![](/screenshots/914d49f2-4a7c-43b3-9e8b-55364beff354.png)
paymybill.memorialhermann.org
Open in
urlscan Pro
2606:4700::6812:fa0
Public Scan
Effective URL: https://paymybill.memorialhermann.org/app/login/mhhs?bill_id=6886186&token=sWA9gA9zWn5aWMr-oQcCD5O8qHx1Js9QyQHk9Knv&utm_campaign=mhhs&...
Submission: On May 30 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on November 14th 2022. Valid for: a year.
This is the only time paymybill.memorialhermann.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 128.17.96.142 128.17.96.142 | 14340 (SALESFORCE) (SALESFORCE) | |
1 10 | 2606:4700::68... 2606:4700::6812:fa0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 13.32.121.116 13.32.121.116 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 54.83.115.52 54.83.115.52 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 151.101.130.137 151.101.130.137 | 54113 (FASTLY) (FASTLY) | |
2 | 162.247.241.2 162.247.241.2 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1) | |
18 | 8 |
ASN14340 (SALESFORCE, US)
PTR: click.simpleepay.com
click.simpleepay.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-116.fra60.r.cloudfront.net
cdn.heapanalytics.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-115-52.compute-1.amazonaws.com
heapanalytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
memorialhermann.org
1 redirects
paymybill.memorialhermann.org |
543 KB |
2 |
nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 1781 |
2 KB |
2 |
heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 1222 heapanalytics.com — Cisco Umbrella Rank: 1114 |
37 KB |
1 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 389 |
16 KB |
1 |
gstatic.com
fonts.gstatic.com |
34 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35 |
972 B |
1 |
simpleepay.com
1 redirects
click.simpleepay.com |
410 B |
0 |
cloudfront.net
Failed
dxql1etc638wm.cloudfront.net Failed |
|
18 | 8 |
Domain | Requested by | |
---|---|---|
10 | paymybill.memorialhermann.org |
1 redirects
paymybill.memorialhermann.org
|
2 | bam-cell.nr-data.net |
paymybill.memorialhermann.org
|
1 | js-agent.newrelic.com |
paymybill.memorialhermann.org
|
1 | heapanalytics.com |
paymybill.memorialhermann.org
|
1 | cdn.heapanalytics.com |
paymybill.memorialhermann.org
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
paymybill.memorialhermann.org
|
1 | click.simpleepay.com | 1 redirects |
0 | dxql1etc638wm.cloudfront.net Failed |
paymybill.memorialhermann.org
|
18 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
paymybill.memorialhermann.org DigiCert SHA2 Extended Validation Server CA |
2022-11-14 - 2023-11-14 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-05-08 - 2023-07-31 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-05-08 - 2023-07-31 |
3 months | crt.sh |
cdn.heapanalytics.com Amazon RSA 2048 M02 |
2023-02-21 - 2023-08-27 |
6 months | crt.sh |
heapanalytics.com Amazon RSA 2048 M02 |
2022-12-09 - 2024-01-07 |
a year | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2 |
2023-04-13 - 2024-05-14 |
a year | crt.sh |
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-18 - 2023-12-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://paymybill.memorialhermann.org/app/login/mhhs?bill_id=6886186&token=sWA9gA9zWn5aWMr-oQcCD5O8qHx1Js9QyQHk9Knv&utm_campaign=mhhs&utm_content=ET&utm_medium=email&utm_source=AssistReminder1Pathway1PayInFull&utm_term=View+%26+Pay+Bills
Frame ID: 4A06462A4DF03126A8D1D67F457DF411
Requests: 18 HTTP requests in this frame
Screenshot
![](/screenshots/914d49f2-4a7c-43b3-9e8b-55364beff354.png)
Page Title
My BillsPage URL History Show full URLs
-
https://click.simpleepay.com/?qs=dfaf8e0f394d701ffde6ca01c38e8fae4d897b206e86fb2fc54f12af7a89597736782d18...
HTTP 302
https://paymybill.memorialhermann.org/providers/mhhs/bills/6886186?token=sWA9gA9zWn5aWMr-oQcCD5O8qHx1Js9QyQHk9Knv&... HTTP 302
https://paymybill.memorialhermann.org/app/login/mhhs?bill_id=6886186&token=sWA9gA9zWn5aWMr-oQcCD5O8qHx1Js9QyQHk9Kn... Page URL
Detected technologies
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/Heap.png)
Detected patterns
- heap-\d+\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.simpleepay.com/?qs=dfaf8e0f394d701ffde6ca01c38e8fae4d897b206e86fb2fc54f12af7a89597736782d18640088a2ae8d68e7f9877f9290ac96b958baf12f
HTTP 302
https://paymybill.memorialhermann.org/providers/mhhs/bills/6886186?token=sWA9gA9zWn5aWMr-oQcCD5O8qHx1Js9QyQHk9Knv&utm_campaign=mhhs&utm_content=ET&utm_medium=email&utm_source=AssistReminder1Pathway1PayInFull&utm_term=View+%26+Pay+Bills HTTP 302
https://paymybill.memorialhermann.org/app/login/mhhs?bill_id=6886186&token=sWA9gA9zWn5aWMr-oQcCD5O8qHx1Js9QyQHk9Knv&utm_campaign=mhhs&utm_content=ET&utm_medium=email&utm_source=AssistReminder1Pathway1PayInFull&utm_term=View+%26+Pay+Bills Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
mhhs
paymybill.memorialhermann.org/app/login/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 972 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9.169d4fb2.chunk.js
paymybill.memorialhermann.org/app/static/js/ |
2 MB 450 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.db1b270e.chunk.js
paymybill.memorialhermann.org/app/static/js/ |
487 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appSettings.json
paymybill.memorialhermann.org/app/ |
58 B 178 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
28.71933e21.chunk.js
paymybill.memorialhermann.org/app/static/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heap.js
paymybill.memorialhermann.org/app/scripts/ |
632 B 497 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
paymybill.memorialhermann.org/ |
250 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v26/ |
33 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heap-3444644936.js
cdn.heapanalytics.com/js/ |
115 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newRelic.js
paymybill.memorialhermann.org/app/scripts/ |
28 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
h
heapanalytics.com/ |
37 B 261 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-spa-1211.min.js
js-agent.newrelic.com/ |
43 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
acf0d21bbd
bam-cell.nr-data.net/1/ |
56 B 954 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
acf0d21bbd
bam-cell.nr-data.net/events/1/ |
24 B 751 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
graphql
paymybill.memorialhermann.org/ |
575 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
en.json
dxql1etc638wm.cloudfront.net/patient_translation_files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
en-providers.json
dxql1etc638wm.cloudfront.net/patient_translation_files/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- dxql1etc638wm.cloudfront.net
- URL
- https://dxql1etc638wm.cloudfront.net/patient_translation_files/en.json
- Domain
- dxql1etc638wm.cloudfront.net
- URL
- https://dxql1etc638wm.cloudfront.net/patient_translation_files/en-providers.json
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| webpackJsonppatient_client function| clearImmediate function| setImmediate object| regeneratorRuntime number| __mobxInstanceCount object| __mobxGlobals function| _ object| IntlPolyfill number| 2f1acc6c3a606b082e5eef5e54414ffb object| i18n object| heap object| NREUM object| newrelic function| __nr_require5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
paymybill.memorialhermann.org/ | Name: XSRF-TOKEN Value: kKJsUmTiSRRiJO9ZwxusKGp2IXeaioxfJhIZ2V9kdh5RwvIJef3UpIbWgIVYXLINYSlpbdvFqee6h4GkHQt6qA%3D%3D |
|
.memorialhermann.org/ | Name: _hp2_id.3444644936 Value: %7B%22userId%22%3A%223808941557250639%22%2C%22pageviewId%22%3A%226550311983210539%22%2C%22sessionId%22%3A%225876512857575731%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D |
|
.memorialhermann.org/ | Name: _hp2_ses_props.3444644936 Value: %7B%22us%22%3A%22AssistReminder1Pathway1PayInFull%22%2C%22um%22%3A%22email%22%2C%22ut%22%3A%22View%20%26%20Pay%20Bills%22%2C%22uc%22%3A%22ET%22%2C%22ua%22%3A%22mhhs%22%2C%22ts%22%3A1685455827377%2C%22d%22%3A%22paymybill.memorialhermann.org%22%2C%22h%22%3A%22%2Fapp%2Flogin%2Fmhhs%22%2C%22q%22%3A%22%3Fbill_id%3D6886186%26token%3DsWA9gA9zWn5aWMr-oQcCD5O8qHx1Js9QyQHk9Knv%26utm_campaign%3Dmhhs%26utm_content%3DET%26utm_medium%3Demail%26utm_source%3DAssistReminder1Pathway1PayInFull%26utm_term%3DView%2B%2526%2BPay%2BBills%22%7D |
|
.nr-data.net/ | Name: JSESSIONID Value: 86972b18ce863d42 |
|
paymybill.memorialhermann.org/ | Name: _simplee_store2 Value: SDJ4eVN2RkRveFBlQy9mUlR4c0d6WmIrd2o3UXFaTXduRjRacHJOSU84ckhZeGZIU1lPMzI5SzlMeDV4M2NxaTB3WmRSbVlUbXpUWXhRMURMczN6Y1IweHA0TFdTZlpHcXR6MStMOXQ1SUZUbUFTQTdyMGdmb1h4T2MxRmRORDRBV0l5TytENDB4M0IzWEtCVHBsakVVUE9vQXZva0lIUlBzUFZoZmRaTXk5ci9zUHBuY2hqRHBnaHVuaktHeTdEbmZVY1Jac0J4aW56KzYrK0JsL21wUmVqZWp5bXQ4ZEpYaDdXMlJJU2tHcmVWa2NZaW8rSGZQbWJsaE9mOHRVcFZvalpRMzJvaEpEUFlLQXFsN2RxV09UQS84am11T252NHhUa28zcmh5U2s3Q3o3b21CNFl5V3ZUKzAzSG1jVjl3ZHIwWG1jbUN6Mk1QNkpMSWRSc1JyZWpTb2JINENHY1RsWGZacHFMeXQweEltODQxQUt2Y0RqS1ZHbzNVbFV1QWYxMHZwZnA0M3dpZ2c5M0ZvdnNxN1RtZ0o3amJNRDVmOEFmZlpJZnRtdGp2bTdTWmRYc2VsY2ZjOWozVUlvZElpMEh6TEhrV0VadWxVdktmRHJkNTd4bkRqQk1Ud2t3UTQ5S2NPOWUvWHczUjRwNVRkcWVZWFNvMHdqd3lBbTY1MlVjRG91Ui94amJ0RGJYMUh4NFJudTBmQ3JHc1V5bW9GbDM2aFUxVElnPS0tdUZ1ZUNnKzZQTWlOU0VXUjN5alk3UT09--52f31cca0de2ef17912f585be738738f15c646f3 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src https: data: 'unsafe-inline' 'unsafe-eval' 'self' frame-ancestors 'self' everydaywell.memorialhermann.org/ qa.everydaywell.memorialhermann.org/ dev.everydaywell.memorialhermann.org/ test.everydaywell.memorialhermann.org/ dev.lgh.patientportal.us-1.healtheintent.com www.mynahealthcare.com demo2.playground.patientportal.us-1.healtheintent.com lgh.patientportal.us-1.healtheintent.com mycare.wmchealth.org |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bam-cell.nr-data.net
cdn.heapanalytics.com
click.simpleepay.com
dxql1etc638wm.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
js-agent.newrelic.com
paymybill.memorialhermann.org
dxql1etc638wm.cloudfront.net
128.17.96.142
13.32.121.116
151.101.130.137
162.247.241.2
2606:4700::6812:fa0
2a00:1450:4001:812::2003
2a00:1450:4001:82f::200a
54.83.115.52
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
18923ba04cd4ebaee8e0acf6e45296dc5be529ff9270bc2e8dcdad45cba2e198
22f30b0eefeba07f031ac8897d03147909cb2615fa69ebc252b7e7c10227955b
25a93026bd8fa8751898da62cc4e9c6120583b5c7846dadc95296c54ccacd423
2b041c986f50081033b2353deda522cebaa77a057d76417ad94a607d4cfff93d
3984948db39e0c5e25d8e4a3adfc6154a8de39803693668620e73c15fb1b7b8a
539877722caad874241ab2ec930b7b4aaa5327a34984b64ad813f8a2998bb862
6a227e5e50554a35b3574c7391f58fa517f829318a196b2f73bc635adfec6b67
8a115dbab6e34c4859935d0f6cfdd8766d2d074d8a151a1975b0f3a07be10f0f
a2061eb10e8a3c0e330bf117df00905585db9247123b3059820809e1176cb554
a5fe8a449b232283b250621c9fc61f31a404afeee19b3b9c47712a1061106397
b57d0cc8de731cf415f59731996d3b75b169c6d170beb1f1edecd9f171c1430f
b8116dd06f6135d29007e751c20bc66dfd091675390b3fadad5106546a4a75b2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
e5b4655e2fac9e5887dfc63e54a5ea312f8779ad2a4316765a690c5177ef1acc
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d