urlscan.io logo urlscan.io
SecurityTrails logo

isportal.valleyhealth.com Open in urlscan Pro
208.85.100.236  Public Scan

Go To Rescan Add Verdict Report
URL: https://isportal.valleyhealth.com/CherwellAPI/Account/Login
Submission: On June 01 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 208.85.100.236, located in Wallington, United States and belongs to SVH-TVH-AS1, US. The main domain is isportal.valleyhealth.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on March 23rd 2023. Valid for: a year.
This is the only time isportal.valleyhealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 208.85.100.236 14070 (SVH-TVH-AS1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 3
Apex Domain
Subdomains		 Transfer
4 valleyhealth.com
isportal.valleyhealth.com
23 KB
1 gstatic.com
fonts.gstatic.com
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 66
1006 B
6 3
Domain Requested by
4 isportal.valleyhealth.com isportal.valleyhealth.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com isportal.valleyhealth.com
6 3

This site contains links to these domains. Also see Links.

Domain
cherwellsupport.com
Subject Issuer Validity Valid
*.valleyhealth.com
Sectigo RSA Organization Validation Secure Server CA		 2023-03-23 -
2024-03-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://isportal.valleyhealth.com/CherwellAPI/Account/Login
Frame ID: E14D76B1348D1A2084450FB8C2E00E50
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login -

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

6
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

37 kB
Transfer

40 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login
isportal.valleyhealth.com/CherwellAPI/Account/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://isportal.valleyhealth.com/CherwellAPI/Account/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.85.100.236 Wallington, United States, ASN14070 (SVH-TVH-AS1, US),
Reverse DNS
isportal.ns.valleyhealth.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1906c87bae79b756b4e86dcd2e463fd11eae37a1bfa565985799909dbc411ef
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload max-age=157680000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE
Cache-Control
private
Content-Encoding
gzip
Content-Length
1724
Content-Type
text/html; charset=utf-8
Date
Thu, 01 Jun 2023 03:00:05 GMT
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=0; includeSubDomains; preload max-age=157680000; includeSubDomains
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Frame-Options
SAMEORIGIN
X-Powered-By
ASP.NET
css
fonts.googleapis.com/ 		2 KB
1006 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro
Requested by
Host: isportal.valleyhealth.com
URL: https://isportal.valleyhealth.com/CherwellAPI/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b15fca8e3ebb7860833e3ea31ee844fd7f5b392b25f8cddb8c10bca6b32cf5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://isportal.valleyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 01 Jun 2023 03:00:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 02:59:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Jun 2023 03:00:06 GMT
account.css
isportal.valleyhealth.com/CherwellAPI/Content/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://isportal.valleyhealth.com/CherwellAPI/Content/account.css
Requested by
Host: isportal.valleyhealth.com
URL: https://isportal.valleyhealth.com/CherwellAPI/Account/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.85.100.236 Wallington, United States, ASN14070 (SVH-TVH-AS1, US),
Reverse DNS
isportal.ns.valleyhealth.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
94b8cbf562057bf56d2517a59d624f2ef6807985047e819b3870c49d4785aee3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload, max-age=157680000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://isportal.valleyhealth.com/CherwellAPI/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains; preload, max-age=157680000; includeSubDomains
Content-Encoding
gzip
Date
Thu, 01 Jun 2023 03:00:05 GMT
Last-Modified
Fri, 07 Oct 2022 16:46:28 GMT
Server
Microsoft-IIS/10.0
ETag
"164258586cdad81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE
Content-Type
text/css
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Accept
Content-Length
1700
login.css
isportal.valleyhealth.com/CherwellAPI/Content/ 		544 B
984 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://isportal.valleyhealth.com/CherwellAPI/Content/login.css
Requested by
Host: isportal.valleyhealth.com
URL: https://isportal.valleyhealth.com/CherwellAPI/Account/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.85.100.236 Wallington, United States, ASN14070 (SVH-TVH-AS1, US),
Reverse DNS
isportal.ns.valleyhealth.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
623b4cea4b1d1f7b5024fbc403ebb77952174fb5b3a0ab29a5587910ab6ac794
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload, max-age=157680000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://isportal.valleyhealth.com/CherwellAPI/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains; preload, max-age=157680000; includeSubDomains
Content-Encoding
gzip
Date
Thu, 01 Jun 2023 03:00:05 GMT
Last-Modified
Fri, 11 Mar 2022 01:16:02 GMT
Server
Microsoft-IIS/10.0
ETag
"0f5a692e534d81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE
Content-Type
text/css
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Accept
Content-Length
445
logo.svg
isportal.valleyhealth.com/CherwellAPI/Content/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://isportal.valleyhealth.com/CherwellAPI/Content/logo.svg
Requested by
Host: isportal.valleyhealth.com
URL: https://isportal.valleyhealth.com/CherwellAPI/Account/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.85.100.236 Wallington, United States, ASN14070 (SVH-TVH-AS1, US),
Reverse DNS
isportal.ns.valleyhealth.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f5bf80f2ccb66b714f6759a5977d5e85061a46d37616c355cf704386d6b56f97
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload, max-age=157680000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://isportal.valleyhealth.com/CherwellAPI/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains; preload, max-age=157680000; includeSubDomains
Date
Thu, 01 Jun 2023 03:00:05 GMT
Last-Modified
Fri, 11 Mar 2022 01:16:02 GMT
Server
Microsoft-IIS/10.0
ETag
"0f5a692e534d81:0"
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE
Content-Type
image/svg+xml
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Accept
Content-Length
17415
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://isportal.valleyhealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:00:36 GMT
x-content-type-options
nosniff
age
514770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 May 2024 04:00:36 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| setFocusOnUserName function| handleSubmit

1 Cookies

Domain/Path Name / Value
isportal.valleyhealth.com/ Name: __RequestVerificationToken_L0NoZXJ3ZWxsQVBJ0
Value: IIuHRV0I-1bFEANgCtt4OI3QNjJZZstOUBGgtWFCrOcCbXUYOmyaldyRNhh0riyVaLmHnTwF8eoXmPRBfyTwS5R_bFmPIoCcJWmWCgW7wew1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains; preload max-age=157680000; includeSubDomains
X-Frame-Options SAMEORIGIN