URL: https://patient.visitnow.org/start/22a94ce98d5b8f75652deea827537a8ce497f24b
Submission: On July 01 via manual from US — Scanned from DE

Summary

This website contacted 9 IPs in 1 countries across 5 domains to perform 28 HTTP transactions. The main IP is 170.176.144.35, located in United States and belongs to ITH-AS-1, US. The main domain is patient.visitnow.org. The Cisco Umbrella rank of the primary domain is 867672.
TLS certificate: Issued by R3 on May 1st 2022. Valid for: 3 months.
This is the only time patient.visitnow.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 170.176.144.35 395359 (ITH-AS-1)
3 170.176.145.46 395359 (ITH-AS-1)
5 18.66.115.169 16509 (AMAZON-02)
3 151.101.0.176 54113 (FASTLY)
2 54.186.23.98 16509 (AMAZON-02)
2 2600:9000:224... 16509 (AMAZON-02)
3 2620:12c:9002... 395359 (ITH-AS-1)
2 52.43.93.136 16509 (AMAZON-02)
28 9
Apex Domain
Subdomains
Transfer
9 visitnow.org
patient.visitnow.org — Cisco Umbrella Rank: 867672
cdn.visitnow.org — Cisco Umbrella Rank: 517672
2 MB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1748
q.stripe.com — Cisco Umbrella Rank: 12728
m.stripe.com — Cisco Umbrella Rank: 1533
78 KB
5 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1452
37 KB
3 intouchcustomer.com
metrics.intouchcustomer.com — Cisco Umbrella Rank: 324328
918 B
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1852
16 KB
28 5
Domain Requested by
6 patient.visitnow.org cdn.visitnow.org
5 cdn.segment.com cdn.visitnow.org
cdn.segment.com
3 metrics.intouchcustomer.com cdn.visitnow.org
3 js.stripe.com cdn.visitnow.org
js.stripe.com
3 cdn.visitnow.org patient.visitnow.org
2 m.stripe.com m.stripe.network
2 m.stripe.network js.stripe.com
m.stripe.network
2 q.stripe.com patient.visitnow.org
28 8

This site contains no links.

Subject Issuer Validity Valid
visitnow.org
R3
2022-05-01 -
2022-07-30
3 months crt.sh
*.visitnow.org
DigiCert TLS RSA SHA256 2020 CA1
2022-04-28 -
2023-05-29
a year crt.sh
*.segment.com
Amazon
2022-01-12 -
2023-02-10
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2022-05-20 -
2022-09-25
4 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-05-25 -
2022-09-08
4 months crt.sh
*.intouchcustomer.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-01 -
2023-05-02
a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-11 -
2022-08-03
4 months crt.sh

This page contains 3 frames:

Primary Page: https://patient.visitnow.org/start/22a94ce98d5b8f75652deea827537a8ce497f24b
Frame ID: D9153D84CCC50AC1EEC4DE772B08D899
Requests: 20 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Frame ID: 656DAAB8E81E71631E4660BCF47B787D
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 5F6564664AABAB3E0F58048354AAF7A5
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

Online Check-In

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

28
Requests

93 %
HTTPS

25 %
IPv6

5
Domains

8
Subdomains

9
IPs

1
Countries

2236 kB
Transfer

9448 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 22a94ce98d5b8f75652deea827537a8ce497f24b
patient.visitnow.org/start/
4 KB
2 KB
Document
General
Full URL
https://patient.visitnow.org/start/22a94ce98d5b8f75652deea827537a8ce497f24b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.176.144.35 , United States, ASN395359 (ITH-AS-1, US),
Reverse DNS
Software
nginx /
Resource Hash
186a81591c5df37b09839b0c1f20e672d37023a49a9730e5507f77e227cb832f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 01 Jul 2022 18:18:42 GMT
ETag
W/"62bf37a9-ebd"
Last-Modified
Fri, 01 Jul 2022 18:06:33 GMT
Referrer-Policy
strict-origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
app-online-checkin-8e10d4a5968c845131c7.min.js
cdn.visitnow.org/patient/
9 MB
2 MB
Script
General
Full URL
https://cdn.visitnow.org/patient/app-online-checkin-8e10d4a5968c845131c7.min.js
Requested by
Host: patient.visitnow.org
URL: https://patient.visitnow.org/start/22a94ce98d5b8f75652deea827537a8ce497f24b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
170.176.145.46 , United States, ASN395359 (ITH-AS-1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84f299c5ceecef376549954c7c710359a027406f46359b54c3cf8e4b3efb79f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://patient.visitnow.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 02:21:11 GMT
content-encoding
gzip
age
57453
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-http2
Yes
last-modified
Fri, 01 Jul 2022 00:15:02 GMT
server
AmazonS3
etag
W/"da2d237cf663f22ca116f8f1f7b7a873-2"
vary
Accept-Encoding
x-amz-version-id
sDsBuU4kuE3L5sfD8nkOhegqpbKTFBZC
via
1.1 90a2caaefc6601d7221c81fd5d65a2ca.cloudfront.net (CloudFront)
cache-control
max-age=31557600
x-amz-cf-pop
LAX3-C3
content-type
application/javascript
x-amz-cf-id
nh267uXGbNeAe_JUjHzyp5iVplhrKhs4Kq4pGjM-FKgN4oAQQ6vCCw==
analytics.min.js
cdn.segment.com/analytics.js/v1/fERQhyJ0Y15ZIifDK8cTOpW27TNCPCVs/
95 KB
26 KB
Script
General
Full URL
https://cdn.segment.com/analytics.js/v1/fERQhyJ0Y15ZIifDK8cTOpW27TNCPCVs/analytics.min.js
Requested by
Host: cdn.visitnow.org
URL: https://cdn.visitnow.org/patient/app-online-checkin-8e10d4a5968c845131c7.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8ba67448d5c0470ddd5620561f2156bf406d81c038fd2ac336ca8df0726f381

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://patient.visitnow.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
RfedGt4u3EIDly0zIbisb.THu3fErWKZ
content-encoding
br
etag
W/"976d6edcdf0dd226cf1d62d138cad140"
x-amz-cf-pop
FRA56-P5
x-cache
RefreshHit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Fri, 01 Jul 2022 15:55:37 GMT
server
AmazonS3
date
Fri, 01 Jul 2022 18:18:49 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-id
A5nnqqI_NMjZqROZLKF6PSbHcTrCTyL2Am8nfn4LyJWWphwANqoY3A==
timestamp
patient.visitnow.org/qapi/
31 B
412 B
Fetch
General
Full URL
https://patient.visitnow.org/qapi/timestamp
Requested by
Host: cdn.visitnow.org
URL: https://cdn.visitnow.org/patient/app-online-checkin-8e10d4a5968c845131c7.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.176.144.35 , United States, ASN395359 (ITH-AS-1, US),
Reverse DNS
Software
nginx /
Resource Hash
8e910b440a44c3fed26e32d6b4148e6b9868517bd6f0314fc836028ae109ac75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
X-Locale
en
Referer
https://patient.visitnow.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
App-Name
online-checkin
Content-Type
application/json

Response headers

Date
Fri, 01 Jul 2022 18:18:48 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/json
Access-Control-Allow-Origin
*, *
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
31
X-XSS-Protection
1; mode=block
v3
js.stripe.com/
315 KB
74 KB
Script
General
Full URL
https://js.stripe.com/v3
Requested by
Host: cdn.visitnow.org
URL: https://cdn.visitnow.org/patient/app-online-checkin-8e10d4a5968c845131c7.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
289ac96339e8c74805f1cb72959ce65000c005b9c1594b0e77aab57eb485abbd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://patient.visitnow.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
39
x-cache
HIT
content-length
75862
etag
"560ac9b3c6ccd02b33d8964a7bd13769"
x-request-id
429aeb7d-073b-4bc9-8720-fb3b9a631449
x-served-by
cache-hhn4067-HHN
access-control-allow-origin
*
last-modified
Thu, 30 Jun 2022 22:10:37 GMT
server
Fastly
date
Fri, 01 Jul 2022 18:18:48 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
8
22a94ce98d5b8f75652deea827537a8ce497f24b
patient.visitnow.org/qapi/online/waiting-rooms/
2 KB
2 KB
Fetch
General
Full URL
https://patient.visitnow.org/qapi/online/waiting-rooms/22a94ce98d5b8f75652deea827537a8ce497f24b
Requested by
Host: cdn.visitnow.org
URL: https://cdn.visitnow.org/patient/app-online-checkin-8e10d4a5968c845131c7.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.176.144.35 , United States, ASN395359 (ITH-AS-1, US),
Reverse DNS
Software
nginx / PHP/8.0.7
Resource Hash
c06f8137f76483abe8c361e28bd1f264245233c6b01ebea492fe98637089f641
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
X-Locale
en
Referer
https://patient.visitnow.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
App-Name
online-checkin
Content-Type
application/json

Response headers

Date
Fri, 01 Jul 2022 18:18:48 GMT
X-Correlation-Id
85616610-52de-4a7a-ba41-bff843adcfd9
X-Content-Type-Options
nosniff
Server
nginx
X-Powered-By
PHP/8.0.7
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/json
Access-Control-Allow-Origin
*, *
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-XSS-Protection
1; mode=block
LatoRegular.woff2
cdn.visitnow.org/patient/fonts/
43 KB
43 KB
Font
General
Full URL
https://cdn.visitnow.org/patient/fonts/LatoRegular.woff2
Requested by
Host: patient.visitnow.org
URL: https://patient.visitnow.org/start/22a94ce98d5b8f75652deea827537a8ce497f24b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
170.176.145.46 , United States, ASN395359 (ITH-AS-1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0

Request headers

Referer
https://patient.visitnow.org/
Origin
https://patient.visitnow.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:15:51 GMT
via
1.1 d3e9860c1306f02cb57e75ed57120ee4.cloudfront.net (CloudFront)
age
874978
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-http2
Yes
content-length
43760
last-modified
Tue, 21 Jun 2022 15:06:44 GMT
server
AmazonS3
etag
"3cd36578026d6c12eddf9a5c671a251d"
access-control-allow-methods
HEAD, GET
x-amz-version-id
Ni2w_WPg9PhaR6IbluhuTRaOdkqqO3xN
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31557600
x-amz-cf-pop
LAX3-C3
accept-ranges
bytes
content-type
binary/octet-stream
x-amz-cf-id
Td5NHY8WTbbjsk7utMqGQwWYCXT1KUCMDta2qzLTEB3CxpNWEoggcA==
e0f1fcb8-9d6e-4b16-aaa4-9a211d7cc5f8
https://patient.visitnow.org/
4 KB
0
Other
General
Full URL
blob:https://patient.visitnow.org/e0f1fcb8-9d6e-4b16-aaa4-9a211d7cc5f8
Requested by
Host: patient.visitnow.org
URL: https://patient.visitnow.org/start/22a94ce98d5b8f75652deea827537a8ce497f24b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1665bce8ee33f286156e695e7a6f50d6849699811cb308b2f9fb9058f52c5d50

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length
4201
5d97e106-4d7b-45ed-97c5-ad4730c2b7ab
https://patient.visitnow.org/
4 KB
0
Other
General
Full URL
blob:https://patient.visitnow.org/5d97e106-4d7b-45ed-97c5-ad4730c2b7ab
Requested by
Host: patient.visitnow.org
URL: https://patient.visitnow.org/start/22a94ce98d5b8f75652deea827537a8ce497f24b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c7da919e8492a4b53b035a16ef32ecf97550034415bcd7598dd3a3398ec51c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length
4345
feature-toggles
patient.visitnow.org/qapi/
6 KB
7 KB
Fetch
General
Full URL
https://patient.visitnow.org/qapi/feature-toggles
Requested by
Host: cdn.visitnow.org
URL: https://cdn.visitnow.org/patient/app-online-checkin-8e10d4a5968c845131c7.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.176.144.35 , United States, ASN395359 (ITH-AS-1, US),
Reverse DNS
Software
nginx / PHP/8.0.7
Resource Hash
5de9173282d5e3da39eff80ee14100d237b9ea8afa9b7129ccf46d316af678a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-Locale
en
accept-language
de-DE,de;q=0.9
Practice-Url
virtualvisit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
App-Name
online-checkin
Content-Type
application/json
Accept
application/json
Referer
https://patient.visitnow.org/

Response headers

Date
Fri, 01 Jul 2022 18:18:48 GMT
X-Correlation-Id
93431460-8468-4226-ae02-305f19aff4ab
X-Content-Type-Options
nosniff
Server
nginx
X-Powered-By
PHP/8.0.7
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/json
Access-Control-Allow-Origin
*, *
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-XSS-Protection
1; mode=block
settings
cdn.segment.com/v1/projects/fERQhyJ0Y15ZIifDK8cTOpW27TNCPCVs/
1 KB
1 KB
XHR
General
Full URL
https://cdn.segment.com/v1/projects/fERQhyJ0Y15ZIifDK8cTOpW27TNCPCVs/settings
Requested by
Host: cdn.visitnow.org
URL: https://cdn.visitnow.org/patient/app-online-checkin-8e10d4a5968c845131c7.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e1dfec2df9e9b2ab42e5f9e417323e818b2c831229a5b36c0ab11ab6fd03ccdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://patient.visitnow.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
INHVBVpO_re7BbH7UJB0VKL7yzBfjSLf
content-encoding
br
etag
W/"ed3022d16cad9e821ead67844b7c58db"
age
2166
x-cache
Hit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Tue, 14 Jun 2022 22:16:07 GMT
server
AmazonS3
date
Fri, 01 Jul 2022 17:42:43 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
cache-control
public, max-age=10800
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
K7eG_gZo_Y4O6Z_ShviWHLS9Iapt-L150444ZlAZ05rpom31ARWJxA==
m-outer-6262077c14f753400d607dc30e70f1af.html
js.stripe.com/v3/ Frame 656D
240 B
548 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://patient.visitnow.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1812780
cache-control
max-age=31536000
content-encoding
br
content-length
139
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 01 Jul 2022 18:18:48 GMT
etag
"6262077c14f753400d607dc30e70f1af"
last-modified
Fri, 10 Jun 2022 18:43:47 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
687757
x-content-type-options
nosniff
x-request-id
c0d2aadf-a137-4ce1-855c-4b8a061861ae
x-served-by
cache-hhn4067-HHN
csp-report
q.stripe.com/ Frame 656D
0
571 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: patient.visitnow.org
URL: https://patient.visitnow.org/start/22a94ce98d5b8f75652deea827537a8ce497f24b
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 01 Jul 2022 18:18:49 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js
js.stripe.com/v3/fingerprinted/js/ Frame 656D
1 KB
827 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
56
x-cache
HIT
content-length
670
etag
"77711798ecf99b8bb8207cf88a10d73c"
x-request-id
9679b04d-949d-497e-807d-e2387b249524
x-served-by
cache-hhn4067-HHN
access-control-allow-origin
*
last-modified
Fri, 10 Jun 2022 18:43:57 GMT
server
Fastly
date
Fri, 01 Jul 2022 18:18:48 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
70
practice
patient.visitnow.org/qapi/whitelabel/patient/
3 KB
3 KB
Fetch
General
Full URL
https://patient.visitnow.org/qapi/whitelabel/patient/practice?practiceUrl=virtualvisit
Requested by
Host: cdn.visitnow.org
URL: https://cdn.visitnow.org/patient/app-online-checkin-8e10d4a5968c845131c7.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.176.144.35 , United States, ASN395359 (ITH-AS-1, US),
Reverse DNS
Software
nginx / PHP/8.0.7
Resource Hash
1c156a72db34d6f38c02ae91df6740be2f94dee4d9111529159b87bc497388ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
X-Locale
en
Referer
https://patient.visitnow.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
App-Name
online-checkin
Content-Type
application/json

Response headers

Date
Fri, 01 Jul 2022 18:18:49 GMT
X-Correlation-Id
0dcb60a0-73ce-44ae-8816-9f93be18a16c
X-Content-Type-Options
nosniff
Server
nginx
X-Powered-By
PHP/8.0.7
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/json
Access-Control-Allow-Origin
*, *
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-XSS-Protection
1; mode=block
inner.html
m.stripe.network/ Frame 5F65
930 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:5200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
217
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 01 Jul 2022 18:15:15 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-id
1lLz873FUrUMhJBEQCJ2i3MB_sRiWSg1UYEWE6d31zuIjvXR9f4o3w==
x-amz-cf-pop
DUS51-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
870.bundle.323974846b6d45afb45e.js
cdn.segment.com/analytics-next/bundles/
17 KB
5 KB
Script
General
Full URL
https://cdn.segment.com/analytics-next/bundles/870.bundle.323974846b6d45afb45e.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/fERQhyJ0Y15ZIifDK8cTOpW27TNCPCVs/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://patient.visitnow.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 04:14:53 GMT
content-encoding
br
vary
Accept-Encoding
age
137036
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 30 Jun 2022 00:39:24 GMT
server
AmazonS3
etag
W/"d471f2a8b801a51bbc09c91b3f90b749"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
eGdtYNgVU7C.sD0ud7vKl0kuuvXdbYqu
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
2oBm9kRWT0faQ1Cpfu2H2ukGAVwecEbPnztTnO5N5_NTTvmtmWFGdQ==
ajs-destination.bundle.35a8f6f19959bf2f455f.js
cdn.segment.com/analytics-next/bundles/
10 KB
4 KB
Script
General
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.35a8f6f19959bf2f455f.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/fERQhyJ0Y15ZIifDK8cTOpW27TNCPCVs/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://patient.visitnow.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 04:14:53 GMT
content-encoding
br
vary
Accept-Encoding
age
137036
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 30 Jun 2022 00:39:24 GMT
server
AmazonS3
etag
W/"e0f89f667fb8d2b50aa8e29a86a4c9b1"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
rRSPxUD4JSPvaFMNmUXrTxb4ziC5WpWM
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
-ClagqgWzr-thpIKUSjnffOAXv5qR6HwOOpSU6R8y__xMkE0tWECZA==
schemaFilter.bundle.debb169c1abb431faaa6.js
cdn.segment.com/analytics-next/bundles/
2 KB
1 KB
Script
General
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/fERQhyJ0Y15ZIifDK8cTOpW27TNCPCVs/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://patient.visitnow.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 04:14:57 GMT
content-encoding
br
vary
Accept-Encoding
age
137032
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 30 Jun 2022 00:39:24 GMT
server
AmazonS3
etag
W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
2Zx1lLvKGQVUN0CW_0j0kkuvMQ5TNtLg
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
Rj2Lpb5iLwuD8B8P7V5CGqwKIqEIhPTlgcT3vTbHt_Bhnz_7o8Lbpg==
p
metrics.intouchcustomer.com/v1/
21 B
306 B
Fetch
General
Full URL
https://metrics.intouchcustomer.com/v1/p
Requested by
Host: cdn.visitnow.org
URL: https://cdn.visitnow.org/patient/app-online-checkin-8e10d4a5968c845131c7.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:12c:9002:1::9 , United States, ASN395359 (ITH-AS-1, US),
Reverse DNS
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://patient.visitnow.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 01 Jul 2022 18:18:49 GMT
Vary
Origin
Host
metrics.intouchcustomer.com
Strict-Transport-Security
max-age=31536000
Content-Type
application/json
Access-Control-Allow-Origin
https://patient.visitnow.org
Connection
keep-alive
Content-Length
21
csp-report
q.stripe.com/ Frame 5F65
0
344 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: patient.visitnow.org
URL: https://patient.visitnow.org/start/22a94ce98d5b8f75652deea827537a8ce497f24b
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 18:18:49 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
x-content-type-options
nosniff
expires
0
out-4.5.42.js
m.stripe.network/ Frame 5F65
86 KB
14 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:5200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
age
135
date
Fri, 01 Jul 2022 18:16:40 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
j2_0g1drA82BpP2Er2wjoRn1Rtoys9_8QF-bKd7bf_N0nTFzJNmtvQ==
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
6
m.stripe.com/ Frame 5F65
156 B
523 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.93.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-93-136.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
fa3a93b2d51a9481f82358e80d3c56b93590aecb43f2dbf9b7111d7e046b1468
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 01 Jul 2022 18:18:49 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
available
patient.visitnow.org/qapi/online/checkin/22a94ce98d5b8f75652deea827537a8ce497f24b/
205 B
631 B
Fetch
General
Full URL
https://patient.visitnow.org/qapi/online/checkin/22a94ce98d5b8f75652deea827537a8ce497f24b/available
Requested by
Host: cdn.visitnow.org
URL: https://cdn.visitnow.org/patient/app-online-checkin-8e10d4a5968c845131c7.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.176.144.35 , United States, ASN395359 (ITH-AS-1, US),
Reverse DNS
Software
nginx / PHP/8.0.7
Resource Hash
921460945f5bf8d22af55c74f664ae8bde442eff0d0ffc57aae4e746323d3f47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Locale
en
accept-language
de-DE,de;q=0.9
Practice-Url
virtualvisit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
App-Name
online-checkin
Content-Type
application/json
Accept
application/json
Referer
https://patient.visitnow.org/

Response headers

Date
Fri, 01 Jul 2022 18:18:49 GMT
X-Correlation-Id
c11aa1e2-d2ae-4c54-93f9-7673fe7e3243
Server
nginx
X-Powered-By
PHP/8.0.7
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000; includeSubDomains
t
metrics.intouchcustomer.com/v1/
21 B
306 B
Fetch
General
Full URL
https://metrics.intouchcustomer.com/v1/t
Requested by
Host: cdn.visitnow.org
URL: https://cdn.visitnow.org/patient/app-online-checkin-8e10d4a5968c845131c7.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:12c:9002:1::9 , United States, ASN395359 (ITH-AS-1, US),
Reverse DNS
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://patient.visitnow.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 01 Jul 2022 18:18:49 GMT
Vary
Origin
Host
metrics.intouchcustomer.com
Strict-Transport-Security
max-age=31536000
Content-Type
application/json
Access-Control-Allow-Origin
https://patient.visitnow.org
Connection
keep-alive
Content-Length
21
LatoBold.woff2
cdn.visitnow.org/patient/fonts/
43 KB
44 KB
Font
General
Full URL
https://cdn.visitnow.org/patient/fonts/LatoBold.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
170.176.145.46 , United States, ASN395359 (ITH-AS-1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
276401632a998400be8a5895038f4f72d3760d3c3d6aaf3cf445d109cb9d1540

Request headers

Referer
https://patient.visitnow.org/
Origin
https://patient.visitnow.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:15:57 GMT
via
1.1 d3e9860c1306f02cb57e75ed57120ee4.cloudfront.net (CloudFront)
age
874973
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-http2
Yes
content-length
44380
last-modified
Tue, 21 Jun 2022 15:06:44 GMT
server
AmazonS3
etag
"3ff66ada9b57d10c17e415222486ec21"
access-control-allow-methods
HEAD, GET
x-amz-version-id
rSw83khQraDAukVyBgTg8WvMByhFI.oM
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31557600
x-amz-cf-pop
LAX3-C3
accept-ranges
bytes
content-type
binary/octet-stream
x-amz-cf-id
thM8f5FhRrKQGSuBcFnEdOr2tajxMVxwh_pUdkjBGnGk9ow1Z9ETZA==
p
metrics.intouchcustomer.com/v1/
21 B
306 B
Fetch
General
Full URL
https://metrics.intouchcustomer.com/v1/p
Requested by
Host: cdn.visitnow.org
URL: https://cdn.visitnow.org/patient/app-online-checkin-8e10d4a5968c845131c7.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:12c:9002:1::9 , United States, ASN395359 (ITH-AS-1, US),
Reverse DNS
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://patient.visitnow.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 01 Jul 2022 18:18:49 GMT
Vary
Origin
Host
metrics.intouchcustomer.com
Strict-Transport-Security
max-age=31536000
Content-Type
application/json
Access-Control-Allow-Origin
https://patient.visitnow.org
Connection
keep-alive
Content-Length
21
6
m.stripe.com/ Frame 5F65
156 B
522 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.93.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-93-136.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
fa3a93b2d51a9481f82358e80d3c56b93590aecb43f2dbf9b7111d7e046b1468
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 01 Jul 2022 18:18:53 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| environment object| config object| webpackJsonp object| SENTRY_RELEASE function| setImmediate function| clearImmediate object| regeneratorRuntime object| __SENTRY__ function| _ function| onAndroidBackPressed object| JSON3 function| onAndroidCallback function| onAndroidEvent function| onAndroidGlobalEvent object| analytics function| messageHandler object| __webpackStripeJSv3Jsonp function| Stripe object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| AnalyticsNext boolean| watchRTCInitialized

4 Cookies

Domain/Path Name / Value
.visitnow.org/ Name: ajs_anonymous_id
Value: 58bba2a6-8b85-4fc0-a2b6-0eb0b1f1f098
m.stripe.com/ Name: m
Value: cdab9c27-bb4c-48f6-a403-5cc6e8badbfead1c58
.patient.visitnow.org/ Name: __stripe_mid
Value: 26771731-141d-4860-8705-367aba906b49371915
.patient.visitnow.org/ Name: __stripe_sid
Value: 23642403-8c66-46ec-a48a-44b2193b624d359842

1 Console Messages

Source Level URL
Text
network error URL: https://patient.visitnow.org/qapi/online/checkin/22a94ce98d5b8f75652deea827537a8ce497f24b/available
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.segment.com
cdn.visitnow.org
js.stripe.com
m.stripe.com
m.stripe.network
metrics.intouchcustomer.com
patient.visitnow.org
q.stripe.com
151.101.0.176
170.176.144.35
170.176.145.46
18.66.115.169
2600:9000:224a:5200:19:7d10:bd80:93a1
2620:12c:9002:1::9
52.43.93.136
54.186.23.98
09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1665bce8ee33f286156e695e7a6f50d6849699811cb308b2f9fb9058f52c5d50
186a81591c5df37b09839b0c1f20e672d37023a49a9730e5507f77e227cb832f
1c156a72db34d6f38c02ae91df6740be2f94dee4d9111529159b87bc497388ea
276401632a998400be8a5895038f4f72d3760d3c3d6aaf3cf445d109cb9d1540
289ac96339e8c74805f1cb72959ce65000c005b9c1594b0e77aab57eb485abbd
5de9173282d5e3da39eff80ee14100d237b9ea8afa9b7129ccf46d316af678a1
84f299c5ceecef376549954c7c710359a027406f46359b54c3cf8e4b3efb79f0
85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc
8e910b440a44c3fed26e32d6b4148e6b9868517bd6f0314fc836028ae109ac75
921460945f5bf8d22af55c74f664ae8bde442eff0d0ffc57aae4e746323d3f47
99c7da919e8492a4b53b035a16ef32ecf97550034415bcd7598dd3a3398ec51c
9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a8ba67448d5c0470ddd5620561f2156bf406d81c038fd2ac336ca8df0726f381
c06f8137f76483abe8c361e28bd1f264245233c6b01ebea492fe98637089f641
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0
e1dfec2df9e9b2ab42e5f9e417323e818b2c831229a5b36c0ab11ab6fd03ccdd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fa3a93b2d51a9481f82358e80d3c56b93590aecb43f2dbf9b7111d7e046b1468