www.patientnotebook.com Open in urlscan Pro
69.2.197.43 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u2075683.ct.sendgrid.net/ls/click?upn=bA-2FeD-2BKOTKM3dSyEe4eZk1Al7AEyEZMMF6rmlmWbtrzazeL49AO56fkChMZ363O9YXVlqmhA8ttS08I...
Effective URL:
https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg
Submission: On September 22 via manual (September 22nd 2022, 2:30:43 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 11 HTTP transactions. The main IP is 69.2.197.43, located in Clarksville, United States and belongs to ASN-VINS, US. The main domain is www.patientnotebook.com. The Cisco Umbrella rank of the primary domain is 332370.
TLS certificate: Issued by Thawte RSA CA 2018 on February 9th 2022. Valid for: a year.

This is the only time www.patientnotebook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.121 167.89.115.121	11377 (SENDGRID) (SENDGRID)
11	69.2.197.43 69.2.197.43	13649 (ASN-VINS) (ASN-VINS)
11	1

1 167.89.115.121 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x121.outbound-mail.sendgrid.net

u2075683.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 69.2.197.43 (Clarksville, United States)

ASN13649 (ASN-VINS, US)
PTR: host43.69.2.197.zirmed.com

www.patientnotebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	patientnotebook.com www.patientnotebook.com — Cisco Umbrella Rank: 332370	2 MB
1	sendgrid.net 1 redirects u2075683.ct.sendgrid.net	294 B
11	2

	Domain	Requested by
11	www.patientnotebook.com	www.patientnotebook.com
1	u2075683.ct.sendgrid.net	1 redirects
11	2

This site contains links to these domains. Also see Links.

Domain
www.atlantaallergydoctor.com

Subject Issuer	Validity	Valid
www.patientnotebook.com Thawte RSA CA 2018	`2022-02-09` - `2023-02-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg
Frame ID: D4019FEA557F40F10CFED12236B3637B
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Patient Notebook

Page URL History Show full URLs

https://u2075683.ct.sendgrid.net/ls/click?upn=bA-2FeD-2BKOTKM3dSyEe4eZk1Al7AEyEZMMF6rmlmWbtrzazeL49AO56fkChMZ... HTTP 302
https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

1956 kB
Transfer

1958 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.atlantaallergydoctor.com/
Title: www.atlantaallergydoctor.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u2075683.ct.sendgrid.net/ls/click?upn=bA-2FeD-2BKOTKM3dSyEe4eZk1Al7AEyEZMMF6rmlmWbtrzazeL49AO56fkChMZ363O9YXVlqmhA8ttS08Icv5IvoneKeqC25Hoe3QFCr9-2Bf-2Bkhn7jDxtzdu0KlrYaCYzrgBZGVnlzW-2BLSWwUdI0aGkLBg-3D-3DgW57_pc-2BZuW7DI4K0LGfICwWtybovITvdE8CkWoOE3R5jAzOMIr-2BoVy-2FlqFKsrrK6tEsvtThCYCE78D2QHRSVdJrw0LTKPddL5VPy621LmKmTwoOkAn9u4UM5n3vkByeN8mc5FnLGcBzHB3K3PTrdiTYqUoJC61qaIfdytlW613dgul-2FekAEsq9HWG8JcOS-2BkOnUv7PRGgJMIRpPlNsZ8p6u5Iw-3D-3D HTTP 302
https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request cSISFK7MFUOZ2SzmbZNlzg Show response
www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/
Redirect Chain

https://u2075683.ct.sendgrid.net/ls/click?upn=bA-2FeD-2BKOTKM3dSyEe4eZk1Al7AEyEZMMF6rmlmWbtrzazeL49AO56fkChMZ363O9YXVlqmhA8ttS08Icv5IvoneKeqC25Hoe3QFCr9-2Bf-2Bkhn7jDxtzdu0KlrYaCYzrgBZGVnlzW-2BLSWwU...
https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg

8 KB
8 KB

2101ms
1686ms

Document
text/html

69.2.197.43
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 Clarksville, United States, ASN13649 (ASN-VINS, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

afad5a3220613928347b6fea25ad1e96968b92d737851d3034ea6aa5b9ac7d90

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Length: 7987
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=utf-8
Date: Thu, 22 Sep 2022 14:30:36 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-AspNetMvc-Version: 5.2
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 113
Content-Type: text/html; charset=utf-8
Date: Thu, 22 Sep 2022 14:30:35 GMT
Location: https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK single-column-layout-css
www.patientnotebook.com/bundles/ 179 KB
179 KB 131ms
131ms Stylesheet
text/css 69.2.197.43
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/bundles/single-column-layout-css?v=b_zrEBreTBOAAOaFGkJUsfVdlTY748LXScZGEi144Jk1

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 Clarksville, United States, ASN13649 (ASN-VINS, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

2a89b04bebfc1c0aa1c3042addae6e6fbb78a95c596814916f6daf580d2b4c2b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Sep 2022 14:30:37 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Cache-Control: public
Date: Thu, 22 Sep 2022 14:30:36 GMT
Content-Security-Policy: frame-ancestors 'self'
Vary: User-Agent
Content-Length: 182849
X-XSS-Protection: 1; mode=block
Expires: Fri, 22 Sep 2023 14:30:37 GMT

GET
H/1.1 200
OK SoftAuthorizationLogin.css
www.patientnotebook.com/Content/EnhancedEDelivery/Styles/ 8 KB
2 KB 386ms
130ms Stylesheet
text/css 69.2.197.43
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Content/EnhancedEDelivery/Styles/SoftAuthorizationLogin.css

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 Clarksville, United States, ASN13649 (ASN-VINS, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

3da0fbf985b4338702937239b8c6ba471c5ab35119975353805d77b5bf1d01c2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Sep 2022 17:46:38 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Date: Thu, 22 Sep 2022 14:30:36 GMT
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1652
ETag: "0935745f4c9d81:0"

GET
H/1.1 200
OK PNLogo.png
www.patientnotebook.com/Content/Images/ 2 KB
3 KB 404ms
135ms Image
image/png 69.2.197.43
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.patientnotebook.com/Content/Images/PNLogo.png

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 Clarksville, United States, ASN13649 (ASN-VINS, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

7c367e25281add04317a3ea72f3ea3e1e830a8ef0936a6ed94f4bb399821a873

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Sep 2022 17:46:38 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Date: Thu, 22 Sep 2022 14:30:36 GMT
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Content-Length: 2230
ETag: "584abb45f4c9d81:0"

GET
H/1.1 200
OK PN-small-symbol.png
www.patientnotebook.com/Content/Images/ 1 KB
1 KB 405ms
136ms Image
image/png 69.2.197.43
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.patientnotebook.com/Content/Images/PN-small-symbol.png

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 Clarksville, United States, ASN13649 (ASN-VINS, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

0a5f18b19447efc8c49d573767bb8abaafab4936aa6d77d661337d8ba0108c25

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Sep 2022 17:46:38 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Date: Thu, 22 Sep 2022 14:30:36 GMT
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Content-Length: 1044
ETag: "efeba45f4c9d81:0"

GET
H/1.1 200
OK ViewLogo
www.patientnotebook.com/chackoallergy/Enhanced/Landing/ 21 KB
21 KB 741ms
472ms Image
image/jpeg 69.2.197.43
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/ViewLogo

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 Clarksville, United States, ASN13649 (ASN-VINS, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

63d0605514ead6b7bea5fbfb4795e9d532910b6c14fe2a45d3f148603eca74cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
X-Content-Type-Options: nosniff
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private
Date: Thu, 22 Sep 2022 14:30:36 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 21469
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Powered_by_Waystar_logo_157x16px.png
www.patientnotebook.com/Content/Images/ 2 KB
3 KB 132ms
131ms Image
image/png 69.2.197.43
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.patientnotebook.com/Content/Images/Powered_by_Waystar_logo_157x16px.png

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 Clarksville, United States, ASN13649 (ASN-VINS, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

08f28510e1d19a1e8c102f3cc701cc936ab7f04229134228c50b7cb7b02a4fcc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Sep 2022 17:46:38 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Date: Thu, 22 Sep 2022 14:30:36 GMT
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Content-Length: 2523
ETag: "6371bb45f4c9d81:0"

GET
H/1.1 200
OK single-column-layout-js Show response
www.patientnotebook.com/bundles/ 378 KB
378 KB 666ms
396ms Script
text/javascript 69.2.197.43
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/bundles/single-column-layout-js?v=gNti7RlTHxDNcrQqydY72DtDifcEHOxvYiCNwcW12cI1

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 Clarksville, United States, ASN13649 (ASN-VINS, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

e72becb3e39202cdafd1a13798d9b7543e4c2f53906f5e9e0f637db90e559afd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.patientnotebook.com/chackoallergy/Enhanced/Landing/Mail/cSISFK7MFUOZ2SzmbZNlzg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Sep 2022 14:30:37 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Date: Thu, 22 Sep 2022 14:30:36 GMT
Content-Security-Policy: frame-ancestors 'self'
Vary: User-Agent
Content-Length: 386910
X-XSS-Protection: 1; mode=block
Expires: Fri, 22 Sep 2023 14:30:37 GMT

GET
H/1.1 200
OK Lato-Bold.ttf
www.patientnotebook.com/fonts/ 642 KB
642 KB 250ms
249ms Font
application/octet-stream 69.2.197.43
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/fonts/Lato-Bold.ttf

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/bundles/single-column-layout-css?v=b_zrEBreTBOAAOaFGkJUsfVdlTY748LXScZGEi144Jk1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 Clarksville, United States, ASN13649 (ASN-VINS, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

bf1b8130069b44b9148eeece35e5423bedac49777ba746615b826b8276574a7b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/bundles/single-column-layout-css?v=b_zrEBreTBOAAOaFGkJUsfVdlTY748LXScZGEi144Jk1
Origin: https://www.patientnotebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Sep 2022 17:46:39 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
X-XSS-Protection: 1; mode=block
Date: Thu, 22 Sep 2022 14:30:36 GMT
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Content-Length: 657188
ETag: "78d2f445f4c9d81:0"

GET
H/1.1 200
OK Lato-Regular.ttf
www.patientnotebook.com/fonts/ 642 KB
642 KB 127ms
127ms Font
application/octet-stream 69.2.197.43
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/fonts/Lato-Regular.ttf

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/bundles/single-column-layout-css?v=b_zrEBreTBOAAOaFGkJUsfVdlTY748LXScZGEi144Jk1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 Clarksville, United States, ASN13649 (ASN-VINS, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

6f6940be0835c3ddec9199e5fc42be4cbc61ebcfd58c623fdf719366253f1780

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/bundles/single-column-layout-css?v=b_zrEBreTBOAAOaFGkJUsfVdlTY748LXScZGEi144Jk1
Origin: https://www.patientnotebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Sep 2022 17:46:39 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
X-XSS-Protection: 1; mode=block
Date: Thu, 22 Sep 2022 14:30:36 GMT
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Content-Length: 657212
ETag: "c3dff745f4c9d81:0"

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.patientnotebook.com/fonts/ 75 KB
76 KB 261ms
260ms Font
application/font-woff2 69.2.197.43
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/bundles/single-column-layout-css?v=b_zrEBreTBOAAOaFGkJUsfVdlTY748LXScZGEi144Jk1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 Clarksville, United States, ASN13649 (ASN-VINS, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/bundles/single-column-layout-css?v=b_zrEBreTBOAAOaFGkJUsfVdlTY748LXScZGEi144Jk1
Origin: https://www.patientnotebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Sep 2022 17:46:38 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2
X-XSS-Protection: 1; mode=block
Date: Thu, 22 Sep 2022 14:30:36 GMT
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Content-Length: 77160
ETag: "a369ee45f4c9d81:0"

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.patientnotebook.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 00hvk4bwfra2wnjl5nm5mqru

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

u2075683.ct.sendgrid.net
www.patientnotebook.com
167.89.115.121
69.2.197.43
08f28510e1d19a1e8c102f3cc701cc936ab7f04229134228c50b7cb7b02a4fcc
0a5f18b19447efc8c49d573767bb8abaafab4936aa6d77d661337d8ba0108c25
2a89b04bebfc1c0aa1c3042addae6e6fbb78a95c596814916f6daf580d2b4c2b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3da0fbf985b4338702937239b8c6ba471c5ab35119975353805d77b5bf1d01c2
63d0605514ead6b7bea5fbfb4795e9d532910b6c14fe2a45d3f148603eca74cd
6f6940be0835c3ddec9199e5fc42be4cbc61ebcfd58c623fdf719366253f1780
7c367e25281add04317a3ea72f3ea3e1e830a8ef0936a6ed94f4bb399821a873
afad5a3220613928347b6fea25ad1e96968b92d737851d3034ea6aa5b9ac7d90
bf1b8130069b44b9148eeece35e5423bedac49777ba746615b826b8276574a7b
e72becb3e39202cdafd1a13798d9b7543e4c2f53906f5e9e0f637db90e559afd

www.patientnotebook.com Open in urlscan Pro 69.2.197.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

1956 kBTransfer

1958 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

www.patientnotebook.com Open in urlscan Pro
69.2.197.43 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

1956 kB
Transfer

1958 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions