patientportal.clinictocloud.com.au Open in urlscan Pro
13.70.72.44  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request e00f329b-a996-4073-8b57-2df39ec4df25 Show response patientportal.clinictocloud.com.au/login/activate/	480 B 807 B	1079ms 277ms	Document text/html	13.70.72.44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://patientportal.clinictocloud.com.au/login/activate/e00f329b-a996-4073-8b57-2df39ec4df25 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.70.72.44 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 4db015622f3628b4e4ba75d33706a75de990c944e0aee167a4d724f491fcc1e4 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Host patientportal.clinictocloud.com.au Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 402 Content-Type text/html Content-Encoding gzip Last-Modified Mon, 15 Mar 2021 14:19:04 GMT Accept-Ranges bytes ETag "1d719a626fb7de0" Vary Accept-Encoding Server Microsoft-IIS/10.0 Request-Context appId=cid-v1:c3557977-e439-4474-a289-4e86eee6ba1a Strict-Transport-Security max-age=2592000 X-Powered-By ASP.NET Date Tue, 16 Mar 2021 22:48:56 GMT
GET H2	200	/ Show response js.stripe.com/v3/	216 KB 57 KB	100ms 23ms	Script application/javascript	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: patientportal.clinictocloud.com.au URL: https://patientportal.clinictocloud.com.au/login/activate/e00f329b-a996-4073-8b57-2df39ec4df25 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 376f79222226df0e4aea55b6713f1767c260a11cf2dbab01418923d812e7c472 Security Headers Name Value Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://patientportal.clinictocloud.com.au/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 22:48:57 GMT content-encoding gzip vary Accept-Encoding age 294 via 1.1 varnish x-cache HIT content-length 57496 x-amz-id-2 8S86m0Lcx85FwCRShC/h0pKY7e4i8nkK1aE5d7t+dHrhIPStmt3//eTT8LyCHKkbz3EGlRU/jIA= x-served-by cache-fra19125-FRA timing-allow-origin * last-modified Tue, 16 Mar 2021 20:48:58 GMT server AmazonS3 etag "cab7ac8ec1487a16cb064993e61b5f9c" strict-transport-security max-age=31556926; includeSubDomains; preload x-amz-request-id FDPHHPHSJ51F9YYA access-control-allow-origin * cache-control public, max-age=300 content-security-policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' accept-ranges bytes content-type application/javascript; charset=utf-8 x-cache-hits 125
GET H/1.1	200 OK	styles.css patientportal.clinictocloud.com.au/	269 KB 64 KB	262ms 261ms	Stylesheet text/css	13.70.72.44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://patientportal.clinictocloud.com.au/styles.css Requested by Host: patientportal.clinictocloud.com.au URL: https://patientportal.clinictocloud.com.au/login/activate/e00f329b-a996-4073-8b57-2df39ec4df25 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.70.72.44 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 810820f0e0319d665a9aa002ca9eded459323f6f81fc2a0c8c3aac8a643bcfa3 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://patientportal.clinictocloud.com.au/login/activate/e00f329b-a996-4073-8b57-2df39ec4df25 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=2592000 Content-Encoding gzip ETag "1d719a626ff4e97" Last-Modified Mon, 15 Mar 2021 14:19:04 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Accept-Ranges bytes Date Tue, 16 Mar 2021 22:48:56 GMT Request-Context appId=cid-v1:c3557977-e439-4474-a289-4e86eee6ba1a
GET H/1.1	200 OK	bundle.js Show response patientportal.clinictocloud.com.au/	2 MB 1000 KB	1089ms 335ms	Script application/javascript	13.70.72.44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://patientportal.clinictocloud.com.au/bundle.js Requested by Host: patientportal.clinictocloud.com.au URL: https://patientportal.clinictocloud.com.au/login/activate/e00f329b-a996-4073-8b57-2df39ec4df25 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.70.72.44 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 1a52e1509d1bbfd2ef0b27280c8ec97b0096b367f827103e899473c92110f7d1 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://patientportal.clinictocloud.com.au/login/activate/e00f329b-a996-4073-8b57-2df39ec4df25 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=2592000 Content-Encoding gzip ETag "1d719a626dd61bf" Last-Modified Mon, 15 Mar 2021 14:19:04 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Accept-Ranges bytes Date Tue, 16 Mar 2021 22:48:57 GMT Request-Context appId=cid-v1:c3557977-e439-4474-a289-4e86eee6ba1a
GET H2	200	css fonts.googleapis.com/	14 KB 925 B	14ms 14ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900 Requested by Host: patientportal.clinictocloud.com.au URL: https://patientportal.clinictocloud.com.au/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 05e5a0739af3fac02c9a6adbf4f2c9fd5ba847b619fc5158f57331f7477df219 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://patientportal.clinictocloud.com.au/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 16 Mar 2021 21:59:57 GMT server ESF date Tue, 16 Mar 2021 22:48:58 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 16 Mar 2021 22:48:58 GMT
GET DATA	200 OK	truncated /	65 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d5f397f73a2fa4b456f5c08be3153da2a135e9243ff4821a0b345126787fceca Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	m-outer-0cba8a995d163797499ab006bbb6b889.html Show response js.stripe.com/v3/ Frame 0B92	215 B 589 B	22ms 21ms	Document text/html	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 0e755df7fd0c4d557bcefdd1186cc8ddb518d001d6ee462335a6debee465090b Security Headers Name Value Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority js.stripe.com :scheme https :path /v3/m-outer-0cba8a995d163797499ab006bbb6b889.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://patientportal.clinictocloud.com.au/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://patientportal.clinictocloud.com.au/ Response headers x-amz-id-2 xTMM55a3F222lKrQfeqz2jC5PJ5rctf4KceKmvpC8Ec/JjWUs9Ir+hXHZySedWRV5heKEMYNqXI= x-amz-request-id C3EQV95Y1X51Y3MZ last-modified Tue, 09 Mar 2021 20:21:15 GMT etag "0cba8a995d163797499ab006bbb6b889" cache-control public, max-age=300 content-type text/html; charset=utf-8 server AmazonS3 content-encoding gzip accept-ranges bytes date Tue, 16 Mar 2021 22:48:59 GMT via 1.1 varnish age 73 x-served-by cache-fra19125-FRA x-cache HIT x-cache-hits 65 vary Accept-Encoding access-control-allow-origin * strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * content-security-policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline' content-length 185
GET H2	200	m-outer-a7fed991536d116dae496abb616e06f8.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 0B92	1 KB 880 B	24ms 24ms	Script application/javascript	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3 Security Headers Name Value Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 22:48:59 GMT content-encoding gzip vary Accept-Encoding age 125 via 1.1 varnish x-cache HIT content-length 699 x-amz-id-2 KdsczMbxi1LUH6ibEZ3gWqsP+9FjfF9kstBrS4ZAuQ9mvXj6u0q/ZAKzAzRIhsWLXaoHabEu8z0= x-served-by cache-fra19125-FRA timing-allow-origin * last-modified Tue, 09 Mar 2021 20:21:16 GMT server AmazonS3 etag "356a16407e7a019ffdf35f454b7438a9" strict-transport-security max-age=31556926; includeSubDomains; preload x-amz-request-id WBSQ3B4QCJVW17A4 access-control-allow-origin * cache-control public, max-age=300 content-security-policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' accept-ranges bytes content-type application/javascript; charset=utf-8 x-cache-hits 92
GET H2	200	inner.html Show response m.stripe.network/ Frame 9822	33 KB 12 KB	23ms 22ms	Document text/html	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority m.stripe.network :scheme https :path /inner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://js.stripe.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://js.stripe.com/ Response headers server nginx content-type text/html; charset=utf-8 last-modified Fri, 04 Dec 2020 19:17:49 GMT etag W/"5fca8b5d-84a0" strict-transport-security max-age=31556926; includeSubDomains; preload cache-control public, max-age=300 timing-allow-origin * content-security-policy default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; content-encoding gzip via 1.1 varnish, 1.1 varnish accept-ranges bytes date Tue, 16 Mar 2021 22:48:59 GMT age 160 x-served-by cache-sea4462-SEA, cache-fra19125-FRA x-cache HIT, HIT x-cache-hits 1, 142 x-timer S1615934939.467892,VS0,VE0 vary Accept-Encoding content-length 12226
GET H/1.1	200 OK	3ab3910ef383fc3240b22e3061e37798.jpg patientportal.clinictocloud.com.au/	28 KB 28 KB	262ms 262ms	Image image/jpeg	13.70.72.44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://patientportal.clinictocloud.com.au/3ab3910ef383fc3240b22e3061e37798.jpg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.70.72.44 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash af93ca1cd470669002619dd7269540195605e1d066a706be0d673e16157ceb0d Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://patientportal.clinictocloud.com.au/login/activate/e00f329b-a996-4073-8b57-2df39ec4df25 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=2592000 ETag "1d719a626fb12fe" Last-Modified Mon, 15 Mar 2021 14:19:04 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Content-Type image/jpeg Date Tue, 16 Mar 2021 22:48:58 GMT Accept-Ranges bytes Content-Length 28414 Request-Context appId=cid-v1:c3557977-e439-4474-a289-4e86eee6ba1a
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v15/	19 KB 19 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://patientportal.clinictocloud.com.au Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 19:41:25 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:11:52 GMT server sffe age 443254 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19172 x-xss-protection 0 expires Fri, 11 Mar 2022 19:41:25 GMT
OPTIONS H2	200	track dc.services.visualstudio.com/v2/ Frame	0 0	91ms 29ms	Preflight	40.79.138.41 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Protocol H2 Server 40.79.138.41 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,sdk-context Origin https://patientportal.clinictocloud.com.au User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-methods POST access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context access-control-allow-origin * access-control-max-age 3600 x-content-type-options nosniff date Tue, 16 Mar 2021 22:48:59 GMT content-length 0
POST H2	200	track Show response dc.services.visualstudio.com/v2/	96 B 237 B	1010ms 1010ms	XHR application/json	40.79.138.41 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Requested by Host: patientportal.clinictocloud.com.au URL: https://patientportal.clinictocloud.com.au/bundle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.79.138.41 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash bf2ee81d3896720d6cbf9351adb97d88eee62cc17837144a46b77934c0225c9b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://patientportal.clinictocloud.com.au/ Sdk-Context appId User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/json Response headers x-ms-session-id FC3E9E9E-7756-47EC-B8BC-95AD02BA31CC strict-transport-security max-age=31536000 x-content-type-options nosniff date Tue, 16 Mar 2021 22:49:00 GMT access-control-max-age 3600 content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context content-length 96
POST H2	200	6 Show response m.stripe.com/ Frame 9822	156 B 518 B	544ms 182ms	XHR text/plain	18.236.19.169 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.236.19.169 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-236-19-169.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 2626d82b198a4a7e092fd5490785b7038a2ae37799d9c09eeeb6b36afd91e32d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 16 Mar 2021 22:49:00 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding content-type text/plain;charset=utf-8 access-control-allow-origin https://m.stripe.network access-control-allow-credentials true strict-transport-security max-age=31556926; includeSubDomains; preload access-control-allow-headers Content-Type
GET H/1.1	200 OK	Activate Show response patientportal-api.clinictocloud.com.au/api/Account/	247 B 1 KB	449ms 449ms	XHR application/json	13.70.72.44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://patientportal-api.clinictocloud.com.au/api/Account/Activate?linkId=e00f329b-a996-4073-8b57-2df39ec4df25 Requested by Host: patientportal.clinictocloud.com.au URL: https://patientportal.clinictocloud.com.au/bundle.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.70.72.44 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 9cb56b172355cce53c22d675eaba45c5029be6c3f42d65e0f5bc7696a374ed98 Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'self' 'sha256-wkAU1AW/h8YFx0XlzvpTllAKnFEO2tw8aKErs5a26LY='; script-src 'self' 'sha256-Tui7QoFlnLXkJCSl1/JvEZdIXTmBttnWNxzJpXomQjg=' 'sha256-0bs/NRSoYmk6n0/t3P882cb8tIAikU8ZCuR93gBHpRk='; img-src 'self' data:; Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Access-Control-Allow-Origin * Accept application/json, text/plain, */* Referer https://patientportal.clinictocloud.com.au/ Request-Id |049c823c575a43aa93286da06246a235.9c858e423027452a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/JSON Response headers Strict-Transport-Security max-age=2592000 Content-Encoding gzip Referrer-Policy no-referrer Date Tue, 16 Mar 2021 22:49:00 GMT X-Frame-Options DENY Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://patientportal.clinictocloud.com.au Transfer-Encoding chunked Content-Security-Policy default-src 'self'; style-src 'self' 'sha256-wkAU1AW/h8YFx0XlzvpTllAKnFEO2tw8aKErs5a26LY='; script-src 'self' 'sha256-Tui7QoFlnLXkJCSl1/JvEZdIXTmBttnWNxzJpXomQjg=' 'sha256-0bs/NRSoYmk6n0/t3P882cb8tIAikU8ZCuR93gBHpRk='; img-src 'self' data:; Access-Control-Allow-Credentials true Vary Accept-Encoding X-Content-Type-Options nosniff Request-Context appId=cid-v1:c3557977-e439-4474-a289-4e86eee6ba1a
OPTIONS H/1.1	200 OK	Activate patientportal-api.clinictocloud.com.au/api/Account/ Frame	0 0	1163ms 329ms	Preflight	13.70.72.44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://patientportal-api.clinictocloud.com.au/api/Account/Activate?linkId=e00f329b-a996-4073-8b57-2df39ec4df25 Protocol HTTP/1.1 Server 13.70.72.44 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers access-control-allow-origin,content-type,request-id Origin https://patientportal.clinictocloud.com.au User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers Access-Control-Allow-Origin https://patientportal.clinictocloud.com.au Access-Control-Allow-Credentials true Access-Control-Allow-Headers access-control-allow-origin,content-type,request-id Date Tue, 16 Mar 2021 22:49:00 GMT Content-Length 0
GET H3-Q050	200	JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v15/	19 KB 19 KB	34ms 21ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://patientportal.clinictocloud.com.au Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 13 Mar 2021 10:28:37 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:10:46 GMT server sffe age 303624 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19480 x-xss-protection 0 expires Sun, 13 Mar 2022 10:28:37 GMT
GET H3-Q050	200	JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v15/	19 KB 19 KB	34ms 20ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://patientportal.clinictocloud.com.au Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 10 Mar 2021 22:38:09 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:11:03 GMT server sffe age 519052 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19272 x-xss-protection 0 expires Thu, 10 Mar 2022 22:38:09 GMT

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| __webpackStripeJSv3Jsonp function| Stripe function| _ object| __localeData__ object| __SVG_SPRITE__ function| __assign function| __extends

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			patientportal.clinictocloud.com.au/	1970-01-19 16:52:16	Name: ai_session Value: I7H5oDB8B2XlkaTzNTVWf8|1615934939643|1615934939643
			patientportal.clinictocloud.com.au/	1970-01-20 01:37:50	Name: ai_user Value: Zc1ab/iXHJ9bZfkPAIoZYa|2021-03-16T22:48:59.375Z

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://patientportal.clinictocloud.com.au/bundle.js(Line 160) Message: Local Storage is unavailable, using localStorageAlternative

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
patientportal-api.clinictocloud.com.au
patientportal.clinictocloud.com.au
13.70.72.44
151.101.12.176
18.236.19.169
2a00:1450:4001:811::2003
2a00:1450:4001:82a::200a
40.79.138.41
05e5a0739af3fac02c9a6adbf4f2c9fd5ba847b619fc5158f57331f7477df219
0e755df7fd0c4d557bcefdd1186cc8ddb518d001d6ee462335a6debee465090b
1a52e1509d1bbfd2ef0b27280c8ec97b0096b367f827103e899473c92110f7d1
2626d82b198a4a7e092fd5490785b7038a2ae37799d9c09eeeb6b36afd91e32d
376f79222226df0e4aea55b6713f1767c260a11cf2dbab01418923d812e7c472
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4db015622f3628b4e4ba75d33706a75de990c944e0aee167a4d724f491fcc1e4
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
810820f0e0319d665a9aa002ca9eded459323f6f81fc2a0c8c3aac8a643bcfa3
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
9cb56b172355cce53c22d675eaba45c5029be6c3f42d65e0f5bc7696a374ed98
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
af93ca1cd470669002619dd7269540195605e1d066a706be0d673e16157ceb0d
bf2ee81d3896720d6cbf9351adb97d88eee62cc17837144a46b77934c0225c9b
d5f397f73a2fa4b456f5c08be3153da2a135e9243ff4821a0b345126787fceca