99
.envisionhealth.com/	1970-01-21 02:22:22	Name: mp_5d49658fc0e0e107d198900d44aabdc8_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18cfa545d0012f1-01e03621134d5e-68325750-1d4c00-18cfa545d0012f1%22%2C%22%24device_id%22%3A%20%2218cfa545d0012f1-01e03621134d5e-68325750-1d4c00-18cfa545d0012f1%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22initial_utm_source%22%3A%20%22bill_reminder%22%2C%22initial_utm_medium%22%3A%20%22sms%22%2C%22initial_utm_campaign%22%3A%20%22env_rsn18%22%2C%22initial_utm_content%22%3A%20%22hanks%22%2C%22initial_utm_term%22%3A%20%22view%20%26%20pay%20bills%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22Provider%22%3A%20%22envision%22%2C%22Source%22%3A%20%22pre%20authentication%22%2C%22Platform%22%3A%20%22Win32%22%2C%22isBot%22%3A%20false%2C%22isBot%20Name%22%3A%20null%2C%22Authentication%20Fields%22%3A%20%22zip%22%2C%22Facility%22%3A%20%22env_rsn18%22%2C%22Language%22%3A%20%22en%22%2C%22Revenue%20Model%22%3A%20%22Contingency%20Fee%22%2C%22Patient%20Version%22%3A%20%22client%22%7D
.envisionhealth.com/	1970-01-21 03:04:44	Name: _hp2_id.3444644936 Value: %7B%22userId%22%3A%222847044219042016%22%2C%22pageviewId%22%3A%223342441031471805%22%2C%22sessionId%22%3A%221682087220631800%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.smpp.me
ai1.ivy-cdn.com
billpay.envisionhealth.com
bot.ivy.ai
cdn.heapanalytics.com
dxql1etc638wm.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
13.32.145.43
2600:9000:2022:7200:1a:ef45:7580:21
2606:4700:10::ac43:b46
2606:4700:10::ac43:c29
2a00:1450:4001:812::2003
2a00:1450:4001:82b::200a
34.237.104.192
34.238.211.110
35.193.200.253
04bcbc2aaaf600d8f03069765e741ead4cceb672652c81090150e570dce36d8a
0a26cf4c8ba88845b0677451f0f9d9b35773c327aec2bdb6f9fd33e3f285d755
0b3c0df8b0c4d620ed5d3669f8143a9fec70bd7f298dbf7d72f0450dcb668953
290a2f42ae6c21dace67719e2b03939ba8bb05bc0f77ba9fac1f2294c846ab96
291bc74d1eff6c4787a6a75c9417fd6766048c3210b17d2cf51124f4f80fd4c1
2b041c986f50081033b2353deda522cebaa77a057d76417ad94a607d4cfff93d
2d9d13551fad7e475be889c3acdaad50a9818854ca7ccd6043d53fa57da0cbe4
30e53a5b15b2fbf69f4822e183fa6215722fd77be143bc6e4d072c81b058e845
35975027f825fc61730711367f202378bcd86a2520b0b4259a657931c6f0f9ae
37b9f26f8f8ed61e5d68b78dad89175f22a9a32afff42bd68d3263728c64d6de
3d301216e857444e5b5c45c24fa178a81fa14b5ef76f137d91cebff7803f5fd6
3eb1c56d8d7e4c4a421fc53e17faf0575d812c47adb37e6906897fbab0693e1e
4228da17baf2203fb2fb4e83156f7ec2838e715ac1cd84207e0897737ee3441c
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
4d6d1fe7fea5c48f8b2db51461d4ea46e77a944501a1fde58ab9d145db342dd4
5008f6d044c9b181a6ff6d108e14fd005eb79d701e9ecee90f7766ca12b3f62f
528eac3b326f8b4f242972d213875aaba3589bb29412b2bae12e825ab85a991d
612080a62e107fde30275890ee492f5cd03cc13c26034fa4ef3968a309d7d91b
770f2ac36a1641aa71862926849be8925eb4e711ef603dbe3339d77b041514d8
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8c962f8b9ba3e4d8d169d341225b7cd7907bbb3e8d91e03f107dd3f42f2a267f
a4a219df944cd522ed8bfeb2783f2d85fa78057f6b542cbc6f5395ed90030958
a581445a22c3612d31f96a7616ed0f948e3b6fab033d54625e2ac8d124c90301
a982f3a540d22d7f99b304ab9f620906313a338d7939bb14a91dec2852ccb80d
acb120a60738041d611f5434b95da95ab132e4cc6f4de64be2db2dc0a52c3580
b8116dd06f6135d29007e751c20bc66dfd091675390b3fadad5106546a4a75b2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb5c69c5b5a8835f83af2e3904173082b4a4f7de384583d34a9ffc7e4cf78ab8
c208ccf771077034d9d1722390f450d18ed3812d8631f866f10c2fa73513993b
c47d8c1d8ac10514204fe924e8bbf5c7dba780dd0fbff2954fb8b79c0ed43fdb
cb81bd8b9c9d5b8b147c94213c8bcd99c63e81035c6d3d8d4d65ff43e3b03128
e1cba01207ab687900688dbf4dbfc4990ed2067c8ce3756ad1d2087aadd60959
e226afa15a2b5810a5858fda78e36a4cc3e180eb8dece684cb9edff4fffac33e
e5b217be8a5bf6a34908c89d0fe1cd7ba679e78f84a4df58f6f28090e654835f
e8db7caab7ff752e2bbc3ba4b0d5adad953cc56cab93f903f480813c6a3767eb
efcc4ffa31bcef9847187c638554656f83e8e1ed6da5f3f35d3caf9a093078e3
ffc8d115c181eef61013f6fdfd0e1a20693c59ec5154a6d35b5b810a5c6ea54a

billpay.envisionhealth.com Open in urlscan Pro 34.237.104.192 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

97 %HTTPS

56 %IPv6

8 Domains

9 Subdomains

9 IPs

2 Countries

4337 kBTransfer

4719 kBSize

5 Cookies

3 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

billpay.envisionhealth.com Open in urlscan Pro
34.237.104.192 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

97 %
HTTPS

56 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

4337 kB
Transfer

4719 kB
Size

5
Cookies

38 HTTP transactions
1 data transactions