indexo.dev

onpatient.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-14 · ok HTTP/1.1 200 3659 ms crawled 2026-05-07

US · 188.114.97.3 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
OnPatient Patient Portal - DrChrono Personal Health Record
Description
Easily access your personal health records anywhere with DrChrono's patient portal, onpatient. View your electronic medical records via web or download our onpatient app. onpatient Patient Portal connects patients through simple appointment scheduling and opens up complete access access to all your patient electronic medical records and more anytime, anywhere. Available for iPhone or iPad on the App Store
Language
en-US

Technology

CDN
Cloudflare

Third-party hosts loaded (5)

  • js.api.here.com×5
  • code.jquery.com×4
  • maxcdn.bootstrapcdn.com×1
  • web.squarecdn.com×1
  • www.google.com×1

Registration

Registrar
MarkMonitor Inc.
Created
2011-06-18
Expires
2027-06-18 394 days left
Updated
2025-10-13
Name servers
  • dom.ns.cloudflare.com
  • jo.ns.cloudflare.com

DNS records live

NS
  • dom.ns.cloudflare.com
  • jo.ns.cloudflare.com
MX
  • 100 mailstore1.secureserver.net
  • 200 smtp.secureserver.net
TXT
  • 1tpv1vyc3jxr4w9kw64v44d5bk2dtvgy

Email authentication strong

SPF
v=spf1 ip4:50.57.106.214 ip4:198.61.233.75 -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:ops-team+dmarc-rua@drchrono.com; ruf=mailto:ops-team+dmarc-ruf@drchrono.com
policy: quarantine
DKIM
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr62Nqacv1BvGk1k7lgTn4nFPcWqDIzNLbBkXO3wGNFPebDM/kZQz+1c3H9LG/iirqvTaBmRsGQj7BYCkhR…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+1zimOwvSCDHjd7vQaV8kmiPRCyZ3S4zJOgIprh4hZlZ6tHNElpJk3K9e5E5LKd9dk4jGB7BqDH82atkE…
selectors probed

Certificate (current)

WE1
from 2026-03-26 to 2026-06-24
Expires in 36 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://onpatient.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(), gyroscope=()
x-content-type-options
nosniff
content-security-policy
default-src 'self' https: data: wss: blob: 'unsafe-inline' 'unsafe-eval'; report-uri https://sentry.stg.drchrono.dev/api/3/security/?sentry_key=214b3d414c5b49fda88012161318b1d1&sentry_environment=headers
strict-transport-security
max-age=31536000; includeSubDomains

Links to (1)

Linked from (4)