urlscan.io logo urlscan.io
SecurityTrails logo

app.wellapp.com Open in urlscan Pro
2600:9000:214f:e200:d:92ac:2880:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://nm.wllmsg.co/w9rMb2
Effective URL: https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0...
Submission: On January 24 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 34 HTTP transactions. The main IP is 2600:9000:214f:e200:d:92ac:2880:93a1, located in United States and belongs to AMAZON-02, US. The main domain is app.wellapp.com. The Cisco Umbrella rank of the primary domain is 65250.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 27th 2023. Valid for: a year.
This is the only time app.wellapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 18.214.160.33 14618 (AMAZON-AES)
23 2600:9000:214... 16509 (AMAZON-02)
1 34.36.213.229 396982 (GOOGLE-CL...)
4 151.101.67.9 54113 (FASTLY)
3 35.170.183.221 14618 (AMAZON-AES)
2 3.223.63.250 14618 (AMAZON-AES)
1 204.62.118.87 19247 (AS19247)
34 6
2    18.214.160.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-160-33.compute-1.amazonaws.com
nm.wllmsg.co
23    2600:9000:214f:e200:d:92ac:2880:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.wellapp.com
1    34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com
cdn.pendo.io
4    151.101.67.9 (United States)

ASN54113 (FASTLY, US)
sdk.split.io
3    35.170.183.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-183-221.compute-1.amazonaws.com
www.well-health-app.com
2    3.223.63.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-63-250.compute-1.amazonaws.com
auth.split.io
1    204.62.118.87 (Chicago, United States)

ASN19247 (AS19247, US)
PTR: www.cadencehealth.org
www.nm.org
Apex Domain
Subdomains		 Transfer
23 wellapp.com
app.wellapp.com — Cisco Umbrella Rank: 65250
6 MB
6 split.io
sdk.split.io — Cisco Umbrella Rank: 2531
auth.split.io — Cisco Umbrella Rank: 2900
10 KB
3 well-health-app.com
www.well-health-app.com — Cisco Umbrella Rank: 72973
2 KB
2 wllmsg.co
nm.wllmsg.co
258 B
1 nm.org
www.nm.org — Cisco Umbrella Rank: 162353
3 KB
1 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 750
144 KB
34 6
Domain Requested by
23 app.wellapp.com app.wellapp.com
4 sdk.split.io app.wellapp.com
3 www.well-health-app.com app.wellapp.com
2 auth.split.io app.wellapp.com
2 nm.wllmsg.co 2 redirects
1 www.nm.org
1 cdn.pendo.io app.wellapp.com
34 7

This site contains no links.

Subject Issuer Validity Valid
*.wellapp.com
Amazon RSA 2048 M02		 2023-04-27 -
2024-05-25		 a year crt.sh
cdn.pendo.io
GTS CA 1D4		 2023-12-06 -
2024-03-05		 3 months crt.sh
*.split.io
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-07-02 -
2024-08-02		 a year crt.sh
*.well-health-app.com
Amazon RSA 2048 M03		 2023-11-15 -
2024-12-13		 a year crt.sh
nm.org
Entrust Certification Authority - L1K		 2023-03-15 -
2024-04-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
Frame ID: 6B00498EBC53A16CDACAE9C4EEF649E5
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Confirm Your Appointment - Artera

Page URL History Show full URLs

  1. https://nm.wllmsg.co/w9rMb2 HTTP 301
    https://nm.wllmsg.co/w9rMb2/ HTTP 302
    https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=e... Page URL

Page Statistics

34
Requests

100 %
HTTPS

14 %
IPv6

6
Domains

7
Subdomains

6
IPs

1
Countries

6350 kB
Transfer

6654 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nm.wllmsg.co/w9rMb2 HTTP 301
    https://nm.wllmsg.co/w9rMb2/ HTTP 302
    https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request confirm
app.wellapp.com/
Redirect Chain
  • https://nm.wllmsg.co/w9rMb2
  • https://nm.wllmsg.co/w9rMb2/
  • https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10a7cf10f1725907a6e52b6d9e9cb1f3b990813dbd2babb38009212ba32e1be6
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6666
content-length
3226
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
content-type
text/html
date
Wed, 24 Jan 2024 17:44:26 GMT
etag
"4baff2edb2592249b9fe7359e70bb8cb"
last-modified
Wed, 24 Jan 2024 17:40:12 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
x-amz-cf-id
3z4Cr8ZhFTbetMnk7cdQ-IvVlVUuLwGV_fLMjT6Ekz8GPkLc1S1fHg==
x-amz-cf-pop
FRA53-C1
x-cache
Error from cloudfront

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 19:35:31 GMT
location
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
x-frame-options
SAMEORIGIN
main.js
app.wellapp.com/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/main.js
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f8102efcd98bb655de5860bdf029cf53f799460e69648ba514e1c8cab1bf380
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 17:44:26 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:12 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
6666
etag
"4d8d4fc9bd50ad05d2d4d5882bfafde0"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
1958634
x-amz-cf-id
h0q9IVIr4f2AFyauBLJl3LeZJsiio2NhDo5NagJlcxCRO7Mr2PMdgg==
companion.js
app.wellapp.com/static/js/ 		315 B
895 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/static/js/companion.js?h=ce542e52c06f4026b99110460b90ff47
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec3cc0a1c48007a33ecf563a2461a77227b81b9e63d08124edbfc9db0335a904
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 17:44:26 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:13 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
6666
etag
"02a25e5b072d2a4cbabb53906244a549"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
315
x-amz-cf-id
H-65WsuPx_RzKYw97ED3Z9iD2czzz6nQFNbK8e9AHT-OjT2PEFyfQQ==
pendo.js
cdn.pendo.io/agent/static/f6aa04cd-4ebe-4bb1-40bd-e824b91820f4/ 		434 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/f6aa04cd-4ebe-4bb1-40bd-e824b91820f4/pendo.js
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
229.213.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
99c20b1b250af24dd65ea32f7b8dc227eac1df8508a12d7d4c3d1003eb45103b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.wellapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 15:31:41 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains
age
14630
x-guploader-uploadid
ABPtcPq6WtzkfcU0oLsVsaU5vcjuWdUKzRVNfHAFptw1yhGx0m0DCBzUsqb9ipxEVgy7CIqcwgE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146490
last-modified
Thu, 18 Jan 2024 19:12:34 GMT
server
UploadServer
etag
"e613d75e06a32d4d1084678b837843a8"
vary
Accept-Encoding
x-goog-generation
1705605154857955
x-goog-hash
crc32c=/v0Khw==, md5=5hPXXgajLU0QhGeLg3hDqA==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=450
x-goog-stored-content-length
146490
accept-ranges
bytes
content-type
application/javascript
env-config.json
app.wellapp.com/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/env-config.json?h=1706124932191
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72427c72e025543fabe0853df98d74c7144c45bc71100ceb797a0faffb3ee97c
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 17:44:28 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:11 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
6665
etag
"0aa6265ea035cf97c4967fa67f6ce72b"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/json
content-length
1051
x-amz-cf-id
mzcRdgSowsxUsyDbU4nGcCJsQAK75fhm89qMgd4pIWMemvJMOzNDNA==
prod
sdk.split.io/api/mySegments/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://app.wellapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://app.wellapp.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length
37
date
Wed, 24 Jan 2024 19:35:32 GMT
retry-after
0
server
Varnish
strict-transport-security
max-age=15770000; includeSubdomains
vary
Cookie
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-etou8220025-FRA
x-timer
S1706124932.328102,VS0,VE0
splitChanges
sdk.split.io/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?since=-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://app.wellapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://app.wellapp.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length
37
date
Wed, 24 Jan 2024 19:35:32 GMT
retry-after
0
server
Varnish
strict-transport-security
max-age=15770000; includeSubdomains
vary
Cookie
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-etou8220025-FRA
x-timer
S1706124932.328472,VS0,VE0
prod
sdk.split.io/api/mySegments/ 		17 B
433 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/prod
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
application/json
Referer
https://app.wellapp.com/
accept-language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.22.3
Authorization
Bearer i1fhq7kins5lkdhju7hpegiu472gfkfciamv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15770000; includeSubdomains
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 24 Jan 2024 19:35:32 GMT
age
286583
x-cache
HIT, HIT
content-length
41
x-served-by
cache-iad-kjyo7100022-IAD, cache-fra-etou8220025-FRA
x-timer
S1706124932.354128,VS0,VE3
etag
"1000002"
vary
Accept-Encoding, Origin, Authorization
trace
cache-iad-kjyo7100022-IAD-d9298953-b14a-4566-9124-bb2c75c79e31; cache-fra-etou8220021-FRA-9a3df46a-3306-4c31-9868-bddfd5988af7
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-Id
cache-control
no-transform, max-age=60, s-maxage=60
accept-ranges
bytes
x-cache-hits
3115, 1
splitChanges
sdk.split.io/api/ 		47 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?since=-1
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ff081f7bc2e6ceba3dd3314195322ca6ab30078a0d492362e1869877b680bcd
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
application/json
Referer
https://app.wellapp.com/
accept-language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.22.3
Authorization
Bearer i1fhq7kins5lkdhju7hpegiu472gfkfciamv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15770000; includeSubdomains
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 24 Jan 2024 19:35:32 GMT
age
0
x-cache
MISS, MISS
content-length
8402
x-served-by
cache-iad-kiad7000096-IAD, cache-fra-etou8220025-FRA
last-modified
Tue, 23 Jan 2024 17:57:29 GMT
x-timer
S1706124932.354152,VS0,VE120
etag
"1706032649248"
vary
Accept-Encoding, Origin, Authorization
content-type
application/json; charset=utf-8
trace
cache-iad-kiad7000096-IAD-4f057a99-0bec-449c-9475-163707ff12a9; cache-fra-etou8220025-FRA-2b17ac8a-b2db-42f6-8f25-c470360d99c2
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-Id
cache-control
no-transform, max-age=60, s-maxage=60
accept-ranges
bytes
x-cache-hits
0, 0
getEnterpriseBranding
www.well-health-app.com/clientapi/parse/functions/ 		152 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.well-health-app.com/clientapi/parse/functions/getEnterpriseBranding
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.183.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-183-221.compute-1.amazonaws.com
Software
/
Resource Hash
bb5d931d517430695ef36ab2ff211a45a4466a61be4865d94c003bfa4792e67e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.wellapp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 24 Jan 2024 19:35:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
etag
W/"98-xZOsbVtnZVu/ElEAhbOEZKmE0ts"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.wellapp.com
access-control-allow-methods
*
cache-control
no-cache
access-control-allow-headers
X-Parse-Master-Key, X-Parse-REST-API-Key, X-Parse-Javascript-Key, X-Parse-Application-Id, X-Parse-Client-Version, X-Parse-Session-Token, X-Requested-With, X-Parse-Revocable-Session, Content-Type
content-length
152
x-xss-protection
1; mode=block
auth
auth.split.io/api/v2/ 		680 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.split.io/api/v2/auth?users=prod
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.63.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-63-250.compute-1.amazonaws.com
Software
/
Resource Hash
582942374dd2b196c293d2c913a10b91754013d4fc25a19d8e841a8bfcab0af2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15770000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json
Referer
https://app.wellapp.com/
accept-language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.22.3
Authorization
Bearer i1fhq7kins5lkdhju7hpegiu472gfkfciamv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 24 Jan 2024 19:35:32 GMT
Strict-Transport-Security
max-age=15770000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://app.wellapp.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
Content-Length
680
auth
auth.split.io/api/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.split.io/api/v2/auth?users=prod
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.63.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-63-250.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15770000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://app.wellapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
https://app.wellapp.com
Connection
keep-alive
Content-Length
4
Content-Type
application/json; charset=utf-8
Date
Wed, 24 Jan 2024 19:35:32 GMT
Strict-Transport-Security
max-age=15770000; includeSubDomains
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
x-frame-options
DENY
x-permitted-cross-domain-policies
master-only
version.json
app.wellapp.com/static/ 		54 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/static/version.json?q=1706124932707
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
037d71405d57b731bb9bbc7ca9b026796df155fa55c68d1044d52ee71edd9b83
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 24 Jan 2024 17:42:26 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:13 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
6786
etag
"0e0279eb2c1f53675bb65ae144bf074a"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/json
content-length
54
x-amz-cf-id
K_fRNR_1lCItZHxVMiutT-ClCsyRInAqcIPxoiL8qazo8628I_AmGQ==
webapp.js
app.wellapp.com/webapp/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/webapp/webapp.js
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9df5cd8f5aa1f4e25ff8b7217cc2a7d06e64e99f2cf4fbd9270ff95502ea9a0a
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:03:19 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:18 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
5534
etag
"a00a3ba6ac6f60f98e75a7ef02dc7072"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
4002
x-amz-cf-id
WcNKDfmlE-8P-xtCR2rYJhPMGfmWx5GFrL16LH4hcZsd6_-AtT8Xsg==
login.js
app.wellapp.com/login/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/login/login.js
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9eef85e434a691abb362d98830dbfd9510b1f2515b47ce65b0879cbd46422b4f
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:03:19 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:12 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
5534
etag
"e690295bc896ed56f1bd6d32db2a2d5b"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
3722
x-amz-cf-id
6lka_P5mGsIZKaCIeao68vnguGBkWh7DmM319r2Mejg7xH6ushzuLg==
embedded.js
app.wellapp.com/embedded/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/embedded/embedded.js
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d8b4b5233bf96a16c285c361f64239cb08c25e953779cff2ec7ce713f9ce760
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:03:19 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:11 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
5534
etag
"f9e3b1d772f451c222b8e59c5886941d"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
3728
x-amz-cf-id
WpAT6LxBAKlIrWazcUlOqPLbQUl4m-DbZq2ch3Fx0GnamT3zQSe6DQ==
campaigns.js
app.wellapp.com/campaigns/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/campaigns/campaigns.js
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
789ea0894bc1ec2f62d676425b36e40e437767a66ed5af6c7a41aa88874edd44
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:03:19 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:11 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
5534
etag
"58188e1af6866b6dc70ce7025f9812c4"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
3729
x-amz-cf-id
YS1JA3U3IGaIlwXCihBRDe6SLfEZVZW_50nn0BedOIUInlHmklQIkw==
caselist.js
app.wellapp.com/caselist/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/caselist/caselist.js
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6d33f5af6de05fb5c956adab64b654176cf25b919adf9e4fddf49dcfbaade1f
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:03:19 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:11 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
5534
etag
"d901cacb5f6129bfa7d2587eb067cefb"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
3728
x-amz-cf-id
g_l76zogQua6jyoOG5bCpWnRaOJrzZP3GKRshpN4N3j-Bg4skqtqxQ==
chatassist.js
app.wellapp.com/chatassist/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/chatassist/chatassist.js
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5775b78c98673c38ccdd82f0a8ec7b3539a01b5f09a9d7d069c40316af7e062c
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:03:19 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:11 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
5534
etag
"05a85a3eeafb7a2c8ac6a611fab2b966"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
3731
x-amz-cf-id
dZJWMs_gBdePLlKvvOeUy2rFIfFDONPPCp8PYpkhogMxJTM1x2q3hg==
adminconsole.js
app.wellapp.com/adminconsole/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/adminconsole/adminconsole.js
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
455b9e91661c71f30312d4e603fcb5fcf4034cbc5cc56f49ed51464e9f96e9f3
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:03:19 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:10 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
5534
etag
"328fd1c55ae91160eb3fbbc21932394d"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
3736
x-amz-cf-id
hbVzNzpmT-43asMShpJnHr4_jXyc0zQ0XSQAyC9Y1y1Jmy1W-_0jvQ==
automations.js
app.wellapp.com/automations/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/automations/automations.js
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a91485cb5296c108206ed3e560358c8c13c3a07955f3151c4869e468557dc8e
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:03:19 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:10 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
5534
etag
"d93a06800ceb539ff755ef4f3af8d0de"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
3966
x-amz-cf-id
kMopGDX8DB3b9D8l2NMcwWNXpIYWhSwgUjhBLL0EO5Dpsjv2M73efg==
analytics.js
app.wellapp.com/analytics/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/analytics/analytics.js
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
181130323f1b3b480d059d8db67ae8ac6a7b6e04211c37ab09c5ff484e11fad7
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:03:18 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:10 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
5535
etag
"cbab1b6d6b2d2223742429f5cd89369b"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
3730
x-amz-cf-id
L99A9WvnbX33ZxYea4AGkvh712cDTlkQLsvtUX7DxDNTb28Jb7Lsyg==
patients.js
app.wellapp.com/patients/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/patients/patients.js
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c853ff91a40a0d670a38fb624c04c761c67e3fa088a4d9892cc6478b0a8b154
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:03:19 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:12 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
5534
etag
"69830e366ef93c820c6ec9b50907d2c2"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
3726
x-amz-cf-id
ZUXr30MXXJ1p990EYH443cOEv5v9t0GcWG0i_eTVE7-868_s2cop8A==
referralqueues.js
app.wellapp.com/referralqueues/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/referralqueues/referralqueues.js
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec0e7078f9d71828954926bc2c863afb19c425e5dac4fb0e786c035a081e10c1
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 17:47:14 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:13 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
6499
etag
"dfc849d8489235f355082916df9b3b72"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
3740
x-amz-cf-id
P72rDUKE0-9E9HB3dGlQUxesGnCkfWI82WuFqnRWu9efFmfM_BBVlQ==
570.js
app.wellapp.com/webapp/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/webapp/570.js
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/webapp/webapp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
401ca8743a5d5a9d0f873fdf4ff74ec15e7f9f1ed59f76491f253def64d5bf22
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 17:47:14 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:17 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
6499
etag
"6a09a5672316b1147096240ab0c3dbcf"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
2202169
x-amz-cf-id
g4ISrYdMRMjreJ3vHM-7ATm7HNoDVFIQkzAZmuqqGOXl03FApNV14A==
757.js
app.wellapp.com/webapp/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/webapp/757.js
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/webapp/webapp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dee45fb2f092f662ccbf3e9690b6963881bb95327ea16dc4a36e77f2f0562b96
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 17:44:35 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:17 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
6658
etag
"e9bca2ce7951ecd06ec5dfaefbd2c630"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
1334926
x-amz-cf-id
Ie_smpTR8naQw_g53t_Wk5YDu2dws7T_HQ4VW0FzyKV5QqnTs_16VA==
getEnterpriseBranding
www.well-health-app.com/clientapi/parse/functions/ 		152 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.well-health-app.com/clientapi/parse/functions/getEnterpriseBranding
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.183.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-183-221.compute-1.amazonaws.com
Software
/
Resource Hash
bb5d931d517430695ef36ab2ff211a45a4466a61be4865d94c003bfa4792e67e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.wellapp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 24 Jan 2024 19:35:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
etag
W/"98-xZOsbVtnZVu/ElEAhbOEZKmE0ts"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.wellapp.com
access-control-allow-methods
*
cache-control
no-cache
access-control-allow-headers
X-Parse-Master-Key, X-Parse-REST-API-Key, X-Parse-Javascript-Key, X-Parse-Application-Id, X-Parse-Client-Version, X-Parse-Session-Token, X-Requested-With, X-Parse-Revocable-Session, Content-Type
content-length
152
x-xss-protection
1; mode=block
332.js
app.wellapp.com/webapp/ 		30 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/webapp/332.js
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/webapp/webapp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd8d70a83adda3c9a5f45087b16fa7bc57054d9c3144e164bbc318c2be2a8e68
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 17:47:17 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:17 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
6497
etag
"45bedb35dffe158c25b242286eab551a"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
30647
x-amz-cf-id
agTx8zhHXKu6KBKHjkmb1g7u0IEBTN633I-7nyYkAagYlA8Bf0oYMg==
northwestern-medicine-logo.png
www.nm.org/Content/Northwestern/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nm.org/Content/Northwestern/img/northwestern-medicine-logo.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.62.118.87 Chicago, United States, ASN19247 (AS19247, US),
Reverse DNS
www.cadencehealth.org
Software
/
Resource Hash
6e52b88fc554d403fd0f71905c9768efff3e16d2af7ac2c3660e76ee4f7b5470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.wellapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-env-node
B
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 24 Jan 2024 19:35:26 GMT
last-modified
Fri, 15 Sep 2023 15:25:28 GMT
etag
"02431dbe8e7d91:0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public,max-age=604800
accept-ranges
bytes
content-length
2946
getApptInfo
www.well-health-app.com/clientapi/parse/functions/ 		469 B
995 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.well-health-app.com/clientapi/parse/functions/getApptInfo
Requested by
Host: app.wellapp.com
URL: https://app.wellapp.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.183.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-183-221.compute-1.amazonaws.com
Software
/
Resource Hash
912936f07e7d0fa758d93bb85d73c8887ed8e6c75a4afbd1031084692fc7e1db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.wellapp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 24 Jan 2024 19:35:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
etag
W/"1d5-HB1oid9z+3OaN8cBN2ZqD+Aa1ek"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.wellapp.com
access-control-allow-methods
*
cache-control
no-cache
access-control-allow-headers
X-Parse-Master-Key, X-Parse-REST-API-Key, X-Parse-Javascript-Key, X-Parse-Application-Id, X-Parse-Client-Version, X-Parse-Session-Token, X-Requested-With, X-Parse-Revocable-Session, Content-Type
content-length
469
x-xss-protection
1; mode=block
77b3b9481f1277a47dec.ttf
app.wellapp.com/ 		117 KB
118 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/77b3b9481f1277a47dec.ttf?h=ce542e52c06f4026b99110460b90ff47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c4b41acf432452ec10d4f7007cf2c89f966607e77573a3d47e7c0a32eeb955ba
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
Origin
https://app.wellapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 17:44:37 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:09 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
6657
etag
"4c768843c9fa6593074231cd762b83f8"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache
Hit from cloudfront
content-type
font/ttf
access-control-allow-origin
*
content-length
120140
x-amz-cf-id
CxUskHx3EahFuf_RPkAvZwrf863vzTv2o8-HY6rNXKQTo1tARtCe_A==
809fd7a3fac9775a979f.ttf
app.wellapp.com/webapp/ 		98 KB
99 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/webapp/809fd7a3fac9775a979f.ttf?h=b06afd56c3ab4657b0f28e02c043efaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c729fb9e9113b95da37edd1ee95a983d22c46b646fc2427641943ecd3b86e104
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
Origin
https://app.wellapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 17:44:37 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:17 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
6658
etag
"096d8c73bb18e4328284f25138b47ac6"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache
Hit from cloudfront
content-type
font/ttf
access-control-allow-origin
*
content-length
100256
x-amz-cf-id
YONj1jCneLI7pkQ4b4p2Um1DGwYzDSVzB8p6LU8cmgznQS4fE690Rw==
2fd6fd00b03cd5d6bdad.woff2
app.wellapp.com/webapp/ 		418 KB
419 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/webapp/2fd6fd00b03cd5d6bdad.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f450dd903b7e6e62eb9c722c2f475142ca1b2dbfff601f1c4f7611ccfc1e1d04
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
Origin
https://app.wellapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 18:06:11 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:17 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
5364
etag
"c46d631be61d9699457d5c8375d39d4b"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
content-length
427596
x-amz-cf-id
u2xGd48-F3Wp-LMiDJ-ZnqlcE2tC9oq_1gThBWxS_-xTvMAv-00BcA==
ac568e1f1b394b9786bd.ttf
app.wellapp.com/webapp/ 		94 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.wellapp.com/webapp/ac568e1f1b394b9786bd.ttf?h=b06afd56c3ab4657b0f28e02c043efaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:d:92ac:2880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34ad67cfc362403e3baabe4ad0f4ef0b4b6b68e2f252dd703bbb1e10198188e2
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
Origin
https://app.wellapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 19:35:35 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
last-modified
Wed, 24 Jan 2024 17:40:18 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
etag
"5a798cdadc7cd321e3f72425b70bface"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache
Miss from cloudfront
content-type
font/ttf
access-control-allow-origin
*
content-length
96428
x-amz-cf-id
aQ2YjPQPXK4qR9G77NHMJo-JvCqnOirTD81301Xb8WL2nbhO7FMnpg==

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| pendo object| webpackChunkfenotype function| clearImmediate function| setImmediate function| singleSpaNavigate object| __MUI_LICENSE_INFO__ function| IMask number| 2f1acc6c3a606b082e5eef5e54414ffb object| DD_LOGS object| webapp object| patients object| chatassist object| login object| adminconsole object| embedded object| analytics object| automations object| campaigns object| referralqueues object| caselist function| filterCSS function| filterXSS

2 Cookies

Domain/Path Name / Value
app.wellapp.com/ Name: routeToNew
Value: true
app.wellapp.com/ Name: _dd_s
Value: logs=1&id=0a4e620d-5186-4f25-afab-0552f53deb00&created=1706124932243&expire=1706125832243

1 Console Messages

Source Level URL
Text
network error URL: https://app.wellapp.com/confirm?lineId=Sd93FPyTe&apptIds=35e510a6-be68-4718-a6d8-7ef21dae1e9a&lang=en-US&enterpriseId=M0Cg10JUk
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://launch.smarthealthit.org https://*.well-health-app.com https://*.artera.app https://*.artera.dev https://*.artera-ca.app https://*.artera-ca.dev https://vendorservices.epic.com https://*.sansumclinic.org https://sansumclinic.okta.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.wellapp.com
auth.split.io
cdn.pendo.io
nm.wllmsg.co
sdk.split.io
www.nm.org
www.well-health-app.com
151.101.67.9
18.214.160.33
204.62.118.87
2600:9000:214f:e200:d:92ac:2880:93a1
3.223.63.250
34.36.213.229
35.170.183.221
037d71405d57b731bb9bbc7ca9b026796df155fa55c68d1044d52ee71edd9b83
0c853ff91a40a0d670a38fb624c04c761c67e3fa088a4d9892cc6478b0a8b154
10a7cf10f1725907a6e52b6d9e9cb1f3b990813dbd2babb38009212ba32e1be6
181130323f1b3b480d059d8db67ae8ac6a7b6e04211c37ab09c5ff484e11fad7
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
34ad67cfc362403e3baabe4ad0f4ef0b4b6b68e2f252dd703bbb1e10198188e2
401ca8743a5d5a9d0f873fdf4ff74ec15e7f9f1ed59f76491f253def64d5bf22
455b9e91661c71f30312d4e603fcb5fcf4034cbc5cc56f49ed51464e9f96e9f3
4ff081f7bc2e6ceba3dd3314195322ca6ab30078a0d492362e1869877b680bcd
5775b78c98673c38ccdd82f0a8ec7b3539a01b5f09a9d7d069c40316af7e062c
582942374dd2b196c293d2c913a10b91754013d4fc25a19d8e841a8bfcab0af2
6e52b88fc554d403fd0f71905c9768efff3e16d2af7ac2c3660e76ee4f7b5470
72427c72e025543fabe0853df98d74c7144c45bc71100ceb797a0faffb3ee97c
789ea0894bc1ec2f62d676425b36e40e437767a66ed5af6c7a41aa88874edd44
8a91485cb5296c108206ed3e560358c8c13c3a07955f3151c4869e468557dc8e
8f8102efcd98bb655de5860bdf029cf53f799460e69648ba514e1c8cab1bf380
912936f07e7d0fa758d93bb85d73c8887ed8e6c75a4afbd1031084692fc7e1db
99c20b1b250af24dd65ea32f7b8dc227eac1df8508a12d7d4c3d1003eb45103b
9d8b4b5233bf96a16c285c361f64239cb08c25e953779cff2ec7ce713f9ce760
9df5cd8f5aa1f4e25ff8b7217cc2a7d06e64e99f2cf4fbd9270ff95502ea9a0a
9eef85e434a691abb362d98830dbfd9510b1f2515b47ce65b0879cbd46422b4f
bb5d931d517430695ef36ab2ff211a45a4466a61be4865d94c003bfa4792e67e
c4b41acf432452ec10d4f7007cf2c89f966607e77573a3d47e7c0a32eeb955ba
c729fb9e9113b95da37edd1ee95a983d22c46b646fc2427641943ecd3b86e104
d6d33f5af6de05fb5c956adab64b654176cf25b919adf9e4fddf49dcfbaade1f
dd8d70a83adda3c9a5f45087b16fa7bc57054d9c3144e164bbc318c2be2a8e68
dee45fb2f092f662ccbf3e9690b6963881bb95327ea16dc4a36e77f2f0562b96
ec0e7078f9d71828954926bc2c863afb19c425e5dac4fb0e786c035a081e10c1
ec3cc0a1c48007a33ecf563a2461a77227b81b9e63d08124edbfc9db0335a904
f450dd903b7e6e62eb9c722c2f475142ca1b2dbfff601f1c4f7611ccfc1e1d04