patient.statement.services Open in urlscan Pro
52.205.194.189 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://patient.statement.services/
Effective URL:
https://patient.statement.services/medical_landing
Submission: On August 31 via manual (August 31st 2020, 2:18:45 pm UTC) from US

Summary HTTP 12 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 52.205.194.189, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is patient.statement.services.
TLS certificate: Issued by Amazon on August 22nd 2020. Valid for: a year.

This is the only time patient.statement.services was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 9	52.205.194.189 52.205.194.189		14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:821::200a		15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003		15169 (GOOGLE) (GOOGLE)
12	3

9 52.205.194.189 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-194-189.compute-1.amazonaws.com

patient.statement.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	statement.services 1 redirects patient.statement.services	2 MB
2	gstatic.com fonts.gstatic.com	28 KB
2	googleapis.com fonts.googleapis.com	1 KB
12	3

	Domain	Requested by
9	patient.statement.services	1 redirects patient.statement.services
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	patient.statement.services
12	3

This site contains links to these domains. Also see Links.

Domain
www.r1rcm.com

Subject Issuer	Validity	Valid
*.statement.services Amazon	`2020-08-22` - `2021-09-22`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://patient.statement.services/medical_landing
Frame ID: EE281B6DD9E04428805D98E7F932F862
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://patient.statement.services/ HTTP 302
https://patient.statement.services/medical_landing Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Amazon EC2 (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /\(Amazon\)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers server /\(Amazon\)/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2019 kB
Transfer

2019 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.r1rcm.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://patient.statement.services/ HTTP 302
https://patient.statement.services/medical_landing Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request medical_landing Show response
patient.statement.services/
Redirect Chain

https://patient.statement.services/
https://patient.statement.services/medical_landing

11 KB
12 KB

135ms
135ms

Document
text/html

52.205.194.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://patient.statement.services/medical_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.194.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-194-189.compute-1.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.31 / PHP/7.2.31
Resource Hash: 0e8b1ba7ae58ff4870fc53f139f15fa33b178804ab3ee3e9710335ab14e9dea7

Request headers

:method: GET
:authority: patient.statement.services
:scheme: https
:path: /medical_landing
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: AWSALB=ocA3IZdgfKyYaq1XMynxf/7cIlEP0qBH2ychC6L2evu9Wv0XhFOn+WgK4oAWzyED4ytwPqMPiPhq/PzRYaq5PVWYgx4XaadsBJ1NaYW+aH3KkRiPkg9z0GM08rWa; AWSALBCORS=ocA3IZdgfKyYaq1XMynxf/7cIlEP0qBH2ychC6L2evu9Wv0XhFOn+WgK4oAWzyED4ytwPqMPiPhq/PzRYaq5PVWYgx4XaadsBJ1NaYW+aH3KkRiPkg9z0GM08rWa
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 31 Aug 2020 14:18:27 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=5OuRnecRmVzTWFK3GclRr2L3jZluURuMTER4r0Z6AreRnKQiBNv8lNruPvg2MlltstjGLmVcSDDrDjq3NJT8ikF3ZZjqUDtI9/3vHGC8o6g7JC0WhvY9Q9YtAf9U; Expires=Mon, 07 Sep 2020 14:18:27 GMT; Path=/ AWSALBCORS=5OuRnecRmVzTWFK3GclRr2L3jZluURuMTER4r0Z6AreRnKQiBNv8lNruPvg2MlltstjGLmVcSDDrDjq3NJT8ikF3ZZjqUDtI9/3vHGC8o6g7JC0WhvY9Q9YtAf9U; Expires=Mon, 07 Sep 2020 14:18:27 GMT; Path=/; SameSite=None; Secure PHPSESSID=jp6c94onrp1ohfdl5489sb4gh9; path=/; HttpOnly
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.31
x-powered-by: PHP/7.2.31
cache-control: max-age=0, must-revalidate, private

Redirect headers

status: 302
date: Mon, 31 Aug 2020 14:18:27 GMT
content-type: text/html; charset=UTF-8
content-length: 308
set-cookie: AWSALB=ocA3IZdgfKyYaq1XMynxf/7cIlEP0qBH2ychC6L2evu9Wv0XhFOn+WgK4oAWzyED4ytwPqMPiPhq/PzRYaq5PVWYgx4XaadsBJ1NaYW+aH3KkRiPkg9z0GM08rWa; Expires=Mon, 07 Sep 2020 14:18:20 GMT; Path=/ AWSALBCORS=ocA3IZdgfKyYaq1XMynxf/7cIlEP0qBH2ychC6L2evu9Wv0XhFOn+WgK4oAWzyED4ytwPqMPiPhq/PzRYaq5PVWYgx4XaadsBJ1NaYW+aH3KkRiPkg9z0GM08rWa; Expires=Mon, 07 Sep 2020 14:18:20 GMT; Path=/; SameSite=None; Secure
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.31
x-powered-by: PHP/7.2.31
cache-control: max-age=0, must-revalidate, private
location: /medical_landing

GET
H2 200 css
fonts.googleapis.com/ 8 KB
802 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,100,100italic,300,300italic,400italic,700,700italic,900,900italic

Requested by

Host: patient.statement.services
URL: https://patient.statement.services/medical_landing

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://patient.statement.services/medical_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 14:09:05 GMT
server: ESF
date: Mon, 31 Aug 2020 14:18:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Aug 2020 14:18:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
521 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Anton

Requested by

Host: patient.statement.services
URL: https://patient.statement.services/medical_landing

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f19523dc77124adcb1ac8bfbc7eb0fa180e9d0d95df19a7a714bb3b69089c1a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://patient.statement.services/medical_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 14:18:27 GMT
server: ESF
date: Mon, 31 Aug 2020 14:18:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Aug 2020 14:18:27 GMT

GET
H2 200 74e629c.css
patient.statement.services/css/ 530 KB
531 KB 127ms
125ms Stylesheet
text/css 52.205.194.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://patient.statement.services/css/74e629c.css
Requested by: Host: patient.statement.services
URL: https://patient.statement.services/medical_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.194.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-194-189.compute-1.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.31 / PHP/7.2.31
Resource Hash: 7793a34efb4b5ab5ed33141d33691ccd4007421421a43a958bc551cf05972e61

Request headers

Referer: https://patient.statement.services/medical_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 14:18:27 GMT
last-modified: Thu, 20 Aug 2020 19:18:48 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.31
x-powered-by: PHP/7.2.31
etag: "16a66c5839a6805913da604fe8f45ac6"
content-type: text/css; charset=UTF-8
status: 200
cache-control: private, must-revalidate
expires: Mon, 31 Aug 2020 14:18:27 GMT

GET
H2 200 acf71c9.css
patient.statement.services/css/ 175 KB
176 KB 915ms
914ms Stylesheet
text/css 52.205.194.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://patient.statement.services/css/acf71c9.css
Requested by: Host: patient.statement.services
URL: https://patient.statement.services/medical_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.194.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-194-189.compute-1.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.31 / PHP/7.2.31
Resource Hash: 03159d600c570ce1ec5efd6f71933f688ddcb3daaa3bfbec64acbf8dfabf5f51

Request headers

Referer: https://patient.statement.services/medical_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 14:18:28 GMT
last-modified: Thu, 20 Aug 2020 19:18:48 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.31
x-powered-by: PHP/7.2.31
etag: "207a2048c086be0ea67689139e206a92"
content-type: text/css; charset=UTF-8
status: 200
cache-control: private, must-revalidate
expires: Mon, 31 Aug 2020 14:18:28 GMT

GET
H2 200 0e6e683.js Show response
patient.statement.services/js/ 775 KB
777 KB 319ms
319ms Script
application/javascript 52.205.194.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://patient.statement.services/js/0e6e683.js
Requested by: Host: patient.statement.services
URL: https://patient.statement.services/medical_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.194.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-194-189.compute-1.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.31 / PHP/7.2.31
Resource Hash: a1b59ce4fe43918982a07d3aa4f6c9ce421397986222c4965d8738e022fdbac9

Request headers

Referer: https://patient.statement.services/medical_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 14:18:27 GMT
last-modified: Thu, 20 Aug 2020 19:18:49 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.31
x-powered-by: PHP/7.2.31
etag: "5da35e5b809a74d422a0047eb044f74c"
content-type: application/javascript
status: 200
cache-control: private, must-revalidate
expires: Mon, 31 Aug 2020 14:18:27 GMT

GET
H2 200 facility_help1.png
patient.statement.services/bundles/hcintermedix/assets/img/ 230 KB
231 KB 653ms
652ms Image
image/png 52.205.194.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patient.statement.services/bundles/hcintermedix/assets/img/facility_help1.png
Requested by: Host: patient.statement.services
URL: https://patient.statement.services/medical_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.194.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-194-189.compute-1.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.31 /
Resource Hash: 12885b8d02160642cb0c11d99eb881044dbe16a6429089a9a440aabc84308f30

Request headers

Referer: https://patient.statement.services/medical_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 14:18:29 GMT
last-modified: Thu, 20 Aug 2020 19:18:44 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.31
etag: "3981a-5ad53fd1e034c"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 235546

GET
H2 200 facility_help2.png
patient.statement.services/bundles/hcintermedix/assets/img/ 237 KB
238 KB 267ms
266ms Image
image/png 52.205.194.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patient.statement.services/bundles/hcintermedix/assets/img/facility_help2.png
Requested by: Host: patient.statement.services
URL: https://patient.statement.services/medical_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.194.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-194-189.compute-1.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.31 /
Resource Hash: b0960f845cf1e739023ea4d8d9c113dd5dd72c59a3df351feece54e05f74de5e

Request headers

Referer: https://patient.statement.services/medical_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 14:18:29 GMT
last-modified: Thu, 20 Aug 2020 19:18:43 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.31
etag: "3b320-5ad53fd1d47cc"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 242464

GET
H2 200 75a0a68.js Show response
patient.statement.services/js/ 24 KB
25 KB 117ms
117ms Script
application/javascript 52.205.194.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://patient.statement.services/js/75a0a68.js
Requested by: Host: patient.statement.services
URL: https://patient.statement.services/medical_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.194.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-194-189.compute-1.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.31 / PHP/7.2.31
Resource Hash: 2f34979b85042a78dd1963171267788505c1e1689f90c6c6f1e904b6cb8b97bc

Request headers

Referer: https://patient.statement.services/medical_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 14:18:28 GMT
last-modified: Thu, 20 Aug 2020 19:18:46 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.31
x-powered-by: PHP/7.2.31
etag: "bfe814ee0defeeb92ebac8a52c086e4d"
content-type: application/javascript
status: 200
cache-control: private, must-revalidate
expires: Mon, 31 Aug 2020 14:18:28 GMT

GET
H2 200 0f94a87.js Show response
patient.statement.services/js/ 460 B
1 KB 170ms
170ms Script
application/javascript 52.205.194.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://patient.statement.services/js/0f94a87.js
Requested by: Host: patient.statement.services
URL: https://patient.statement.services/medical_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.194.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-194-189.compute-1.amazonaws.com
Software: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.31 / PHP/7.2.31
Resource Hash: 58615530dae8594675467b4c8a631b9f1dc7e3e7e87b19479d9dcdbe0d064d8a

Request headers

Referer: https://patient.statement.services/medical_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 14:18:28 GMT
last-modified: Thu, 20 Aug 2020 19:18:44 GMT
server: Apache/2.4.43 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.31
x-powered-by: PHP/7.2.31
etag: "834616d0cf86f97b721c81849b338ab2"
content-type: application/javascript
status: 200
cache-control: private, must-revalidate
content-length: 460
expires: Mon, 31 Aug 2020 14:18:28 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,100,100italic,300,300italic,400italic,700,700italic,900,900italic

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://patient.statement.services
Referer: https://fonts.googleapis.com/css?family=Lato:400,100,100italic,300,300italic,400italic,700,700italic,900,900italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 11:04:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 11662
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Tue, 31 Aug 2021 11:04:06 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,100,100italic,300,300italic,400italic,700,700italic,900,900italic

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://patient.statement.services
Referer: https://fonts.googleapis.com/css?family=Lato:400,100,100italic,300,300italic,400italic,700,700italic,900,900italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 11:04:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 11666
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Tue, 31 Aug 2021 11:04:02 GMT

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery function| Tether object| jQuery1124034296205821007786 function| Cookies function| showSpinner function| hideSpinner function| hcAddPopup function| hcPopupContent function| makeContentMinHeight function| HCmakeSymfonyUrl function| __addScriptToHeader function| logJsError function| logJsErrorCritical function| validateEmail function| checkEmail function| convertJSONToCSV function| detectIE function| detectSafari function| hcDetectBrowserVersion function| resizeSidebarEvent function| sidebarToggleEvents function| showSmallSidebar function| showBigSidebar function| SidebarMenuProcess function| messageError function| messageWarning function| messageInfo function| messageSuccess function| HCaddMessage function| messageScrollTo function| messageAddCloseButton function| messageAddGroupWrapper function| messageAddItemWrapper function| messageClearWrapper object| hcEvents number| bodyWidth

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			patient.statement.services/	1970-01-19 12:18:08	Name: AWSALBCORS Value: eFVD8H1tdy4PVTLZOonEBRl5A+8tnxCsfPRJyEFYnbkcNDzgaSQHeZRJS8JoYTIwHlucV0dWp2oRPzYELEgaeF5oKiRyCPFfrDhK3UXjp7XolNSi5+HoUR9jaYow
			patient.statement.services/	1970-01-19 12:18:08	Name: AWSALB Value: eFVD8H1tdy4PVTLZOonEBRl5A+8tnxCsfPRJyEFYnbkcNDzgaSQHeZRJS8JoYTIwHlucV0dWp2oRPzYELEgaeF5oKiRyCPFfrDhK3UXjp7XolNSi5+HoUR9jaYow
			patient.statement.services/	1969-12-31 23:59:59	Name: PHPSESSID Value: jp6c94onrp1ohfdl5489sb4gh9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
patient.statement.services
2a00:1450:4001:808::2003
2a00:1450:4001:821::200a
52.205.194.189
03159d600c570ce1ec5efd6f71933f688ddcb3daaa3bfbec64acbf8dfabf5f51
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0e8b1ba7ae58ff4870fc53f139f15fa33b178804ab3ee3e9710335ab14e9dea7
12885b8d02160642cb0c11d99eb881044dbe16a6429089a9a440aabc84308f30
2f34979b85042a78dd1963171267788505c1e1689f90c6c6f1e904b6cb8b97bc
58615530dae8594675467b4c8a631b9f1dc7e3e7e87b19479d9dcdbe0d064d8a
7793a34efb4b5ab5ed33141d33691ccd4007421421a43a958bc551cf05972e61
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a1b59ce4fe43918982a07d3aa4f6c9ce421397986222c4965d8738e022fdbac9
b0960f845cf1e739023ea4d8d9c113dd5dd72c59a3df351feece54e05f74de5e
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
f19523dc77124adcb1ac8bfbc7eb0fa180e9d0d95df19a7a714bb3b69089c1a2