urlscan.io logo urlscan.io
SecurityTrails logo

val.apps.lara.state.mi.us Open in urlscan Pro
148.149.26.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lara.hegirahealth.org/
Effective URL: https://val.apps.lara.state.mi.us/license/search
Submission: On August 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 148.149.26.21, located in United States and belongs to STOMI, US. The main domain is val.apps.lara.state.mi.us.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on May 14th 2024. Valid for: a year.
This is the only time val.apps.lara.state.mi.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.251.168 16509 (AMAZON-02)
9 148.149.26.21 13325 (STOMI)
9 1
Apex Domain
Subdomains		 Transfer
9 state.mi.us
val.apps.lara.state.mi.us
404 KB
1 hegirahealth.org
lara.hegirahealth.org
336 B
9 2
Domain Requested by
9 val.apps.lara.state.mi.us val.apps.lara.state.mi.us
1 lara.hegirahealth.org 1 redirects
9 2

This site contains links to these domains. Also see Links.

Domain
www.michigan.gov
nurseaideregistry.apps.lara.state.mi.us
Subject Issuer Validity Valid
apps.lara.state.mi.us
Sectigo RSA Organization Validation Secure Server CA		 2024-05-14 -
2025-05-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://val.apps.lara.state.mi.us/license/search
Frame ID: 66495CAB45B30DC8505D6202714659E3
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Search - Verify A License

Page URL History Show full URLs

  1. https://lara.hegirahealth.org/ HTTP 301
    http://val.apps.lara.state.mi.us/license/search HTTP 307
    https://val.apps.lara.state.mi.us/license/search Page URL

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

404 kB
Transfer

399 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lara.hegirahealth.org/ HTTP 301
    http://val.apps.lara.state.mi.us/license/search HTTP 307
    https://val.apps.lara.state.mi.us/license/search Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request search
val.apps.lara.state.mi.us/license/
Redirect Chain
  • https://lara.hegirahealth.org/
  • http://val.apps.lara.state.mi.us/license/search
  • https://val.apps.lara.state.mi.us/license/search
17 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://val.apps.lara.state.mi.us/license/search
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.149.26.21 , United States, ASN13325 (STOMI, US),
Reverse DNS
Software
/
Resource Hash
abb4df34561f79c4aebcf730e6f2150ed42826596c1fa7c7269acf731392012f
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';img-src https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache,must-revalidate, private
Content-Length
17421
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';img-src https: data: blob: 'unsafe-inline'
Content-Type
text/html; charset=utf-8
Date
Wed, 21 Aug 2024 05:51:44 GMT
Expires
-1,-1
Pragma
no-cache,no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Location
https://val.apps.lara.state.mi.us/license/search
Non-Authoritative-Reason
HttpsUpgrades
css
val.apps.lara.state.mi.us/Content/ 		126 KB
127 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://val.apps.lara.state.mi.us/Content/css?v=_ndWdxZZP39uGKcDIcdm7ZwB3kmAjVnfH3n2-9_FP2g1
Requested by
Host: val.apps.lara.state.mi.us
URL: https://val.apps.lara.state.mi.us/license/search
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.149.26.21 , United States, ASN13325 (STOMI, US),
Reverse DNS
Software
/
Resource Hash
dec3aa8db6274d3b379ab8d2e13cd4dd6b93578ff84855dea2eb2e8a12302107
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';img-src https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://val.apps.lara.state.mi.us/license/search
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';img-src https: data: blob: 'unsafe-inline'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Wed, 21 Aug 2024 05:51:45 GMT
Last-Modified
Wed, 21 Aug 2024 05:51:45 GMT
Vary
User-Agent
Content-Type
text/css; charset=utf-8
Cache-Control
public,must-revalidate, private
Content-Length
129337
X-XSS-Protection
1; mode=block
Expires
Thu, 21 Aug 2025 05:51:45 GMT,-1
modernizr
val.apps.lara.state.mi.us/bundles/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://val.apps.lara.state.mi.us/bundles/modernizr?v=wBEWDufH_8Md-Pbioxomt90vm6tJN2Pyy9u9zHtWsPo1
Requested by
Host: val.apps.lara.state.mi.us
URL: https://val.apps.lara.state.mi.us/license/search
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.149.26.21 , United States, ASN13325 (STOMI, US),
Reverse DNS
Software
/
Resource Hash
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';img-src https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://val.apps.lara.state.mi.us/license/search
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';img-src https: data: blob: 'unsafe-inline'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Wed, 21 Aug 2024 05:51:45 GMT
Last-Modified
Wed, 21 Aug 2024 05:51:45 GMT
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public,must-revalidate, private
Content-Length
10999
X-XSS-Protection
1; mode=block
Expires
Thu, 21 Aug 2025 05:51:45 GMT,-1
jquery
val.apps.lara.state.mi.us/bundles/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://val.apps.lara.state.mi.us/bundles/jquery?v=yAQ0DOUySaKzK_L0dsY0EMym8xDXQJAEu2x4B6A-vDM1
Requested by
Host: val.apps.lara.state.mi.us
URL: https://val.apps.lara.state.mi.us/license/search
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.149.26.21 , United States, ASN13325 (STOMI, US),
Reverse DNS
Software
/
Resource Hash
7acec13aeb787ae5c11eb1dc79ae0d08c1bb4c0aa1cb0fc278b456b975813c87
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';img-src https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://val.apps.lara.state.mi.us/license/search
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';img-src https: data: blob: 'unsafe-inline'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Wed, 21 Aug 2024 05:51:45 GMT
Last-Modified
Wed, 21 Aug 2024 05:51:45 GMT
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public,must-revalidate, private
Content-Length
95939
X-XSS-Protection
1; mode=block
Expires
Thu, 21 Aug 2025 05:51:45 GMT,-1
bootstrap
val.apps.lara.state.mi.us/bundles/ 		57 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://val.apps.lara.state.mi.us/bundles/bootstrap?v=XFQ6ekRmUKkC5q116_4vvIKt0mhNOzNmfxA0NYVcPDY1
Requested by
Host: val.apps.lara.state.mi.us
URL: https://val.apps.lara.state.mi.us/license/search
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.149.26.21 , United States, ASN13325 (STOMI, US),
Reverse DNS
Software
/
Resource Hash
fd20981331f19cdfe5b4f85aba16a46aae0a368431e91fd4eed747c3f2961259
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';img-src https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://val.apps.lara.state.mi.us/license/search
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';img-src https: data: blob: 'unsafe-inline'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Wed, 21 Aug 2024 05:51:45 GMT
Last-Modified
Wed, 21 Aug 2024 05:51:45 GMT
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public,must-revalidate, private
Content-Length
57943
X-XSS-Protection
1; mode=block
Expires
Thu, 21 Aug 2025 05:51:45 GMT,-1
MiniMI.jpg
val.apps.lara.state.mi.us/Content/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://val.apps.lara.state.mi.us/Content/images/MiniMI.jpg
Requested by
Host: val.apps.lara.state.mi.us
URL: https://val.apps.lara.state.mi.us/license/search
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.149.26.21 , United States, ASN13325 (STOMI, US),
Reverse DNS
Software
/
Resource Hash
92e9c6cebcbf5dac20e956d7e73ee95cf8bf2b682c311d88e61d6d9eae3a570d
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';img-src https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://val.apps.lara.state.mi.us/license/search
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';img-src https: data: blob: 'unsafe-inline'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Wed, 21 Aug 2024 05:51:45 GMT
Last-Modified
Tue, 05 Mar 2024 20:12:44 GMT
ETag
"06b37b396fda1:0"
Content-Type
image/jpeg
Cache-Control
must-revalidate, private
Accept-Ranges
bytes
Content-Length
8329
X-XSS-Protection
1; mode=block
Expires
-1
LaraHeader.png
val.apps.lara.state.mi.us/Content/images/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://val.apps.lara.state.mi.us/Content/images/LaraHeader.png
Requested by
Host: val.apps.lara.state.mi.us
URL: https://val.apps.lara.state.mi.us/license/search
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.149.26.21 , United States, ASN13325 (STOMI, US),
Reverse DNS
Software
/
Resource Hash
3c2dd3475fce5a80b369bac6213f82493dd4e74736cf2b0cfcc6c0904d0b6f0c
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';img-src https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://val.apps.lara.state.mi.us/license/search
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';img-src https: data: blob: 'unsafe-inline'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Wed, 21 Aug 2024 05:51:45 GMT
Last-Modified
Tue, 05 Mar 2024 20:12:44 GMT
ETag
"06b37b396fda1:0"
Content-Type
image/png
Cache-Control
must-revalidate, private
Accept-Ranges
bytes
Content-Length
86672
X-XSS-Protection
1; mode=block
Expires
-1
/
val.apps.lara.state.mi.us/License/GetLicenseTypes/ 		592 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://val.apps.lara.state.mi.us/License/GetLicenseTypes/
Requested by
Host: val.apps.lara.state.mi.us
URL: https://val.apps.lara.state.mi.us/bundles/jquery?v=yAQ0DOUySaKzK_L0dsY0EMym8xDXQJAEu2x4B6A-vDM1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.149.26.21 , United States, ASN13325 (STOMI, US),
Reverse DNS
Software
/
Resource Hash
e6cc29371c64c83c47a1b0d47d0e8baa681726b6f88a566daf15e4d13cbfa05e
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';img-src https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://val.apps.lara.state.mi.us/license/search
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache,no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';img-src https: data: blob: 'unsafe-inline'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Wed, 21 Aug 2024 05:51:46 GMT
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache,must-revalidate, private
Content-Length
592
X-XSS-Protection
1; mode=block
Expires
-1,-1
favicon.ico
val.apps.lara.state.mi.us/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://val.apps.lara.state.mi.us/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.149.26.21 , United States, ASN13325 (STOMI, US),
Reverse DNS
Software
/
Resource Hash
86476f5ab93106cc492054a41bfae2e14f322d302c3e5477ed828f6aa0e79b18
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';img-src https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://val.apps.lara.state.mi.us/license/search
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval';img-src https: data: blob: 'unsafe-inline'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Wed, 21 Aug 2024 05:51:46 GMT
Last-Modified
Tue, 05 Mar 2024 20:12:44 GMT
ETag
"06b37b396fda1:0"
Content-Type
image/x-icon
Cache-Control
must-revalidate, private
Accept-Ranges
bytes
Content-Length
1406
X-XSS-Protection
1; mode=block
Expires
-1

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| html5 object| Modernizr function| $ function| jQuery object| jQuery110202032929141538573 object| respond function| nextPage function| previousPage boolean| valAjaxDone

2 Cookies

Domain/Path Name / Value
val.apps.lara.state.mi.us/ Name: __RequestVerificationToken
Value: 53r8rYeohai4f8L0ZZhZEx2OiBgDbvOfhTWjeRC0GekqrGauMPqQ9LPWbNH9QiAzQokxZ-iCY40L4RE83KKsMRirwnXmg4Qxsl9kIjAAmfw1
.apps.lara.state.mi.us/ Name: TS014a0b06
Value: 0120f3389345d2b58bca16530860393967f288328869ce91227a5d7cb22e128848bd1089d98c5fc169a37c2e47d023c37abaf05bb3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval';img-src https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block