www.patientnotebook.com Open in urlscan Pro
69.2.197.43 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://goo.gl/yt7ANq
Effective URL:
https://www.patientnotebook.com/hometown/payment
Submission: On November 25 via manual (November 25th 2019, 7:47:20 pm UTC) from US

Summary HTTP 45 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 45 HTTP transactions. The main IP is 69.2.197.43, located in United States and belongs to PEAK10 - Peak 10, US. The main domain is www.patientnotebook.com.
TLS certificate: Issued by Thawte EV RSA CA 2018 on January 19th 2018. Valid for: 2 years.

This is the only time www.patientnotebook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	207.238.164.140 207.238.164.140	54676 (MDC-AS01) (MDC-AS01 - Metro Data Center LLC)
27	69.2.197.43 69.2.197.43	19271 (PEAK10) (PEAK10 - Peak 10)
3	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	69.2.197.34 69.2.197.34	19271 (PEAK10) (PEAK10 - Peak 10)
2	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	2.19.39.130 2.19.39.130	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
45	8

1 2a00:1450:4001:814::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

goo.gl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.238.164.140 (United States) 2 redirects

ASN54676 (MDC-AS01 - Metro Data Center LLC, US)
PTR: www.stepuprehab.com

www.hometownurgentcare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 69.2.197.43 (United States)

ASN19271 (PEAK10 - Peak 10, US)
PTR: host43.69.2.197.zirmed.com

www.patientnotebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.2.197.34 (United States)

ASN19271 (PEAK10 - Peak 10, US)
PTR: host34.69.2.197.zirmed.com

www.zirmed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.19.160 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.39.130 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-39-130.deploy.static.akamaitechnologies.com

seal.thawte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	patientnotebook.com www.patientnotebook.com	84 KB
6	googleapis.com fonts.googleapis.com ajax.googleapis.com	101 KB
3	gstatic.com fonts.gstatic.com	36 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	thawte.com seal.thawte.com	6 KB
2	aspnetcdn.com ajax.aspnetcdn.com	8 KB
2	zirmed.com www.zirmed.com	39 KB
2	hometownurgentcare.com 2 redirects www.hometownurgentcare.com	731 B
1	goo.gl 1 redirects goo.gl	763 B
45	9

	Domain	Requested by
27	www.patientnotebook.com	www.patientnotebook.com
3	fonts.gstatic.com	www.patientnotebook.com ajax.googleapis.com
3	www.google-analytics.com	www.patientnotebook.com www.google-analytics.com
3	ajax.googleapis.com	www.patientnotebook.com
3	fonts.googleapis.com	www.patientnotebook.com
2	seal.thawte.com	www.patientnotebook.com
2	ajax.aspnetcdn.com	www.patientnotebook.com
2	www.zirmed.com	www.patientnotebook.com
2	www.hometownurgentcare.com	2 redirects
1	goo.gl	1 redirects
45	10

This site contains links to these domains. Also see Links.

Domain
sealinfo.thawte.com

Subject Issuer	Validity	Valid
www.patientnotebook.com Thawte EV RSA CA 2018	`2018-01-19` - `2020-02-23`	2 years	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
www.zirmed.com Thawte EV RSA CA 2018	`2018-05-24` - `2020-06-05`	2 years	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh
seal.thawte.com DigiCert SHA2 Extended Validation Server CA	`2018-03-21` - `2020-03-20`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.patientnotebook.com/hometown/payment
Frame ID: 03CC42A3955418F9CB69CA3BB3DB72AB
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://goo.gl/yt7ANq HTTP 302
http://www.hometownurgentcare.com/billing HTTP 301
https://www.hometownurgentcare.com/billing HTTP 301
https://www.patientnotebook.com/hometown/payment Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /moment(?:\.min)?\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

Page Statistics

45
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

8
IPs

3
Countries

294 kB
Transfer

967 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://sealinfo.thawte.com/thawtesplash?form_file=fdf/thawtesplash.fdf&dn=WWW.PATIENTNOTEBOOK.COM&lang=en

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://goo.gl/yt7ANq HTTP 302
http://www.hometownurgentcare.com/billing HTTP 301
https://www.hometownurgentcare.com/billing HTTP 301
https://www.patientnotebook.com/hometown/payment Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set payment Show response
www.patientnotebook.com/hometown/
Redirect Chain

https://goo.gl/yt7ANq
http://www.hometownurgentcare.com/billing
https://www.hometownurgentcare.com/billing
https://www.patientnotebook.com/hometown/payment

26 KB
6 KB

1394ms
535ms

Document
text/html

69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

2605d810367efc602cd3ada505098034ce48bd9c122bb5ea8fb35bdb5befb724

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.patientnotebook.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: frame-ancestors 'self'
Set-Cookie: ASP.NET_SessionId=mv4ilx0na0k1ajdha2rmfztp; path=/; secure; HttpOnly
X-AspNetMvc-Version: 5.2
X-Robots-Tag: noindex,nofollow,noarchive
X-Powered-By: ASP.NET
Date: Mon, 25 Nov 2019 19:47:01 GMT
Content-Length: 5195

Redirect headers

Date: Mon, 25 Nov 2019 19:47:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Strict-Transport-Security: max-age=31536000
Upgrade: h2,http:/1.1
Connection: Upgrade, Keep-Alive
Expires: Mon, 25 Nov 2019 20:47:01 GMT
Cache-Control: max-age=3600
X-Redirect-By: redirection
Location: https://www.patientnotebook.com/hometown/payment
Content-Length: 0
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 18 KB
1 KB 20ms
17ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,500|Open+Sans:400italic,700italic,300,400,700,600

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

07376d7b46de46e006448a897a2724407d6f8265785f0ee307f04313f2ce7f5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 25 Nov 2019 19:47:03 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 25 Nov 2019 19:47:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 25 Nov 2019 19:47:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 767 B
435 B 19ms
15ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 25 Nov 2019 19:47:03 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 25 Nov 2019 19:47:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 25 Nov 2019 19:47:03 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
33 KB 10ms
5ms Script
text/javascript 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 Nov 2019 04:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401757
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33621
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Nov 2020 04:11:06 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.9.0/ 230 KB
61 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.9.0/jquery-ui.min.js

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

29c1b666f05c3d98e4e067d1e3d9297d77a60b3c12ba54312d1bc1bacf7656fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 01:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584516
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62003
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Nov 2020 01:25:07 GMT

GET
H/1.1 200
OK WebControls.js Show response
www.zirmed.com/Static/WebControls/2.0/Javascript/ 94 KB
20 KB 747ms
224ms Script
application/javascript 69.2.197.34
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zirmed.com/Static/WebControls/2.0/Javascript/WebControls.js
Requested by: Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 69.2.197.34 , United States, ASN19271 (PEAK10 - Peak 10, US),
Reverse DNS: host34.69.2.197.zirmed.com
Software: Microsoft-IIS/8.5 /
Resource Hash: b1987de127b509113960f498fad3a903cd152c75fb3aed9a7fdcdf9168737334

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 19:47:03 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Nov 2019 04:03:21 GMT
Server: Microsoft-IIS/8.5
ETag: "804a321c7ca2d51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 20549
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK ScriptBundle Show response
www.patientnotebook.com/Content/Scripts/ 5 KB
5 KB 575ms
572ms Script
text/javascript 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Content/Scripts/ScriptBundle?v=siQ3VCCaMh063QhsVLTWyZLgSeQFJ9aQ0LTrTekd6sQ1

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

a4d4ad7f31dc4f6f52e83e25e15b7ce818370a7b6a60a55873ce0b29399352c2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Mon, 25 Nov 2019 19:47:02 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Date: Mon, 25 Nov 2019 19:47:01 GMT
Content-Security-Policy: frame-ancestors 'self'
Vary: User-Agent
Content-Length: 4686
X-XSS-Protection: 1; mode=block
Expires: Tue, 24 Nov 2020 19:47:02 GMT

GET
H/1.1 200
OK spin.min.js Show response
www.patientnotebook.com/Content/Scripts/ 4 KB
3 KB 635ms
125ms Script
application/x-javascript 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Content/Scripts/spin.min.js

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

47c173586b07dd2a42b754e22d4348a5fc2f0a110b934b242f453c97cb24bc47

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:20 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Date: Mon, 25 Nov 2019 19:47:01 GMT
ETag: "04020637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 2123
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery.validate.min.js Show response
ajax.aspnetcdn.com/ajax/jquery.validate/1.11.1/ 21 KB
6 KB 114ms
30ms Script
application/javascript 152.199.19.160
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jquery.validate/1.11.1/jquery.validate.min.js

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (lha/8D4A) /

Resource Hash

7705fee13417229d718f14947e9860d5bb2b25bd15c9f5cd834f2545c7bad0a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 19:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 6367
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:42:28 GMT
server: ECAcc (lha/8D4A)
etag: "08a7370d033d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
ajax.aspnetcdn.com/ajax/mvc/4.0/ 5 KB
2 KB 115ms
31ms Script
application/javascript 152.199.19.160
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/mvc/4.0/jquery.validate.unobtrusive.min.js

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (lha/8D0C) /

Resource Hash

8471fa78d401f16ebdcfc24fad9863f6a4c554c8d5b701fe2146b375650f8031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 19:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 1868
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:43:34 GMT
server: ECAcc (lha/8D0C)
etag: "057ca97d033d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK PublicShared.js Show response
www.patientnotebook.com/Content/Scripts/ 6 KB
2 KB 697ms
119ms Script
application/x-javascript 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Content/Scripts/PublicShared.js

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

e7cc122a95abd89af5b72cde5d79127e9663f0c3296e6e3722fee4a1e47d45da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:20 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Date: Mon, 25 Nov 2019 19:47:01 GMT
ETag: "04020637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1462
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK moment.min.js Show response
www.patientnotebook.com/Scripts/ 47 KB
15 KB 717ms
127ms Script
application/x-javascript 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Scripts/moment.min.js

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

ff882803105e7d951d1b3e096a29772eadad6f53f5fa867caa6584d1c0c6c039

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:21 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Date: Mon, 25 Nov 2019 19:47:02 GMT
ETag: "80d6b8637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 14800
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK numeral.min.js Show response
www.patientnotebook.com/Scripts/ 8 KB
3 KB 733ms
119ms Script
application/x-javascript 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Scripts/numeral.min.js

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

b3bf682c2b49f4f31d8a5ea02a8a06f344effef4f1a9c641d1311fca992b2967

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:21 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Date: Mon, 25 Nov 2019 19:47:02 GMT
ETag: "80d6b8637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 2736
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK NumericGreaterThanOrEqualToValidation.js Show response
www.patientnotebook.com/Scripts/ 1 KB
2 KB 743ms
123ms Script
application/x-javascript 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Scripts/NumericGreaterThanOrEqualToValidation.js

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

58dd1b1b3374937c0f8681e4fe8b57a1f66074c2f46e2ccc5ab971ad92233b00

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:21 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Date: Mon, 25 Nov 2019 19:47:02 GMT
ETag: "fd8ad6637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Content-Length: 1282
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK conditional-validation.js Show response
www.patientnotebook.com/Scripts/ 3 KB
1 KB 763ms
128ms Script
application/x-javascript 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Scripts/conditional-validation.js

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

89c9498b0786a22770cac7e3526f1f00c6392299d41a3e1749e07e8aefd155e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:21 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Date: Mon, 25 Nov 2019 19:47:02 GMT
ETag: "80d6b8637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 933
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/themes/smoothness/ 30 KB
6 KB 15ms
9ms Stylesheet
text/css 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/themes/smoothness/jquery-ui.css

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

21671e63016f14cf41ae8aa35d7709aecc3f9d17c08066330d6020fdfcbe1ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 Nov 2019 15:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448924
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5691
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Nov 2020 15:04:59 GMT

GET
H/1.1 200
OK WebControls.css
www.zirmed.com/Static/WebControls/2.0/CSS/ 122 KB
19 KB 744ms
224ms Stylesheet
text/css 69.2.197.34
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zirmed.com/Static/WebControls/2.0/CSS/WebControls.css
Requested by: Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 69.2.197.34 , United States, ASN19271 (PEAK10 - Peak 10, US),
Reverse DNS: host34.69.2.197.zirmed.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 2a35fd9d9a005378959b441f344b0397432d82edae5e79a45180b44ba052de77

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 19:47:03 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Nov 2019 04:03:21 GMT
Server: Microsoft-IIS/8.5
ETag: "804a321c7ca2d51:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 19083
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK unsemantic-grid-responsive-tablet.min.css
www.patientnotebook.com/Content/ 47 KB
4 KB 491ms
248ms Stylesheet
text/css 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Content/unsemantic-grid-responsive-tablet.min.css

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

f07e2bba526e90b06f649db1303703143ac6df28f904f7b6dd70ab6f8f945a53

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:20 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Date: Mon, 25 Nov 2019 19:47:01 GMT
ETag: "04020637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 3171
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Error.css
www.patientnotebook.com/Content/Styles/ 4 KB
2 KB 371ms
122ms Stylesheet
text/css 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Content/Styles/Error.css

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

ff810a04911f4683479ce3cccf3e4564ac6ba29205c7d283170990af338d9edb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:20 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Date: Mon, 25 Nov 2019 19:47:01 GMT
ETag: "04020637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1077
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK SharedStyleBundle
www.patientnotebook.com/Content/Styles/ 13 KB
13 KB 586ms
337ms Stylesheet
text/css 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Content/Styles/SharedStyleBundle?v=C9QJHd-E1iZGlxd3_B8S5XHFsdsYSZ9lUFlr7FXvSKM1

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

079dd14db463d4ab5c47a4f4cd86061131d58f11e1c933358834b1f94e8690dc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Mon, 25 Nov 2019 19:47:02 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Cache-Control: public
Date: Mon, 25 Nov 2019 19:47:01 GMT
Content-Security-Policy: frame-ancestors 'self'
Vary: User-Agent
Content-Length: 13109
X-XSS-Protection: 1; mode=block
Expires: Tue, 24 Nov 2020 19:47:02 GMT

GET
H/1.1 200
OK ECommerce.css
www.patientnotebook.com/Content/Styles/ 9 KB
2 KB 380ms
126ms Stylesheet
text/css 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Content/Styles/ECommerce.css

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

ace49694318732111d18f28ff95ee86ea34438f867135b685fe518db791c7dd5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:20 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Date: Mon, 25 Nov 2019 19:47:01 GMT
ETag: "04020637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1745
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Payment.css
www.patientnotebook.com/Content/Styles/ 14 KB
3 KB 495ms
123ms Stylesheet
text/css 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Content/Styles/Payment.css

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

8196fb201f378c0e72bd9783fb09bf79d9efc9ede9361d7d204681332a150905

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:20 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Date: Mon, 25 Nov 2019 19:47:01 GMT
ETag: "04020637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 2674
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ECommerceTheme-Blue.css
www.patientnotebook.com/Content/Styles/ 2 KB
2 KB 508ms
126ms Stylesheet
text/css 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Content/Styles/ECommerceTheme-Blue.css

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

e5c7b2606bc81a6b9664dc2d7ca52d0ccadc732ecb7f4e4bb038e3a78b09267b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:20 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Date: Mon, 25 Nov 2019 19:47:01 GMT
ETag: "16c694637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Content-Length: 1973
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 767 B
389 B 28ms
23ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&subset=latin,latin-ext

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 25 Nov 2019 19:47:03 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 25 Nov 2019 19:47:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 25 Nov 2019 19:47:03 GMT

GET
H/1.1 200
OK ECommercePayment.css
www.patientnotebook.com/Content/Styles/ 8 KB
2 KB 612ms
119ms Stylesheet
text/css 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Content/Styles/ECommercePayment.css

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

45d9989485caa2f61051bb21631c6401f52527c384b9c4e61ef3a79b756ccaf7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:20 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Date: Mon, 25 Nov 2019 19:47:01 GMT
ETag: "04020637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1655
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ChooseAPaymentMethod.css
www.patientnotebook.com/Content/Styles/ 3 KB
1 KB 619ms
123ms Stylesheet
text/css 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Content/Styles/ChooseAPaymentMethod.css

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

932516491ffb279e1354518d0cb58372467580479dbe3b690c3b06a1f6360464

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:20 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Date: Mon, 25 Nov 2019 19:47:01 GMT
ETag: "04020637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 877
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK PayStatement.js Show response
www.patientnotebook.com/Content/Scripts/ 14 KB
3 KB 924ms
240ms Script
application/x-javascript 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Content/Scripts/PayStatement.js

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

9ba0de9d82719941b1a355c6ea98d1edafcf36188ab25edef4ce97a0a1821f9d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:20 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Date: Mon, 25 Nov 2019 19:47:02 GMT
ETag: "04020637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 2637
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ChooseAPaymentMethod.js Show response
www.patientnotebook.com/Content/Scripts/ 3 KB
1 KB 815ms
119ms Script
application/x-javascript 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Content/Scripts/ChooseAPaymentMethod.js

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

962a675b40a5fdb386706bf09010492636ae7c3619fbce0a5d00e96f48a5d611

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:20 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Date: Mon, 25 Nov 2019 19:47:02 GMT
ETag: "04020637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 750
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK DateValidation.js Show response
www.patientnotebook.com/Content/Scripts/ 5 KB
1 KB 840ms
124ms Script
application/x-javascript 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Content/Scripts/DateValidation.js

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

d5cfb004b1d4d81a07278e7420f91901e5622f320a2d50e4bdf414272db2278f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:20 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Date: Mon, 25 Nov 2019 19:47:02 GMT
ETag: "04020637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 767
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK PaymentValidation.js Show response
www.patientnotebook.com/Content/Scripts/ 4 KB
1 KB 851ms
119ms Script
application/x-javascript 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Content/Scripts/PaymentValidation.js

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

e83a36f1dcb8af0c81bfcc4dbd34b8b6cfe7ee2d1c75981296d567ef829f877c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:20 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Date: Mon, 25 Nov 2019 19:47:02 GMT
ETag: "04020637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 748
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK CreditCard.js Show response
www.patientnotebook.com/Content/Scripts/ 31 KB
4 KB 865ms
122ms Script
application/x-javascript 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Content/Scripts/CreditCard.js

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

915f6ec906b881590d9c0b5e76b9ed90c770a486c97563b20ca0ed80f6abd16e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:20 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Date: Mon, 25 Nov 2019 19:47:02 GMT
ETag: "04020637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 3471
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK CreditCardPaymentValidation.js Show response
www.patientnotebook.com/Content/Scripts/ 6 KB
1 KB 888ms
126ms Script
application/x-javascript 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Content/Scripts/CreditCardPaymentValidation.js

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

059898a34d2bb55567afc022e2b984a0ab9cc10dfee9e54cbc5696612065474f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:20 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Date: Mon, 25 Nov 2019 19:47:02 GMT
ETag: "04020637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 960
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Bank.js Show response
www.patientnotebook.com/Content/Scripts/ 846 B
1 KB 936ms
119ms Script
application/x-javascript 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to

Full URL

https://www.patientnotebook.com/Content/Scripts/Bank.js

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

d4c6c517ca4fc1bf430405b3639585eda292e5ccc8a55992e5400d5db38d2476

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:20 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Date: Mon, 25 Nov 2019 19:47:02 GMT
ETag: "f6417f637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Content-Length: 846
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK getthawteseal Show response
seal.thawte.com/ 2 KB
3 KB 128ms
32ms Script
text/javascript 2.19.39.130
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://seal.thawte.com/getthawteseal?host_name=www.patientnotebook.com&size=S&lang=en
Requested by: Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.39.130 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-39-130.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 70164aa3f7d792a836e77516acba15ecbfd0c2f6d023cdbc381c821e5b603980

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 19:47:03 GMT
Cache-Control: max-age=1608
Last-Modified: Mon, 25 Nov 2019 19:14:48 GMT
Server: nginx/1.14.2
Connection: keep-alive
Content-Length: 2484
Content-Type: text/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4407
date: Mon, 25 Nov 2019 18:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 25 Nov 2019 20:33:37 GMT

GET
H/1.1 200
OK p4.png
www.patientnotebook.com/Content/Images/ 137 B
597 B 122ms
121ms Image
image/png 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.patientnotebook.com/Content/Images/p4.png

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

a5a67620873566d112b18a5cbdf0dfd2515b4901adfc75f8b08c55c5f1983972

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/Content/Styles/ECommerce.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:20 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Date: Mon, 25 Nov 2019 19:47:02 GMT
ETag: "c2e63637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Content-Length: 137
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ViewLogo
www.patientnotebook.com/hometown/ECommerceLanding/ 0
614 B 130ms
130ms Image
text/html 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.patientnotebook.com/hometown/ECommerceLanding/ViewLogo

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

Microsoft-IIS/7.5 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
X-Powered-By: ASP.NET
Content-Length: 0
X-XSS-Protection: 1; mode=block
X-AspNetMvc-Version: 5.2
Last-Modified: Mon, 25 Nov 2019 19:40:35 GMT
Server: Microsoft-IIS/7.5
X-Frame-Options: SAMEORIGIN
Date: Mon, 25 Nov 2019 19:47:02 GMT
Vary: *
Content-Type: text/html
Cache-Control: public, max-age=211
Content-Security-Policy: frame-ancestors 'self'
X-Robots-Tag: noindex,nofollow,noarchive
Expires: Mon, 25 Nov 2019 19:50:35 GMT

GET
H/1.1 200
OK phone-14.png
www.patientnotebook.com/Content/Images/ 1 KB
2 KB 126ms
126ms Image
image/png 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.patientnotebook.com/Content/Images/phone-14.png

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

4034b0ddd5b14a70e1a1ea071ce2504c595e9bd24f26a38345ce45b9a0cd805c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/Content/Styles/ECommerce.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:20 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Date: Mon, 25 Nov 2019 19:47:02 GMT
ETag: "c3db64637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Content-Length: 1117
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK shadow-lg.png
www.patientnotebook.com/Content/Images/ 2 KB
2 KB 123ms
123ms Image
image/png 69.2.197.43
Peak 10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.patientnotebook.com/Content/Images/shadow-lg.png

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

69.2.197.43 , United States, ASN19271 (PEAK10 - Peak 10, US),

Reverse DNS

host43.69.2.197.zirmed.com

Software

/ ASP.NET

Resource Hash

c667a5a9976b47eb31e95957d02c74aaf91c1b292714debec2e55b17ad666f77

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.patientnotebook.com/Content/Styles/ECommerce.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Sun, 24 Nov 2019 04:05:20 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Date: Mon, 25 Nov 2019 19:47:02 GMT
ETag: "405e68637ca2d51:0"
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes
Content-Length: 1625
X-XSS-Protection: 1; mode=block

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato
Origin: https://www.patientnotebook.com

Response headers

date: Thu, 21 Nov 2019 15:18:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 361733
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14044
x-xss-protection: 0
expires: Fri, 20 Nov 2020 15:18:11 GMT

GET
H/1.1 200
OK getthawteseal
seal.thawte.com/ 3 KB
3 KB 32ms
32ms Image
image/gif 2.19.39.130
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seal.thawte.com/getthawteseal?at=0&sealid=2&dn=WWW.PATIENTNOTEBOOK.COM&lang=en&gmtoff=-60
Requested by: Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.39.130 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-39-130.deploy.static.akamaitechnologies.com
Software: nginx/1.14.0 /
Resource Hash: 76c1cabf47302cad3461b3f59663527761caa347ddaec8f822042c883a762ff9

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 19:47:04 GMT
Cache-Control: max-age=1729
Last-Modified: Mon, 25 Nov 2019 19:15:53 GMT
Server: nginx/1.14.0
Connection: keep-alive
Content-Length: 3087
Content-Type: image/gif

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Ubuntu:400,500|Open+Sans:400italic,700italic,300,400,700,600
Origin: https://www.patientnotebook.com

Response headers

date: Thu, 21 Nov 2019 17:13:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 354817
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Fri, 20 Nov 2020 17:13:27 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v14/ 13 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v14/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Ubuntu:400,500|Open+Sans:400italic,700italic,300,400,700,600
Origin: https://www.patientnotebook.com

Response headers

date: Tue, 19 Nov 2019 01:25:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:17:45 GMT
server: sffe
age: 584502
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13720
x-xss-protection: 0
expires: Wed, 18 Nov 2020 01:25:22 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1018 B 8ms
7ms Script
text/javascript 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 19:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 716
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Mon, 25 Nov 2019 20:35:08 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 15ms
15ms Image
image/gif 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1671790522&t=pageview&_s=1&dl=https%3A%2F%2Fwww.patientnotebook.com%2Fhometown%2Fpayment&ul=en-us&de=UTF-8&dt=Patient%20Notebook&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEAj~&jid=2110308186&gjid=1404390299&cid=61357977.1574711224&tid=UA-31291162-1&_gid=1033795127.1574711224&_r=1&z=918030996

Requested by

Host: www.patientnotebook.com
URL: https://www.patientnotebook.com/hometown/payment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.patientnotebook.com/hometown/payment
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Nov 2019 19:47:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

239 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.patientnotebook.com/	1970-01-19 05:25:11	Name: _gat Value: 1
.patientnotebook.com/	1970-01-19 05:26:37	Name: _gid Value: GA1.2.1033795127.1574711224
.patientnotebook.com/	1970-01-19 22:56:23	Name: _ga Value: GA1.2.61357977.1574711224

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
goo.gl
seal.thawte.com
www.google-analytics.com
www.hometownurgentcare.com
www.patientnotebook.com
www.zirmed.com
152.199.19.160
2.19.39.130
207.238.164.140
2a00:1450:4001:809::2003
2a00:1450:4001:814::200e
2a00:1450:4001:816::200a
2a00:1450:4001:81b::200e
2a00:1450:4001:820::200a
69.2.197.34
69.2.197.43
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
059898a34d2bb55567afc022e2b984a0ab9cc10dfee9e54cbc5696612065474f
07376d7b46de46e006448a897a2724407d6f8265785f0ee307f04313f2ce7f5c
079dd14db463d4ab5c47a4f4cd86061131d58f11e1c933358834b1f94e8690dc
21671e63016f14cf41ae8aa35d7709aecc3f9d17c08066330d6020fdfcbe1ae0
2605d810367efc602cd3ada505098034ce48bd9c122bb5ea8fb35bdb5befb724
29c1b666f05c3d98e4e067d1e3d9297d77a60b3c12ba54312d1bc1bacf7656fe
2a35fd9d9a005378959b441f344b0397432d82edae5e79a45180b44ba052de77
4034b0ddd5b14a70e1a1ea071ce2504c595e9bd24f26a38345ce45b9a0cd805c
45d9989485caa2f61051bb21631c6401f52527c384b9c4e61ef3a79b756ccaf7
47c173586b07dd2a42b754e22d4348a5fc2f0a110b934b242f453c97cb24bc47
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
58dd1b1b3374937c0f8681e4fe8b57a1f66074c2f46e2ccc5ab971ad92233b00
70164aa3f7d792a836e77516acba15ecbfd0c2f6d023cdbc381c821e5b603980
76c1cabf47302cad3461b3f59663527761caa347ddaec8f822042c883a762ff9
7705fee13417229d718f14947e9860d5bb2b25bd15c9f5cd834f2545c7bad0a6
8196fb201f378c0e72bd9783fb09bf79d9efc9ede9361d7d204681332a150905
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8471fa78d401f16ebdcfc24fad9863f6a4c554c8d5b701fe2146b375650f8031
89c9498b0786a22770cac7e3526f1f00c6392299d41a3e1749e07e8aefd155e0
915f6ec906b881590d9c0b5e76b9ed90c770a486c97563b20ca0ed80f6abd16e
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
932516491ffb279e1354518d0cb58372467580479dbe3b690c3b06a1f6360464
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
962a675b40a5fdb386706bf09010492636ae7c3619fbce0a5d00e96f48a5d611
9ba0de9d82719941b1a355c6ea98d1edafcf36188ab25edef4ce97a0a1821f9d
a4d4ad7f31dc4f6f52e83e25e15b7ce818370a7b6a60a55873ce0b29399352c2
a5a67620873566d112b18a5cbdf0dfd2515b4901adfc75f8b08c55c5f1983972
ace49694318732111d18f28ff95ee86ea34438f867135b685fe518db791c7dd5
b1987de127b509113960f498fad3a903cd152c75fb3aed9a7fdcdf9168737334
b3bf682c2b49f4f31d8a5ea02a8a06f344effef4f1a9c641d1311fca992b2967
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
c667a5a9976b47eb31e95957d02c74aaf91c1b292714debec2e55b17ad666f77
d4c6c517ca4fc1bf430405b3639585eda292e5ccc8a55992e5400d5db38d2476
d5cfb004b1d4d81a07278e7420f91901e5622f320a2d50e4bdf414272db2278f
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c7b2606bc81a6b9664dc2d7ca52d0ccadc732ecb7f4e4bb038e3a78b09267b
e7cc122a95abd89af5b72cde5d79127e9663f0c3296e6e3722fee4a1e47d45da
e83a36f1dcb8af0c81bfcc4dbd34b8b6cfe7ee2d1c75981296d567ef829f877c
f07e2bba526e90b06f649db1303703143ac6df28f904f7b6dd70ab6f8f945a53
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
ff810a04911f4683479ce3cccf3e4564ac6ba29205c7d283170990af338d9edb
ff882803105e7d951d1b3e096a29772eadad6f53f5fa867caa6584d1c0c6c039

www.patientnotebook.com Open in urlscan Pro 69.2.197.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

50 %IPv6

9 Domains

10 Subdomains

8 IPs

3 Countries

294 kBTransfer

967 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.patientnotebook.com Open in urlscan Pro
69.2.197.43 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

8
IPs

3
Countries

294 kB
Transfer

967 kB
Size

3
Cookies

45 HTTP transactions
0 data transactions