www.payerdemo.dev.waltzportals.com Open in urlscan Pro
20.82.22.191 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.payerdemo.dev.waltzportals.com/
Submission: On October 03 via automatic, source certstream-suspicious (October 3rd 2024, 11:50:31 am UTC) — Scanned from NL

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 17 HTTP transactions. The main IP is 20.82.22.191, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.payerdemo.dev.waltzportals.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on May 16th 2024. Valid for: 6 months.

This is the only time www.payerdemo.dev.waltzportals.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	20.82.22.191 20.82.22.191	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
1	18.173.154.101 18.173.154.101	16509 (AMAZON-02) (AMAZON-02)
1	44.198.22.65 44.198.22.65	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
2	52.188.247.148 52.188.247.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.253.45 13.107.253.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
17	7

9 20.82.22.191 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.payerdemo.dev.waltzportals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-101.muc50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.198.22.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-22-65.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.188.247.148 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eastus-8.in.applicationinsights.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.253.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

int.mpspricing.waltzapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	waltzportals.com www.payerdemo.dev.waltzportals.com	655 KB
2	waltzapis.com int.mpspricing.waltzapis.com	892 B
2	azure.com eastus-8.in.applicationinsights.azure.com — Cisco Umbrella Rank: 6132	166 B
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 852 heapanalytics.com — Cisco Umbrella Rank: 666	38 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
17	6

	Domain	Requested by
9	www.payerdemo.dev.waltzportals.com	www.payerdemo.dev.waltzportals.com
2	int.mpspricing.waltzapis.com	www.payerdemo.dev.waltzportals.com
2	eastus-8.in.applicationinsights.azure.com	www.payerdemo.dev.waltzportals.com
1	fonts.gstatic.com	fonts.googleapis.com
1	heapanalytics.com	www.payerdemo.dev.waltzportals.com
1	cdn.heapanalytics.com	www.payerdemo.dev.waltzportals.com
1	fonts.googleapis.com	www.payerdemo.dev.waltzportals.com
17	7

This site contains no links.

Subject Issuer	Validity	Valid
www.payerdemo.dev.waltzportals.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-05-16` - `2024-11-16`	6 months	crt.sh
upload.video.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2024-05-29` - `2025-06-26`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh
*.gstatic.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 08	`2024-09-16` - `2025-09-11`	a year	crt.sh
int.mpspricing.waltzapis.com R10	`2024-10-01` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.payerdemo.dev.waltzportals.com/
Frame ID: 8B0325D71783684286A30D8F74B28428
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Waltz Health - Home

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

709 kB
Transfer

1998 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.payerdemo.dev.waltzportals.com/ 2 KB
1 KB 225ms
74ms Document
text/html 20.82.22.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payerdemo.dev.waltzportals.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

54c253ed5e6e104d757b973e6bf9b52675ed7fa3b13f89d19a854c029b328c69

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: public, must-revalidate, max-age=30
content-encoding: br
content-type: text/html
date: Thu, 03 Oct 2024 11:50:20 GMT
etag: "05472982"
last-modified: Wed, 02 Oct 2024 18:35:23 GMT
referrer-policy: same-origin
strict-transport-security: max-age=10886400; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 497ms
32ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:ital@0;1&display=swap&cb=1727894045560

Requested by

Host: www.payerdemo.dev.waltzportals.com
URL: https://www.payerdemo.dev.waltzportals.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

85fabcf618b51ec8d5c39c5a00169aa4c214926c4777151056c3bbac0fa1fd4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 11:50:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 11:50:20 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 03 Oct 2024 11:50:20 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 main.c62f122a.js Show response
www.payerdemo.dev.waltzportals.com/static/js/ 2 MB
408 KB 88ms
86ms Script
text/javascript 20.82.22.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payerdemo.dev.waltzportals.com/static/js/main.c62f122a.js

Requested by

Host: www.payerdemo.dev.waltzportals.com
URL: https://www.payerdemo.dev.waltzportals.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a4091e380a91137fb373b5d9fb50823a89c87645465377229e8c885dec908e7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.payerdemo.dev.waltzportals.com/

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
content-encoding: br
etag: "05472982"
referrer-policy: same-origin
x-content-type-options: nosniff
date: Thu, 03 Oct 2024 11:50:20 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript
last-modified: Wed, 02 Oct 2024 18:35:23 GMT
vary: Accept-Encoding

GET
H2 200 main.7cbfb694.css
www.payerdemo.dev.waltzportals.com/static/css/ 3 KB
1 KB 34ms
33ms Stylesheet
text/css 20.82.22.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payerdemo.dev.waltzportals.com/static/css/main.7cbfb694.css

Requested by

Host: www.payerdemo.dev.waltzportals.com
URL: https://www.payerdemo.dev.waltzportals.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

992755183eeb7802debf83403c5d446c32ca940772b0eb456d06b24faa24708e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.payerdemo.dev.waltzportals.com/

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
content-encoding: br
etag: "05472982"
referrer-policy: same-origin
x-content-type-options: nosniff
date: Thu, 03 Oct 2024 11:50:20 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Wed, 02 Oct 2024 18:35:23 GMT
vary: Accept-Encoding

GET
H2 200 heap-2183018942.js Show response
cdn.heapanalytics.com/js/ 118 KB
38 KB 281ms
194ms Script
application/javascript 18.173.154.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-2183018942.js

Requested by

Host: www.payerdemo.dev.waltzportals.com
URL: https://www.payerdemo.dev.waltzportals.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-101.muc50.r.cloudfront.net

Software

nginx / Express

Resource Hash

4af9818eed3da13f6905fb141a6123aa4c5110867f090085d7a008e343f6eab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=120
content-encoding: br
etag: W/"1d7da-hW2+kgpRhTqZ7nZSRlbtdKgopHs"
cross-origin-resource-policy: cross-origin
via: 1.1 67b5b59d34e71a36a3955bf957ea9ed2.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: G8V5h_yOVHf1FOyopMqsFab61JetROtEAUpFH5bgq8KN5nrtHymCtg==
date: Thu, 03 Oct 2024 11:50:20 GMT
content-type: application/javascript; charset=utf-8
x-powered-by: Express
server: nginx
x-amz-cf-pop: MUC50-P3
vary: Accept-Encoding

GET
H2 200 h
heapanalytics.com/ 37 B
378 B 331ms
102ms Image
image/gif 44.198.22.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=2183018942&u=1407981943515972&v=947455675257926&s=3405171635566901&b=web&tv=4.0&z=0&h=%2F&d=www.payerdemo.dev.waltzportals.com&t=Waltz%20Health%20-%20Home&ts=1727956220817&sch=1200&scw=1600&st=1727956220823&lv=4.23.4&ld=cdn.heapanalytics.com

Requested by

Host: www.payerdemo.dev.waltzportals.com
URL: https://www.payerdemo.dev.waltzportals.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.198.22.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-198-22-65.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
access-control-allow-methods: POST, PUT, GET
access-control-allow-origin: *
content-length: 37
date: Thu, 03 Oct 2024 11:50:21 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 %2Fmedia%2Fpayer_demo_footer_logo.png
www.payerdemo.dev.waltzportals.com/ 54 KB
54 KB 37ms
37ms Image
image/png 20.82.22.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payerdemo.dev.waltzportals.com/%2Fmedia%2Fpayer_demo_footer_logo.png

Requested by

Host: www.payerdemo.dev.waltzportals.com
URL: https://www.payerdemo.dev.waltzportals.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

636888c63e0bdeefadd13aa20c04f6e26b4c712305634aa190021b20f49313c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.payerdemo.dev.waltzportals.com/

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
etag: "05472982"
referrer-policy: same-origin
x-content-type-options: nosniff
content-length: 55464
date: Thu, 03 Oct 2024 11:50:21 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 02 Oct 2024 18:35:23 GMT

GET
H2 200 Search.png
www.payerdemo.dev.waltzportals.com/media/ 55 KB
55 KB 28ms
28ms Image
image/png 20.82.22.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payerdemo.dev.waltzportals.com/media/Search.png

Requested by

Host: www.payerdemo.dev.waltzportals.com
URL: https://www.payerdemo.dev.waltzportals.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

50832590f3d0b41bf70a3e526d6b07f061f4628d5ef40e984a65c3a97d22d803

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.payerdemo.dev.waltzportals.com/

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
etag: "05472982"
referrer-policy: same-origin
x-content-type-options: nosniff
content-length: 56289
date: Thu, 03 Oct 2024 11:50:21 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 02 Oct 2024 18:35:23 GMT

GET
H2 200 Compare.png
www.payerdemo.dev.waltzportals.com/media/ 57 KB
57 KB 44ms
44ms Image
image/png 20.82.22.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payerdemo.dev.waltzportals.com/media/Compare.png

Requested by

Host: www.payerdemo.dev.waltzportals.com
URL: https://www.payerdemo.dev.waltzportals.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e1141eb675f65ac889867c6f551a0f21c759532750d67ac67a5743e0ae05b84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.payerdemo.dev.waltzportals.com/

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
etag: "05472982"
referrer-policy: same-origin
x-content-type-options: nosniff
content-length: 58014
date: Thu, 03 Oct 2024 11:50:21 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 02 Oct 2024 18:35:23 GMT

GET
H2 200 Save.png
www.payerdemo.dev.waltzportals.com/media/ 70 KB
70 KB 42ms
42ms Image
image/png 20.82.22.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payerdemo.dev.waltzportals.com/media/Save.png

Requested by

Host: www.payerdemo.dev.waltzportals.com
URL: https://www.payerdemo.dev.waltzportals.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

19c36df0780990ce30c2177b25e167d8c36ae4d4da14dc6a990b8715dc58b303

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.payerdemo.dev.waltzportals.com/

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
etag: "05472982"
referrer-policy: same-origin
x-content-type-options: nosniff
content-length: 71748
date: Thu, 03 Oct 2024 11:50:21 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 02 Oct 2024 18:35:23 GMT

GET
H3 200 pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G1ilXs1Ul.woff2
fonts.gstatic.com/s/nunitosans/v15/ 14 KB
14 KB 468ms
32ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G1ilXs1Ul.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:ital@0;1&display=swap&cb=1727894045560

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

38a3a7b587a96ccb845942e710e2f7063a11406ecd054e98772160e2e49a77ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.payerdemo.dev.waltzportals.com
Referer: https://fonts.googleapis.com/

Response headers

age: 185507
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 01 Oct 2025 08:18:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:18:35 GMT
last-modified: Thu, 27 Apr 2023 00:20:32 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13860
x-xss-protection: 0
server: sffe

GET
H2 200 WH_LockupNavy.png
www.payerdemo.dev.waltzportals.com/media/ 8 KB
8 KB 31ms
30ms Image
image/png 20.82.22.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payerdemo.dev.waltzportals.com/media/WH_LockupNavy.png

Requested by

Host: www.payerdemo.dev.waltzportals.com
URL: https://www.payerdemo.dev.waltzportals.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

72a56f792bcd004dc7bb6aff8057d997b54370755c4aa19eb5d878a211e8f96d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.payerdemo.dev.waltzportals.com/

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
etag: "05472982"
referrer-policy: same-origin
x-content-type-options: nosniff
content-length: 8085
date: Thu, 03 Oct 2024 11:50:20 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 02 Oct 2024 18:35:23 GMT

POST
H2 200 track Show response
eastus-8.in.applicationinsights.azure.com//v2/ 62 B
166 B 101ms
99ms XHR
application/json 52.188.247.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-8.in.applicationinsights.azure.com//v2/track

Requested by

Host: www.payerdemo.dev.waltzportals.com
URL: https://www.payerdemo.dev.waltzportals.com/static/js/main.c62f122a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.148 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

b5a6b8f8dced09bf18920a311f765abe1ee41b3153a14ac76cad8e42e7b8a563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/json
Referer

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Thu, 03 Oct 2024 11:50:22 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

GET
H2 200 popularsearches Show response
int.mpspricing.waltzapis.com/DrugSearchApi/drugsearch/v1/ 286 B
892 B 137ms
135ms XHR
application/json 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://int.mpspricing.waltzapis.com/DrugSearchApi/drugsearch/v1/popularsearches

Requested by

Host: www.payerdemo.dev.waltzportals.com
URL: https://www.payerdemo.dev.waltzportals.com/static/js/main.c62f122a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

98ec184f79ee0878c61c9e75b17f0e0bc89971409f879f4cb974857d6f565c62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
client_id: 0da9fb8c-6941-11ec-90d6-0242ac120003
clientId: 0da9fb8c-6941-11ec-90d6-0242ac120003
browser_version: 129.0.0.0
user_agent: Chrome
Ocp-Apim-Subscription-Key: 407ae1eb69254b30a6836c440316eb8a
Accept: application/json, text/plain, */*
os_source_and_version: Linux x86_64
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-security-policy: frame-ancestors 'none'
cache-control: no-store
content-encoding: gzip
x-content-type-options: nosniff
request-context: appId=cid-v1:dd9afd66-037a-41a6-ab4a-49ee927a01cd
access-control-allow-origin: https://www.payerdemo.dev.waltzportals.com
x-cache: CONFIG_NOCACHE
date: Thu, 03 Oct 2024 11:50:23 GMT
content-type: application/json; charset=utf-8
vary: Origin,Accept-Encoding
x-azure-ref: 20241003T115023Z-r199bf87c75xdndcryx6gqmrtn00000001gg00000000b4r8
x-frame-options: DENY

OPTIONS
H2 204 track
eastus-8.in.applicationinsights.azure.com//v2/ 0
0 798ms
185ms Preflight 52.188.247.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-8.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.188.247.148 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.payerdemo.dev.waltzportals.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Thu, 03 Oct 2024 11:50:22 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

GET
H2 200 favicon.png
www.payerdemo.dev.waltzportals.com/ 922 B
996 B 31ms
30ms Other
image/png 20.82.22.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payerdemo.dev.waltzportals.com/favicon.png?v=1&cb=1727894045560

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.82.22.191 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

48530bfcf6e207ecfac70823cc71b6e02755551cd56a226c1e5548974218c024

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.payerdemo.dev.waltzportals.com/

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
etag: "05472982"
referrer-policy: same-origin
x-content-type-options: nosniff
content-length: 922
date: Thu, 03 Oct 2024 11:50:22 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 02 Oct 2024 18:35:23 GMT

OPTIONS
H2 204 popularsearches
int.mpspricing.waltzapis.com/DrugSearchApi/drugsearch/v1/ 0
0 781ms
362ms Preflight 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://int.mpspricing.waltzapis.com/DrugSearchApi/drugsearch/v1/popularsearches

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: browser_version,client_id,clientid,ocp-apim-subscription-key,os_source_and_version,user_agent
Access-Control-Request-Method: GET
Origin: https://www.payerdemo.dev.waltzportals.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: browser_version,client_id,clientid,ocp-apim-subscription-key,os_source_and_version,user_agent
access-control-allow-methods: GET,POST,GET,POST
access-control-allow-origin: https://www.payerdemo.dev.waltzportals.com
cache-control: no-store
content-security-policy: frame-ancestors 'none'
date: Thu, 03 Oct 2024 11:50:23 GMT
request-context: appId=cid-v1:dd9afd66-037a-41a6-ab4a-49ee927a01cd
strict-transport-security: max-age=2592000
vary: Origin
x-azure-ref: 20241003T115022Z-r199bf87c75xdndcryx6gqmrtn00000001gg00000000b4q2
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-frame-options: DENY

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| heap object| webpackChunkweb object| __dynProto$Gbl

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.waltzportals.com/	1970-01-21 09:27:13	Name: _hp2_id.2183018942 Value: %7B%22userId%22%3A%221407981943515972%22%2C%22pageviewId%22%3A%22947455675257926%22%2C%22sessionId%22%3A%223405171635566901%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
www.payerdemo.dev.waltzportals.com/	1970-01-21 08:44:52	Name: ai_user Value: Lmjjy8zVBRIUNN2Hb+hTdk\|2024-10-03T11:50:21.189Z
www.payerdemo.dev.waltzportals.com/	1969-12-31 23:59:59	Name: memberId Value: PXXK68652
www.payerdemo.dev.waltzportals.com/	1969-12-31 23:59:59	Name: singleBinmemberId Value: EPCUO1471
.waltzportals.com/	1970-01-20 23:59:18	Name: _hp2_ses_props.2183018942 Value: %7B%22ts%22%3A1727956220817%2C%22d%22%3A%22www.payerdemo.dev.waltzportals.com%22%2C%22h%22%3A%22%2F%22%7D
www.payerdemo.dev.waltzportals.com/	1970-01-20 23:59:18	Name: ai_session Value: zKtcSVnpqJXPonGda8eQe5\|1727956222217\|1727956222217

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
eastus-8.in.applicationinsights.azure.com
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
int.mpspricing.waltzapis.com
www.payerdemo.dev.waltzportals.com
13.107.253.45
142.250.185.195
142.250.186.170
18.173.154.101
20.82.22.191
44.198.22.65
52.188.247.148
19c36df0780990ce30c2177b25e167d8c36ae4d4da14dc6a990b8715dc58b303
38a3a7b587a96ccb845942e710e2f7063a11406ecd054e98772160e2e49a77ce
48530bfcf6e207ecfac70823cc71b6e02755551cd56a226c1e5548974218c024
4af9818eed3da13f6905fb141a6123aa4c5110867f090085d7a008e343f6eab2
50832590f3d0b41bf70a3e526d6b07f061f4628d5ef40e984a65c3a97d22d803
54c253ed5e6e104d757b973e6bf9b52675ed7fa3b13f89d19a854c029b328c69
636888c63e0bdeefadd13aa20c04f6e26b4c712305634aa190021b20f49313c9
72a56f792bcd004dc7bb6aff8057d997b54370755c4aa19eb5d878a211e8f96d
85fabcf618b51ec8d5c39c5a00169aa4c214926c4777151056c3bbac0fa1fd4c
98ec184f79ee0878c61c9e75b17f0e0bc89971409f879f4cb974857d6f565c62
992755183eeb7802debf83403c5d446c32ca940772b0eb456d06b24faa24708e
a4091e380a91137fb373b5d9fb50823a89c87645465377229e8c885dec908e7c
b5a6b8f8dced09bf18920a311f765abe1ee41b3153a14ac76cad8e42e7b8a563
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
e1141eb675f65ac889867c6f551a0f21c759532750d67ac67a5743e0ae05b84f

www.payerdemo.dev.waltzportals.com Open in urlscan Pro 20.82.22.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

7 IPs

2 Countries

709 kBTransfer

1998 kBSize

6 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

6 Cookies

Security Headers

Indicators

www.payerdemo.dev.waltzportals.com Open in urlscan Pro
20.82.22.191 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

709 kB
Transfer

1998 kB
Size

6
Cookies

17 HTTP transactions
0 data transactions