billpay.envisionhealth.com Open in urlscan Pro
18.214.61.241 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://a.smpp.me/8L3xGj
Effective URL:
https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm...
Submission: On June 22 via manual (June 22nd 2023, 5:00:38 pm UTC) from US — Scanned from DE

Summary HTTP 41 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 41 HTTP transactions. The main IP is 18.214.61.241, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is billpay.envisionhealth.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 22nd 2023. Valid for: 9 months.

This is the only time billpay.envisionhealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:b46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 26	18.214.61.241 18.214.61.241	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.231.40 143.204.231.40	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:249... 2600:9000:2491:e000:1a:ef45:7580:21	16509 (AMAZON-02) (AMAZON-02)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
2	3.214.168.251 3.214.168.251	14618 (AMAZON-AES) (AMAZON-AES)
3	162.247.241.2 162.247.241.2	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
3	2606:4700:10:... 2606:4700:10::6816:8d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	10

1 2606:4700:10::ac43:b46 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.smpp.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 18.214.61.241 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-61-241.compute-1.amazonaws.com

billpay.envisionhealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.231.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-231-40.cdg3.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2491:e000:1a:ef45:7580:21 (United States)

ASN16509 (AMAZON-02, US)

dxql1etc638wm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.214.168.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-168-251.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.241.2 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:8d2 (United States)

ASN13335 (CLOUDFLARENET, US)

bot.ivy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	envisionhealth.com 1 redirects billpay.envisionhealth.com	4 MB
3	ivy.ai bot.ivy.ai — Cisco Umbrella Rank: 68158	149 KB
3	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 2075	2 KB
3	cloudfront.net dxql1etc638wm.cloudfront.net	24 KB
3	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 2741 heapanalytics.com — Cisco Umbrella Rank: 2317	38 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	2 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 511	16 KB
1	gstatic.com fonts.gstatic.com	34 KB
1	smpp.me 1 redirects a.smpp.me	1 KB
41	9

	Domain	Requested by
26	billpay.envisionhealth.com	1 redirects billpay.envisionhealth.com
3	bot.ivy.ai	billpay.envisionhealth.com
3	bam-cell.nr-data.net	billpay.envisionhealth.com
3	dxql1etc638wm.cloudfront.net	billpay.envisionhealth.com
2	heapanalytics.com
2	fonts.googleapis.com	billpay.envisionhealth.com client
1	js-agent.newrelic.com	billpay.envisionhealth.com
1	cdn.heapanalytics.com	billpay.envisionhealth.com
1	fonts.gstatic.com	fonts.googleapis.com
1	a.smpp.me	1 redirects
41	10

This site contains links to these domains. Also see Links.

Domain
www.flywire.com

Subject Issuer	Validity	Valid
billpay.envisionhealth.com Amazon RSA 2048 M02	`2023-02-22` - `2023-11-14`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2023-02-21` - `2023-08-27`	6 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2022-12-09` - `2024-01-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-11` - `2024-06-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
Frame ID: 653E81CE49C51B542329EDCF9359539F
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

https://a.smpp.me/8L3xGj HTTP 301
https://billpay.envisionhealth.com/providers/env_asc59/bills/15439201?utm_campaign=env_asc59&utm_content=hanks&... HTTP 302
https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hank... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Page Statistics

41
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

10
IPs

2
Countries

4651 kB
Transfer

5046 kB
Size

8
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.flywire.com/legal/terms-of-use
Title: Flywire Terms of Use

Search URL Search Domain Scan URL

URL: https://www.flywire.com/legal/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.flywire.com/legal/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://a.smpp.me/8L3xGj HTTP 301
https://billpay.envisionhealth.com/providers/env_asc59/bills/15439201?utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills HTTP 302
https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request env_asc59 Show response
billpay.envisionhealth.com/app/login/
Redirect Chain

https://a.smpp.me/8L3xGj
https://billpay.envisionhealth.com/providers/env_asc59/bills/15439201?utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills

4 KB
2 KB

132ms
129ms

Document
text/html

18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f8f297b7596189c7e045823f870faa3474743bd76c2410d4ad2164a7ecafde8c

Security Headers

Name

Value

Content-Security-Policy

default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self' frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org

X-Frame-Options

SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self' frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
content-type: text/html
date: Thu, 22 Jun 2023 17:00:31 GMT
etag: W/"649294bd-e59"
last-modified: Wed, 21 Jun 2023 06:12:13 GMT
server: nginx
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: no-cache
content-security-policy: default-src 'self' https: 'unsafe-inline' 'unsafe-eval' data:; frame-ancestors 'self' https://everydaywell.memorialhermann.org/ https://qa.everydaywell.memorialhermann.org/ https://dev.everydaywell.memorialhermann.org/ https://test.everydaywell.memorialhermann.org/
content-type: text/html; charset=utf-8
date: Thu, 22 Jun 2023 17:00:31 GMT
location: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-request-id: 0ce3f50b-c16b-4ba6-b77f-4a5c081c72e6
x-runtime: 0.154490
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 5 KB
973 B 203ms
68ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:300,400,500

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5fe8a449b232283b250621c9fc61f31a404afeee19b3b9c47712a1061106397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Jun 2023 17:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 15:43:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Jun 2023 17:00:31 GMT

GET
H2 200 8.7ab8efa4.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 2 MB
2 MB 141ms
139ms Script
application/javascript 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/8.7ab8efa4.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fc2139f25a462ff2a2f701cb2dad72542b52485c46042d4e4718388d99d1e7a7

Security Headers

Name

Value

Content-Security-Policy

default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:31 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Wed, 21 Jun 2023 06:12:12 GMT
server: nginx
etag: "649294bc-25154b"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 2430283

GET
H2 200 main.e1ff79bd.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 498 KB
499 KB 398ms
396ms Script
application/javascript 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/main.e1ff79bd.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bf4d1b821f1a7d61d893d32467f9bab76f236e23ca1075e630f2094f464a5c49

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:31 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Wed, 21 Jun 2023 06:12:12 GMT
server: nginx
etag: "649294bc-7c836"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 510006

GET
H2 200 appSettings.json Show response
billpay.envisionhealth.com/app/ 58 B
578 B 130ms
130ms Fetch
application/json 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/appSettings.json

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/static/js/main.e1ff79bd.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2b041c986f50081033b2353deda522cebaa77a057d76417ad94a607d4cfff93d

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:32 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
content-encoding: gzip
last-modified: Wed, 21 Jun 2023 06:13:31 GMT
server: nginx
etag: W/"6492950b-3a"
x-frame-options: SAMEORIGIN
content-type: application/json

GET
H2 200 1.01225e76.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 35 KB
36 KB 131ms
131ms Script
application/javascript 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/1.01225e76.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d908a9af1906cf3c3ad25c651e5984a2341b41ee8f28f64d93be93e522633ff6

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:32 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Wed, 21 Jun 2023 06:12:12 GMT
server: nginx
etag: "649294bc-8caf"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 36015

GET
H2 200 24.971de10b.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 4 KB
4 KB 130ms
130ms Script
application/javascript 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/24.971de10b.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1a7a52a02fad6c2d4722672a7cbf81c48e8377e8a6616988beeef00a63759818

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:32 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Wed, 21 Jun 2023 06:12:12 GMT
server: nginx
etag: "649294bc-efb"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 3835

GET
H2 200 heap.js Show response
billpay.envisionhealth.com/app/scripts/ 632 B
1 KB 129ms
128ms Script
application/javascript 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/scripts/heap.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/static/js/main.e1ff79bd.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b8116dd06f6135d29007e751c20bc66dfd091675390b3fadad5106546a4a75b2

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:32 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Wed, 21 Jun 2023 06:09:01 GMT
server: nginx
etag: "649293fd-278"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 632

POST
H2 200 graphql Show response
billpay.envisionhealth.com/ 280 B
1 KB 175ms
175ms Fetch
application/json 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/graphql

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/static/js/8.7ab8efa4.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

Resource Hash

c47b23fe74f9131f81fd2421b818a2d28237b5eefe7bdc3c4501ccb651c635d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
source: patient-client
requestid: lj7e33gdqqq7gttnf8p-pe-ui
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json
accept: */*
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
x-request-id: lj7e33lsfbxkq1k97tw-pe-ui

Response headers

x-runtime: 0.043613
date: Thu, 22 Jun 2023 17:00:33 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
etag: W/"c47b23fe74f9131f81fd2421b818a2d2"
x-download-options: noopen
vary: Accept, Origin
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-xss-protection: 1; mode=block
x-request-id: lj7e33lsfbxkq1k97tw-pe-ui

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v26/ 33 KB
34 KB 279ms
59ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v26/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b4655e2fac9e5887dfc63e54a5ea312f8779ad2a4316765a690c5177ef1acc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://billpay.envisionhealth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:33:58 GMT
x-content-type-options: nosniff
age: 195995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33868
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 21:37:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 10:33:58 GMT

GET
H2 200 heap-3444644936.js Show response
cdn.heapanalytics.com/js/ 115 KB
37 KB 334ms
133ms Script
application/javascript 143.204.231.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-3444644936.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/heap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.231.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-231-40.cdg3.r.cloudfront.net

Software

nginx / Express

Resource Hash

805fe97ccc352aed3dbe7cb49c9acbf824885e60a2808d125caee2122033f487

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 16:59:34 GMT
content-encoding: br
via: 1.1 017f53dabba83d3e5e9416772ca309f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: CDG3-C1
age: 59
x-powered-by: Express
etag: W/"1caeb-Ie3C4LhS7o1bvD0hJOmZGD5DiNg"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: FPMsmU3B5OWAPzKQL5e0Wm0jI0SpZmXT6KXN6Ab36rKoihsvWoAgtQ==

GET
H2 200 newRelic.js Show response
billpay.envisionhealth.com/app/scripts/ 28 KB
29 KB 129ms
129ms Script
application/javascript 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/scripts/newRelic.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/static/js/main.e1ff79bd.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c47d8c1d8ac10514204fe924e8bbf5c7dba780dd0fbff2954fb8b79c0ed43fdb

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:33 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Wed, 21 Jun 2023 06:09:01 GMT
server: nginx
etag: "649293fd-70d2"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 28882

POST
H2 200 graphql Show response
billpay.envisionhealth.com/ 2 KB
3 KB 144ms
144ms Fetch
application/json 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/graphql

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/static/js/8.7ab8efa4.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

Resource Hash

ffc8d115c181eef61013f6fdfd0e1a20693c59ec5154a6d35b5b810a5c6ea54a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
source: patient-client
requestid: lj7e33gdqqq7gttnf8p-pe-ui
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json
accept: */*
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
x-request-id: lj7e33r4u0awh5ypz2h-pe-ui

Response headers

x-runtime: 0.012227
date: Thu, 22 Jun 2023 17:00:33 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
etag: W/"ffc8d115c181eef61013f6fdfd0e1a20"
x-download-options: noopen
vary: Accept, Origin
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-xss-protection: 1; mode=block
x-request-id: lj7e33r4u0awh5ypz2h-pe-ui

GET
H2 200 en.json Show response
dxql1etc638wm.cloudfront.net/patient_translation_files/ 66 KB
17 KB 570ms
449ms Fetch
application/json 2600:9000:2491:e000:1a:ef45:7580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dxql1etc638wm.cloudfront.net/patient_translation_files/en.json
Requested by: Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:e000:1a:ef45:7580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab18b8efa037a8c91962b929c4c585aa6f970764f36d2f37df275991128495cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:34 GMT
content-encoding: gzip
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 16867
last-modified: Wed, 21 Jun 2023 07:09:27 GMT
server: AmazonS3
etag: "a11e19cd79060e99706047a0f0fcaaaa"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: a5Vq1PBlZ7EnIPD-jqtK8EMf2qZnUB-wNzkhWOpxzGsmXt-zeuIpkw==

GET
H2 200 en-providers.json Show response
dxql1etc638wm.cloudfront.net/patient_translation_files/ 20 KB
3 KB 558ms
438ms Fetch
application/json 2600:9000:2491:e000:1a:ef45:7580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dxql1etc638wm.cloudfront.net/patient_translation_files/en-providers.json
Requested by: Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:e000:1a:ef45:7580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdf5bdea53cbb45ad27b5e868f2d62627281b094061bc73e087d2acc4cef6035

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:34 GMT
content-encoding: gzip
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 2299
last-modified: Wed, 21 Jun 2023 07:09:26 GMT
server: AmazonS3
etag: "8f342c82def2d87955235624dc6f8494"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: UxJDCuqFHAXwcvUzgc3B7pdVSKSTH5hnaoWqy6VFRjH-XO5UKyVyKw==

GET
H2 200 nr-spa-1211.min.js Show response
js-agent.newrelic.com/ 43 KB
16 KB 109ms
33ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1211.min.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

539877722caad874241ab2ec930b7b4aaa5327a34984b64ad813f8a2998bb862

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: CLSa7QJ2hagEFCkLjcLamPCZ0EDdPlaV
content-encoding: gzip
via: 1.1 varnish
date: Thu, 22 Jun 2023 17:00:33 GMT
strict-transport-security: max-age=300
x-amz-request-id: H2WVGEHNHN1PH1D8
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16260
x-amz-id-2: P5xZjNHNOTHs4E+nVco6r28JSf50asM3MeuXFLzJMUglC6f8xoCSomAyJOXq2HFWp7UDsccKz1Q=
x-served-by: cache-fra-eddf8230044-FRA
last-modified: Mon, 27 Sep 2021 20:46:51 GMT
server: AmazonS3
x-timer: S1687453233.413078,VS0,VE0
etag: "a5ee6c68d7de5e7446d73910964b5c10"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 416ms
148ms Image
image/gif 3.214.168.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3444644936&u=1403722444006438&v=4933289071294655&s=3862823816504231&b=web&tv=4.0&z=0&h=%2Fapp%2Flogin%2Fenv_asc59&q=%3Fbill_id%3D15439201%26utm_campaign%3Denv_asc59%26utm_content%3Dhanks%26utm_medium%3Dsms%26utm_source%3Dbill_reminder%26utm_term%3Dview%2B%2526%2Bpay%2Bbills&d=billpay.envisionhealth.com&t=My%20Bills&us=bill_reminder&um=sms&ut=view%20%26%20pay%20bills&uc=hanks&ua=env_asc59&ts=1687453233318&st=1687453233323

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.214.168.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-168-251.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 17:00:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H/1.1 200
OK acf0d21bbd Show response
bam-cell.nr-data.net/1/ 56 B
959 B 438ms
296ms Script
text/javascript 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/acf0d21bbd?a=1120009141&sa=1&v=1211.ba193a8&t=Unnamed%20Transaction&rst=3402&ck=1&ref=https://billpay.envisionhealth.com/app/login/env_asc59&be=3048&fe=3279&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1687453230042,%22n%22:0,%22f%22:1198,%22dn%22:1198,%22dne%22:1198,%22c%22:1198,%22ce%22:1198,%22rq%22:1205,%22rp%22:1334,%22rpe%22:1335,%22dl%22:1344,%22di%22:2776,%22ds%22:2776,%22de%22:2776,%22dc%22:3279,%22l%22:3279,%22le%22:3280%7D,%22navigation%22:%7B%7D%7D&fp=2752&fcp=2752&jsonp=NREUM.setToken
Requested by: Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 17:00:33 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Us4HNZqteZC3CREnxyCi%2BsboViPjQb2%2FTo05NkCghdrW9fa%2F2WWL20yNiBvBBezg8p5EKBJDO4V1UhzInGcMqNLl9mCNTrmA4PvZtdYtRN%2Foxhlz4OjZOUrksvx15m1kX4MrWB7m"}],"group":"cf-nel","max_age":604800}
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 7db60c5609c83809-FRA

POST
H2 200 graphql Show response
billpay.envisionhealth.com/ 100 B
868 B 144ms
144ms Fetch
application/json 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/graphql

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

Resource Hash

2d9d13551fad7e475be889c3acdaad50a9818854ca7ccd6043d53fa57da0cbe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

tracestate: 416014@nr=0-1-416014-1120009141-bae743f2c2468454----1687453233848
traceparent: 00-c62bc78643e42911d9d4bd04e1b35f80-bae743f2c2468454-01
accept-language: de-DE,de;q=0.9
source: patient-client
requestid: lj7e33gdqqq7gttnf8p-pe-ui
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQxNjAxNCIsImFwIjoiMTEyMDAwOTE0MSIsImlkIjoiYmFlNzQzZjJjMjQ2ODQ1NCIsInRyIjoiYzYyYmM3ODY0M2U0MjkxMWQ5ZDRiZDA0ZTFiMzVmODAiLCJ0aSI6MTY4NzQ1MzIzMzg0OH19
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
x-request-id: lj7e34bvjkti4cm9q6g-pe-ui

Response headers

x-runtime: 0.010374
date: Thu, 22 Jun 2023 17:00:33 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
etag: W/"2d9d13551fad7e475be889c3acdaad50"
x-download-options: noopen
vary: Accept, Origin
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-xss-protection: 1; mode=block
x-request-id: lj7e34bvjkti4cm9q6g-pe-ui

POST
H/1.1 204
No Content acf0d21bbd Show response
bam-cell.nr-data.net/ins/1/ 0
687 B 292ms
292ms XHR
text/plain 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/ins/1/acf0d21bbd?a=1120009141&sa=1&v=1211.ba193a8&t=Unnamed%20Transaction&rst=3847&ck=1&ref=https://billpay.envisionhealth.com/app/login/env_asc59
Requested by: Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://billpay.envisionhealth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 22 Jun 2023 17:00:34 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8oQNxqrys5acQvoRVopl0zTEWlEurfcLxBA4%2FWH%2BxQYM77oYx2K3X2IScfI0A84UHTIu23868FSoHv93Jg20DeT%2BJ1E1C8OGXIxa5RPoQUuOS3IfloHXxgbcC%2Bkptbr7%2F4Mmo8B"}],"group":"cf-nel","max_age":604800}
Access-Control-Allow-Origin: https://billpay.envisionhealth.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7db60c57ec823809-FRA

POST
H/1.1 200
OK acf0d21bbd Show response
bam-cell.nr-data.net/events/1/ 24 B
750 B 372ms
313ms XHR
image/gif 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/acf0d21bbd?a=1120009141&sa=1&v=1211.ba193a8&t=Unnamed%20Transaction&rst=3853&ck=1&ref=https://billpay.envisionhealth.com/app/login/env_asc59
Requested by: Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://billpay.envisionhealth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 22 Jun 2023 17:00:34 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://billpay.envisionhealth.com
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FRV%2BtqpaEza2VZMsUxvA%2BhkDIdawURbOhUXY30eNV0fHwEbLez%2FtQzI9a7zC5hetRuSVh%2BvuUdkGPbCVegqY36Va9YfPyNvnmJg%2B%2BmwVqHT6VtGzBBbbZuW1m0eQNtkSQ5m4LFc"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7db60c58492f5c74-FRA
Content-Length: 24

POST
H2 200 graphql Show response
billpay.envisionhealth.com/ 4 KB
5 KB 182ms
182ms Fetch
application/json 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/graphql

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

Resource Hash

ff29467d191877d488a222ba25f22774938ce6b8f8face27dde1ff6fe71a7634

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

tracestate: 416014@nr=0-1-416014-1120009141-5f1e5a6986150c1b----1687453234004
traceparent: 00-87b94b295d27fccb3a272a346285b690-5f1e5a6986150c1b-01
accept-language: de-DE,de;q=0.9
source: patient-client
requestid: lj7e33gdqqq7gttnf8p-pe-ui
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQxNjAxNCIsImFwIjoiMTEyMDAwOTE0MSIsImlkIjoiNWYxZTVhNjk4NjE1MGMxYiIsInRyIjoiODdiOTRiMjk1ZDI3ZmNjYjNhMjcyYTM0NjI4NWI2OTAiLCJ0aSI6MTY4NzQ1MzIzNDAwNH19
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
x-request-id: lj7e34gjdj3nrugw8kj-pe-ui

Response headers

x-runtime: 0.049826
date: Thu, 22 Jun 2023 17:00:34 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
etag: W/"ff29467d191877d488a222ba25f22774"
x-download-options: noopen
vary: Accept, Origin
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-xss-protection: 1; mode=block
x-request-id: lj7e34gjdj3nrugw8kj-pe-ui

POST
H2 200 graphql Show response
billpay.envisionhealth.com/ 107 B
1 KB 905ms
904ms Fetch
application/json 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/graphql

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

Resource Hash

fbdcacdbfeddf771a80fec862e9ee63cfec1acb533f98359576ec696bc8ef54f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

tracestate: 416014@nr=0-1-416014-1120009141-e1d6b5c1e4b3eb7b----1687453234200
traceparent: 00-eef773ec019fad2627483790965e1b30-e1d6b5c1e4b3eb7b-01
accept-language: de-DE,de;q=0.9
source: patient-client
requestid: lj7e33gdqqq7gttnf8p-pe-ui
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQxNjAxNCIsImFwIjoiMTEyMDAwOTE0MSIsImlkIjoiZTFkNmI1YzFlNGIzZWI3YiIsInRyIjoiZWVmNzczZWMwMTlmYWQyNjI3NDgzNzkwOTY1ZTFiMzAiLCJ0aSI6MTY4NzQ1MzIzNDIwMH19
content-type: application/json
accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
x-request-id: lj7e34m0j2qdhquyuk-pe-ui

Response headers

x-runtime: 0.773727
date: Thu, 22 Jun 2023 17:00:35 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
etag: W/"fbdcacdbfeddf771a80fec862e9ee63c"
x-download-options: noopen
vary: Accept, Origin
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-xss-protection: 1; mode=block
x-request-id: lj7e34m0j2qdhquyuk-pe-ui

GET
H2 200 2.aabcf6a6.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 65 KB
65 KB 129ms
128ms Script
application/javascript 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/2.aabcf6a6.chunk.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b4274191621d88c67ab89d207692403693f56838c9b4ae80f492ffa8b97e70aa

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:35 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Wed, 21 Jun 2023 06:12:12 GMT
server: nginx
etag: "649294bc-10201"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 66049

GET
H2 200 3.ed968e48.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 13 KB
14 KB 130ms
129ms Script
application/javascript 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/3.ed968e48.chunk.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

175cd9e8b0ce6554a99c9b66648a66e4294fec1c167f97eeeac9de93f9b72922

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:35 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Wed, 21 Jun 2023 06:12:12 GMT
server: nginx
etag: "649294bc-34bf"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 13503

GET
H2 200 4.6eb581dc.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 15 KB
16 KB 130ms
129ms Script
application/javascript 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/4.6eb581dc.chunk.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

55dee7169740c27a1668e2f1f06ef3ec33a053405e48d125a840cc5e4166ebf2

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:35 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Wed, 21 Jun 2023 06:12:12 GMT
server: nginx
etag: "649294bc-3d23"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 15651

GET
H2 200 11.a388c5e6.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 75 KB
76 KB 130ms
130ms Script
application/javascript 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/11.a388c5e6.chunk.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5c67102b8215cbb1fd3ef3f92f0b6b8c366fe0b738a8b529aa1f847b8f42bd89

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:35 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Wed, 21 Jun 2023 06:12:12 GMT
server: nginx
etag: "649294bc-12bed"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 76781

GET
H2 200 9.630f0649.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 774 KB
776 KB 135ms
135ms Script
application/javascript 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/9.630f0649.chunk.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a2127a9cedeee6823f67823bb4de38afc8bfa5ab8776b2cbf6ba82e4e6d82fe7

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:35 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Wed, 21 Jun 2023 06:12:12 GMT
server: nginx
etag: "649294bc-c19fc"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 793084

GET
H2 200 10.023f7bd5.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 416 KB
417 KB 130ms
130ms Script
application/javascript 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/10.023f7bd5.chunk.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

176f39cb4b3e3b6e972ca6319ca5aa3e5b46a686878bebd85e1ab756e4b5a576

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:35 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Wed, 21 Jun 2023 06:12:12 GMT
server: nginx
etag: "649294bc-68058"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 426072

GET
H2 200 0.01ef3f4c.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 20 KB
21 KB 133ms
131ms Script
application/javascript 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/0.01ef3f4c.chunk.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

74ef4daa0ad017e07e59a63628e1102e8bdb2abe7fad477ffe02a06d660b01da

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:35 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Wed, 21 Jun 2023 06:12:12 GMT
server: nginx
etag: "649294bc-51e7"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 20967

GET
H2 200 12.2afe8de4.chunk.js Show response
billpay.envisionhealth.com/app/static/js/ 34 KB
35 KB 133ms
132ms Script
application/javascript 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://billpay.envisionhealth.com/app/static/js/12.2afe8de4.chunk.js

Requested by

Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a1762289f1d8eb0b2d42d8a4d05f7d714423ad1496b4f6fcd026e6b00c83f2fb

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login/env_asc59?bill_id=15439201&utm_campaign=env_asc59&utm_content=hanks&utm_medium=sms&utm_source=bill_reminder&utm_term=view+%26+pay+bills
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:35 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Wed, 21 Jun 2023 06:12:12 GMT
server: nginx
etag: "649294bc-89a4"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 35236

GET
H2 200 z1BaQjXoxVWJ98Mo0nGdgNew5LZyqr6R Show response
bot.ivy.ai/bot/script/category/ 308 KB
76 KB 471ms
377ms Script
application/javascript 2606:4700:10::6816:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bot.ivy.ai/bot/script/category/z1BaQjXoxVWJ98Mo0nGdgNew5LZyqr6R
Requested by: Host: billpay.envisionhealth.com
URL: https://billpay.envisionhealth.com/app/scripts/newRelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:8d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Ivy.ai
Resource Hash: 028d4a68bd45d76ce3b1bc4732665a5f56bf911e555e2a3238cc3fa468a845c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:36 GMT
x-made-with: <3 in Boulder, CO
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Ivy.ai
x-uid: ivy-web-botscript-7f4b9859d8-8j4tk
vary: Accept-Encoding
etag: W/"1289c-oHd6HSZ/kNCJRy5RW7vuz7Pqmh8"
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7db60c6379331d9e-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4228da17baf2203fb2fb4e83156f7ec2838e715ac1cd84207e0897737ee3441c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 icon-notification-expand.4fcee520.svg
billpay.envisionhealth.com/app/static/media/ 316 B
826 B 130ms
128ms Image
image/svg+xml 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billpay.envisionhealth.com/app/static/media/icon-notification-expand.4fcee520.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a982f3a540d22d7f99b304ab9f620906313a338d7939bb14a91dec2852ccb80d

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:35 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Wed, 21 Jun 2023 06:12:12 GMT
server: nginx
etag: "649294bc-13c"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 316

GET
H2 200 20171130101006_patient_logo_global-image.png
dxql1etc638wm.cloudfront.net/settings_service_assets/ 4 KB
5 KB 502ms
444ms Image
image/png 2600:9000:2491:e000:1a:ef45:7580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxql1etc638wm.cloudfront.net/settings_service_assets/20171130101006_patient_logo_global-image.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:e000:1a:ef45:7580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e670794f8741c7df66a424042ed20a2e5857d7967190a93c23174cc44b81f6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:37 GMT
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
last-modified: Fri, 13 Nov 2020 11:19:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
x-amz-server-side-encryption: AES256
etag: "f5a327b185d4971aa228240c45b27f39"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 4296
x-amz-cf-id: 0BSWrpMLBT22Ot1ylLhcJtujKwqPzzlPwiBCfL1PgXT0f4kfYpLqsA==

GET
H2 200 powered-by-flywire.18b516ca.svg
billpay.envisionhealth.com/app/static/media/ 2 KB
3 KB 131ms
130ms Image
image/svg+xml 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billpay.envisionhealth.com/app/static/media/powered-by-flywire.18b516ca.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a581445a22c3612d31f96a7616ed0f948e3b6fab033d54625e2ac8d124c90301

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:35 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Wed, 21 Jun 2023 06:12:12 GMT
server: nginx
etag: "649294bc-89a"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2202

GET
H2 200 language-icon.a9a7dafa.svg
billpay.envisionhealth.com/app/static/media/ 831 B
1 KB 130ms
129ms Image
image/svg+xml 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billpay.envisionhealth.com/app/static/media/language-icon.a9a7dafa.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3eb1c56d8d7e4c4a421fc53e17faf0575d812c47adb37e6906897fbab0693e1e

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:35 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
last-modified: Wed, 21 Jun 2023 06:12:12 GMT
server: nginx
etag: "649294bc-33f"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 831

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 128ms
127ms Image
image/gif 3.214.168.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3444644936&u=1403722444006438&v=4140890940904171&s=3862823816504231&b=web&tv=4.0&z=2&h=%2Fapp%2Flogin&d=billpay.envisionhealth.com&t=Login&ts=1687453235690&pr=%2Fapp%2Flogin%2Fenv_asc59&sp=us&sp=bill_reminder&sp=um&sp=sms&sp=ut&sp=view%20%26%20pay%20bills&sp=uc&sp=hanks&sp=ua&sp=env_asc59&sp=ts&sp=1687453233318&sp=d&sp=billpay.envisionhealth.com&sp=h&sp=%2Fapp%2Flogin%2Fenv_asc59&sp=q&sp=%3Fbill_id%3D15439201%26utm_campaign%3Denv_asc59%26utm_content%3Dhanks%26utm_medium%3Dsms%26utm_source%3Dbill_reminder%26utm_term%3Dview%2B%2526%2Bpay%2Bbills&st=1687453235690

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.214.168.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-168-251.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 17:00:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 css
fonts.googleapis.com/ 9 KB
819 B 70ms
70ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,700,900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5008f6d044c9b181a6ff6d108e14fd005eb79d701e9ecee90f7766ca12b3f62f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Jun 2023 17:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 17:00:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Jun 2023 17:00:36 GMT

GET
H2 200 undefined
billpay.envisionhealth.com/app/ 4 KB
4 KB 129ms
129ms Image
text/html 18.214.61.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://billpay.envisionhealth.com/app/undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.61.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-61-241.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpay.envisionhealth.com/app/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:00:36 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self', frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
content-encoding: gzip
last-modified: Wed, 21 Jun 2023 06:12:13 GMT
server: nginx
etag: W/"649294bd-e59"
x-frame-options: SAMEORIGIN
content-type: text/html

GET
H3 200 fontawesome-webfont.woff2
bot.ivy.ai/s/vendor/font-awesome/fonts/ 70 KB
71 KB 413ms
380ms Font
font/woff2 2606:4700:10::6816:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bot.ivy.ai/s/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:8d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://billpay.envisionhealth.com/
Origin: https://billpay.envisionhealth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ivy-static: 1
date: Thu, 22 Jun 2023 17:00:36 GMT
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
content-length: 71896
last-modified: Wed, 21 Jun 2023 10:30:01 GMT
server: cloudflare
etag: "6492d129-118d8"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7db60c67aa0e1911-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H3 200 ivy-chat-icons.ttf
bot.ivy.ai/s/fonts/ivy-chat-icons/ 2 KB
2 KB 465ms
436ms Font
application/octet-stream 2606:4700:10::6816:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bot.ivy.ai/s/fonts/ivy-chat-icons/ivy-chat-icons.ttf?v=1.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:8d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1cba01207ab687900688dbf4dbfc4990ed2067c8ce3756ad1d2087aadd60959

Request headers

Referer: https://billpay.envisionhealth.com/
Origin: https://billpay.envisionhealth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ivy-static: 1
date: Thu, 22 Jun 2023 17:00:36 GMT
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
content-length: 2036
last-modified: Wed, 21 Jun 2023 10:30:01 GMT
server: cloudflare
etag: "6492d129-7f4"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7db60c67aa0c1911-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
a.smpp.me/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: hYaHrANy5ys9CPoArX4nPwWc1H75f8YcgOdt51TPPlY%2F%2F35bpVa%2FysRBxTnhx5qcJm3mrcg5e4MdZ864IrXcjg%3D%3D
a.smpp.me/	1969-12-31 23:59:59	Name: _simplee_store2 Value: clpVaVJveUlBOWNxSzB2TmNyNVc3V2tuWmwxazdoV2VTNGpDNnd0T2s1b2xONFpZZmRHWUtoOUhCQjNwR2tTeTdzTm9zOXlQMFpoRk9mMFlhYVJaWlVNSXZya2oveHdJNGM4VTNHVEtVUS94RG1YOHIyaFgxdEduM2tDRDB3aXhhcTlvWWliNDFXWTdnZGJlTEhTNUw3SEd1MW95MkhpZWtjSGFtdVNqNk5XVnRVRUhqUEdTcURqNmZrZG11Tjk0TDBoaXJvRmpkRkJIalJ3b09EckFkVTN4aklrUTlHdHVGdC83cG03VE1FaktsRGlXV1ZzOFFQTWlrZnJXWDZLRkFKYmp2dE9UZGxwejFOQnZ2YmYvcmxBdzYzQXhwU0ZrM2gvZ3Rtbkk1dlB1NWRtdEtwRGcydlJiVWVGZ3ZteFl4Z1J3V0dzUk5pQS9IdnZBTlduTm91NkV2SkZwckkwTkZDK1lXZEtwc1BmY1hTZUEyQXBYenFJdlRqWG1rVWs2T1FXUGFLTlUwREZxbzNYVVVCeC82NElxbkxNc05SQWVsK0U4bGltejhvMGN2OVp2cldIemU4VktIcDZremdPSjRvd2tUNHNQZ1d5Njh6R2treTN1RlZiMk5qMjkyaU10aWp2R2xTNzN0bzg9LS0raDM3dDAwSGovSlloLytqOWZQWmF3PT0%3D--24386d8db422cd51d876dcf8b949c9337bba829f
billpay.envisionhealth.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: At04zR3%2BC%2Fi1sRhIAwb1%2BHYpbfh5gt6Wtm2uPWbhjM%2Fmh8u5eukwbLRUgzqi3DTxVVdRLJ%2F0hCn0xWV1AR3ibQ%3D%3D
.envisionhealth.com/	1970-01-20 12:44:15	Name: _hp2_ses_props.3444644936 Value: %7B%22us%22%3A%22bill_reminder%22%2C%22um%22%3A%22sms%22%2C%22ut%22%3A%22view%20%26%20pay%20bills%22%2C%22uc%22%3A%22hanks%22%2C%22ua%22%3A%22env_asc59%22%2C%22ts%22%3A1687453233318%2C%22d%22%3A%22billpay.envisionhealth.com%22%2C%22h%22%3A%22%2Fapp%2Flogin%2Fenv_asc59%22%2C%22q%22%3A%22%3Fbill_id%3D15439201%26utm_campaign%3Denv_asc59%26utm_content%3Dhanks%26utm_medium%3Dsms%26utm_source%3Dbill_reminder%26utm_term%3Dview%2B%2526%2Bpay%2Bbills%22%7D
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: e19e7728b6480705
billpay.envisionhealth.com/	1969-12-31 23:59:59	Name: _simplee_store2 Value: WDVSQnN5U0V6R0lsK0I3N2dFQzFrMGZQU0tZTVVzc29UaXZTaFFMUC9iY0ZFME1vc1VMOW94QXNjcjVKc1h3VURZUjhxQVRKbVVWQzRzZTdXZjJ4ZUphb1lkMUlTY0x1ZzVQeFhLK1N5d1hLdW5OcUZzalJOKzBISnhUUEczcGZFVzZkanRkbzZvdTE3a0JtL2M3RzkyL1UzWXJ3SElVOFoyZlE4cmhZWUlETUdpL3NTWmN4ekJQQ2hka2NhalRuWThFdThoVVByNGNRZ0NZb3RXMFJsazlJOW1jeEo2c0RwcU95L0g3bzJqMmRrM3Y4STVFTEk2cXJrZ2xJVmlkcEs5WmpHZlZvUXl3cUlycXZnWS8zREJaYm50TGFycFNwOXB6UUU3Sjc3L1BqSnVRUFFmQ0RFbFhLbGpMbGlBNkYyRjgwK0JTYlhZYzRhUll0ek9YV24vS1pSMFF5Y3dac25QNzV6dUw5VVRuWWFFMlM5Sm9aR1U3b0lzd25kOUlvZGFJRUN6RTN1dVFjc2dZYnpGTWxUOEt3cDkwZXRwV05QMk9kSUcydWpubmMxMTJQbEdmcUo1T2MycVduN1N4akNFVGVyOThrSlo0aC9RMDRzNnJLbnRVdzVjTFFDSGljNlM2QmliT25uaXA0UmtUd1hLY09IMVZSZXBsL0xEZG0tLTN4YkFBV3VXRm5MdXZJNFhIS0J5bmc9PQ%3D%3D--da9643417a49da0d6c688a25ac0b0e2f0be861bc
.envisionhealth.com/	1970-01-20 21:29:49	Name: mp_5d49658fc0e0e107d198900d44aabdc8_mixpanel Value: %7B%22distinct_id%22%3A%20%22188e40cf7ac532-051f6cf6d24119-60385054-1d4c00-188e40cf7adbb6%22%2C%22%24device_id%22%3A%20%22188e40cf7ac532-051f6cf6d24119-60385054-1d4c00-188e40cf7adbb6%22%2C%22utm_source%22%3A%20%22bill_reminder%22%2C%22utm_medium%22%3A%20%22sms%22%2C%22utm_campaign%22%3A%20%22env_asc59%22%2C%22utm_content%22%3A%20%22hanks%22%2C%22utm_term%22%3A%20%22view%20%26%20pay%20bills%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22Provider%22%3A%20%22envision%22%2C%22Source%22%3A%20%22pre%20authentication%22%2C%22Platform%22%3A%20%22Win32%22%2C%22isBot%22%3A%20false%2C%22isBot%20Name%22%3A%20null%2C%22Authentication%20Fields%22%3A%20%22zip%22%2C%22Facility%22%3A%20%22env_asc59%22%2C%22Language%22%3A%20%22en%22%2C%22Revenue%20Model%22%3A%20%22Contingency%20Fee%22%2C%22Patient%20Version%22%3A%20%22client%22%7D
.envisionhealth.com/	1970-01-20 22:12:10	Name: _hp2_id.3444644936 Value: %7B%22userId%22%3A%221403722444006438%22%2C%22pageviewId%22%3A%224140890940904171%22%2C%22sessionId%22%3A%223862823816504231%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self' frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org
X-Frame-Options	SAMEORIGIN

Header

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.smpp.me
bam-cell.nr-data.net
billpay.envisionhealth.com
bot.ivy.ai
cdn.heapanalytics.com
dxql1etc638wm.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
js-agent.newrelic.com
143.204.231.40
151.101.66.137
162.247.241.2
18.214.61.241
2600:9000:2491:e000:1a:ef45:7580:21
2606:4700:10::6816:8d2
2606:4700:10::ac43:b46
2a00:1450:4001:800::2003
2a00:1450:4001:803::200a
3.214.168.251
028d4a68bd45d76ce3b1bc4732665a5f56bf911e555e2a3238cc3fa468a845c5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
175cd9e8b0ce6554a99c9b66648a66e4294fec1c167f97eeeac9de93f9b72922
176f39cb4b3e3b6e972ca6319ca5aa3e5b46a686878bebd85e1ab756e4b5a576
1a7a52a02fad6c2d4722672a7cbf81c48e8377e8a6616988beeef00a63759818
2b041c986f50081033b2353deda522cebaa77a057d76417ad94a607d4cfff93d
2d9d13551fad7e475be889c3acdaad50a9818854ca7ccd6043d53fa57da0cbe4
3eb1c56d8d7e4c4a421fc53e17faf0575d812c47adb37e6906897fbab0693e1e
4228da17baf2203fb2fb4e83156f7ec2838e715ac1cd84207e0897737ee3441c
5008f6d044c9b181a6ff6d108e14fd005eb79d701e9ecee90f7766ca12b3f62f
539877722caad874241ab2ec930b7b4aaa5327a34984b64ad813f8a2998bb862
55dee7169740c27a1668e2f1f06ef3ec33a053405e48d125a840cc5e4166ebf2
5c67102b8215cbb1fd3ef3f92f0b6b8c366fe0b738a8b529aa1f847b8f42bd89
74ef4daa0ad017e07e59a63628e1102e8bdb2abe7fad477ffe02a06d660b01da
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e670794f8741c7df66a424042ed20a2e5857d7967190a93c23174cc44b81f6d
805fe97ccc352aed3dbe7cb49c9acbf824885e60a2808d125caee2122033f487
a1762289f1d8eb0b2d42d8a4d05f7d714423ad1496b4f6fcd026e6b00c83f2fb
a2127a9cedeee6823f67823bb4de38afc8bfa5ab8776b2cbf6ba82e4e6d82fe7
a581445a22c3612d31f96a7616ed0f948e3b6fab033d54625e2ac8d124c90301
a5fe8a449b232283b250621c9fc61f31a404afeee19b3b9c47712a1061106397
a982f3a540d22d7f99b304ab9f620906313a338d7939bb14a91dec2852ccb80d
ab18b8efa037a8c91962b929c4c585aa6f970764f36d2f37df275991128495cb
b4274191621d88c67ab89d207692403693f56838c9b4ae80f492ffa8b97e70aa
b8116dd06f6135d29007e751c20bc66dfd091675390b3fadad5106546a4a75b2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf4d1b821f1a7d61d893d32467f9bab76f236e23ca1075e630f2094f464a5c49
c47b23fe74f9131f81fd2421b818a2d28237b5eefe7bdc3c4501ccb651c635d8
c47d8c1d8ac10514204fe924e8bbf5c7dba780dd0fbff2954fb8b79c0ed43fdb
cdf5bdea53cbb45ad27b5e868f2d62627281b094061bc73e087d2acc4cef6035
d908a9af1906cf3c3ad25c651e5984a2341b41ee8f28f64d93be93e522633ff6
e1cba01207ab687900688dbf4dbfc4990ed2067c8ce3756ad1d2087aadd60959
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b4655e2fac9e5887dfc63e54a5ea312f8779ad2a4316765a690c5177ef1acc
f8f297b7596189c7e045823f870faa3474743bd76c2410d4ad2164a7ecafde8c
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d
fbdcacdbfeddf771a80fec862e9ee63cfec1acb533f98359576ec696bc8ef54f
fc2139f25a462ff2a2f701cb2dad72542b52485c46042d4e4718388d99d1e7a7
ff29467d191877d488a222ba25f22774938ce6b8f8face27dde1ff6fe71a7634
ffc8d115c181eef61013f6fdfd0e1a20693c59ec5154a6d35b5b810a5c6ea54a

billpay.envisionhealth.com Open in urlscan Pro 18.214.61.241 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

50 %IPv6

9 Domains

10 Subdomains

10 IPs

2 Countries

4651 kBTransfer

5046 kBSize

8 Cookies

3 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

billpay.envisionhealth.com Open in urlscan Pro
18.214.61.241 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

10
IPs

2
Countries

4651 kB
Transfer

5046 kB
Size

8
Cookies

41 HTTP transactions
1 data transactions