northsideportal.ehr.com
Open in
urlscan Pro
20.75.107.49
Public Scan
Effective URL: https://northsideportal.ehr.com/default.ashx?classname=idplogin&target=SelfService-Portal
Submission: On February 15 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on November 14th 2022. Valid for: a year.
This is the only time northsideportal.ehr.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 3 | 158.82.144.42 158.82.144.42 | 40196 (WILLISNOR...) (WILLISNORTHAMERICA) | |
9 | 20.75.107.49 20.75.107.49 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
12 | 3 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
northsideportal.ehr.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
ehr.com
2 redirects
hrportal.ehr.com — Cisco Umbrella Rank: 91045 northsideportal.ehr.com |
503 KB |
12 | 1 |
Domain | Requested by | |
---|---|---|
9 | northsideportal.ehr.com |
northsideportal.ehr.com
|
3 | hrportal.ehr.com | 2 redirects |
12 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
hrportal.ehr.com GlobalSign RSA OV SSL CA 2018 |
2022-11-07 - 2023-12-09 |
a year | crt.sh |
northsideportal.ehr.com GlobalSign RSA OV SSL CA 2018 |
2022-11-14 - 2023-12-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://northsideportal.ehr.com/default.ashx?classname=idplogin&target=SelfService-Portal
Frame ID: 987E419B1C27CA41E610DF2158616793
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
Northside HospitalPage URL History Show full URLs
-
https://hrportal.ehr.com/northside-hospital
HTTP 302
https://hrportal.ehr.com/northside-hospital/qa3?returnurl=%2fnorthside-hospital HTTP 302
https://hrportal.ehr.com/northside-hospital/desktopmodules/portal/api/saml/sendauthnrequest/?target=S... Page URL
- https://northsideportal.ehr.com/default.ashx?classname=idplogin&target=SelfService-Portal Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://hrportal.ehr.com/northside-hospital
HTTP 302
https://hrportal.ehr.com/northside-hospital/qa3?returnurl=%2fnorthside-hospital HTTP 302
https://hrportal.ehr.com/northside-hospital/desktopmodules/portal/api/saml/sendauthnrequest/?target=SelfService-Portal&relaystate=&rnd=270447861063503 Page URL
- https://northsideportal.ehr.com/default.ashx?classname=idplogin&target=SelfService-Portal Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://hrportal.ehr.com/northside-hospital HTTP 302
- https://hrportal.ehr.com/northside-hospital/qa3?returnurl=%2fnorthside-hospital HTTP 302
- https://hrportal.ehr.com/northside-hospital/desktopmodules/portal/api/saml/sendauthnrequest/?target=SelfService-Portal&relaystate=&rnd=270447861063503
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
hrportal.ehr.com/northside-hospital/desktopmodules/portal/api/saml/sendauthnrequest/ Redirect Chain
|
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Primary Request
default.ashx
northsideportal.ehr.com/ |
4 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1140.css
northsideportal.ehr.com/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.ashx
northsideportal.ehr.com/ |
12 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
password-meter.css
northsideportal.ehr.com/styles/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
respond.min.js
northsideportal.ehr.com/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
northsideportal.ehr.com/Base/Script/ |
105 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
password_strength_plugin.js
northsideportal.ehr.com/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
medianew.css
northsideportal.ehr.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.ashx
northsideportal.ehr.com/ |
436 KB 437 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.ashx
northsideportal.ehr.com/ |
131 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.ashx
northsideportal.ehr.com/ |
248 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- northsideportal.ehr.com
- URL
- https://northsideportal.ehr.com/css/1140.css
- Domain
- northsideportal.ehr.com
- URL
- https://northsideportal.ehr.com/medianew.css
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
hrportal.ehr.com/ | Name: dnn_IsMobile Value: False |
|
hrportal.ehr.com/ | Name: language Value: en-US |
|
hrportal.ehr.com/ | Name: Analytics_VisitorId Value: c3f5c7c6-1e34-4ef6-9e49-12360f7cea80 |
|
hrportal.ehr.com/ | Name: f5-cookie Value: !WNvtdo5Q+FWaw6RRj9+ylgEfX4CmCQUa5eszgdIXT0KQpc9EkN95BK1mVPeqF2mx9Q24uYs8E/EzXMY= |
|
hrportal.ehr.com/ | Name: Analytics Value: SessionId=e906956c-36a1-4032-8ddd-6502e43723de&TabId=20367&ContentItemId=-1 |
|
hrportal.ehr.com/ | Name: ASP.NET_SessionId Value: n25g2gj2pz5u1j0scpfki1mr |
|
hrportal.ehr.com/ | Name: authentication Value: HRT.Portal.DNNModules.HRPortalAuth |
|
northsideportal.ehr.com/ | Name: ApplicationGatewayAffinityCORS Value: 9695aa08aeef9c6d3c056d17ebd6bea9 |
|
northsideportal.ehr.com/ | Name: ApplicationGatewayAffinity Value: 9695aa08aeef9c6d3c056d17ebd6bea9 |
|
northsideportal.ehr.com/ | Name: NHTCSApp Value: %ccB%8f%8aqj%24I%dc%7bLF%e4_%cd%04%d4%98N%e2%de%d9%f25%9fa%9ef%b0n%18!w%14%60%ec%81U%7e%b2%ca%85%04%c1%1f%09%b1%ab |
|
northsideportal.ehr.com/ | Name: NHTCSSessionHistory_Insert Value: False |
|
northsideportal.ehr.com/ | Name: NHTCSSessionHistory_Key Value: fd1462ce-fa1b-41ef-a980-844bb907d05a |
|
northsideportal.ehr.com/ | Name: NHTCSSessionHistory_Id Value: 6100837 |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' https: https://ajax.googleapis.com https://cdn.jsdelivr.net https://kendo.cdn.telerik.com https://dnnapi.com https://cdnjs.cloudflare.com; font-src * data:; connect-src 'self' https: https://wtwdevcbot-bot.azurewebsites.net wss://directline.botframework.com; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' blob:; style-src * 'unsafe-inline' 'unsafe-eval' blob:; media-src 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: 'unsafe-inline' 'unsafe-eval' data: blob: |
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
hrportal.ehr.com
northsideportal.ehr.com
northsideportal.ehr.com
158.82.144.42
20.75.107.49
17bfe29fa5eb57ecdb7b7c79d990786543cb2f346da71141477665355cfe6026
210ec56305187d6370bf0734e1c8a78e698234867e436a9ecf30fbdf7498b5f0
82e1313baf620e0835a936c28299a8a19dca9646629cc7fc0b180c1be4f36789
95d1f20a3765b9295110a94ee0b53a6ce9ab8a1925ef011324e4552478e88968
c2e0a5965dac1f684aef3813f430d198cff37975965b6e143dbd2fed6359ee40
ebf22112a34691501e8ebc0d0b6163cfe5fe31a6a2b3171510777a5b6dfea07a
edd1aa0edc928a7a3eebf7cd9f63b8034ec0af5aa7a033584b658efff160e9c4
f4b02e6daf1163c6e406cbdea1d521a8cee283dab3a38fd9ac41200c4c6dcf3f