help.ehr.com - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 20.96.62.89, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is help.ehr.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on August 17th 2023. Valid for: a year.

This is the only time help.ehr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	158.82.144.200 158.82.144.200	40196 (WILLISNOR...) (WILLISNORTHAMERICA)
3	20.96.62.89 20.96.62.89	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	1

1 158.82.144.200 (United States) 1 redirects

ASN40196 (WILLISNORTHAMERICA, US)

usaa.ehr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.96.62.89 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

help.ehr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	ehr.com 1 redirects usaa.ehr.com help.ehr.com	15 KB
3	1

	Domain	Requested by
3	help.ehr.com	help.ehr.com
1	usaa.ehr.com	1 redirects
3	2

This site contains no links.

Subject Issuer	Validity	Valid
help.ehr.com GlobalSign RSA OV SSL CA 2018	`2023-08-17` - `2024-09-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://help.ehr.com/maintenance/maintenance-standard.html
Frame ID: 91CA26D41EC57E97AD5375D48D819086
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Maintenance

Page URL History Show full URLs

https://usaa.ehr.com/ HTTP 302
https://help.ehr.com/maintenance/maintenance-standard.html Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

15 kB
Transfer

16 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://usaa.ehr.com/ HTTP 302
https://help.ehr.com/maintenance/maintenance-standard.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request maintenance-standard.html Show response
help.ehr.com/maintenance/
Redirect Chain

https://usaa.ehr.com/
https://help.ehr.com/maintenance/maintenance-standard.html

5 KB
2 KB

549ms
178ms

Document
text/html

20.96.62.89
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://help.ehr.com/maintenance/maintenance-standard.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.96.62.89 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/

Resource Hash

cc95e588e00b57ec5a084a8691a0246d506137af1790488eb69e63fdbce58f3a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed content
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
CONTENT-SECURITY-POLICY: default-src 'self'; object-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed content
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1597
Content-Type: text/html
Date: Tue, 23 Jan 2024 13:27:42 GMT
ETag: "08772418a7d21:0"
Last-Modified: Mon, 27 Mar 2017 16:35:28 GMT
PERMISSIONS-POLICY: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Redirect headers

Connection: close
Location: https://help.ehr.com/maintenance/maintenance-standard.html

GET
H/1.1 200
OK HR_Software_Masthead_Sandwich.png
help.ehr.com/maintenance/ 3 KB
4 KB 231ms
230ms Image
image/png 20.96.62.89
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://help.ehr.com/maintenance/HR_Software_Masthead_Sandwich.png

Requested by

Host: help.ehr.com
URL: https://help.ehr.com/maintenance/maintenance-standard.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.96.62.89 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/

Resource Hash

59450f1d9f940c0349715bbc15582d1b8acca7c11ced3e88307e78d984805c03

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed content
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 13:27:42 GMT
CONTENT-SECURITY-POLICY: default-src 'self'; object-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed content
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Mon, 20 Mar 2017 18:47:12 GMT
X-Content-Type-Options: nosniff
ETag: "70ae462aaa1d21:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
PERMISSIONS-POLICY: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3028

GET
H/1.1 200
OK willistowerswatson-logo.svg
help.ehr.com/maintenance/ 8 KB
9 KB 375ms
143ms Image
image/svg+xml 20.96.62.89
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://help.ehr.com/maintenance/willistowerswatson-logo.svg

Requested by

Host: help.ehr.com
URL: https://help.ehr.com/maintenance/maintenance-standard.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.96.62.89 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/

Resource Hash

d7492ed6ca032f89f5515407c7e9add5b2d0e3cfaa3654fe0443ea30d0d8f226

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed content
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 13:27:43 GMT
CONTENT-SECURITY-POLICY: default-src 'self'; object-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed content
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Last-Modified: Fri, 24 Feb 2017 22:11:06 GMT
X-Content-Type-Options: nosniff
ETag: "103532e5ea8ed21:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
PERMISSIONS-POLICY: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8698

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			help.ehr.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: a9493b06ab01b731528811b7d3211041
			help.ehr.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: a9493b06ab01b731528811b7d3211041

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://help.ehr.com/maintenance/maintenance-standard.html Message: Unrecognized Content-Security-Policy directive 'block-all-mixed'.
security	error	URL: https://help.ehr.com/maintenance/maintenance-standard.html(Line 6) Message: Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-zGa5dwmb6Hu/+REGqVy1+gImNij0zvH/dwaw+z/aUZY='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed content
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

help.ehr.com
usaa.ehr.com
158.82.144.200
20.96.62.89
59450f1d9f940c0349715bbc15582d1b8acca7c11ced3e88307e78d984805c03
cc95e588e00b57ec5a084a8691a0246d506137af1790488eb69e63fdbce58f3a
d7492ed6ca032f89f5515407c7e9add5b2d0e3cfaa3654fe0443ea30d0d8f226

help.ehr.com Open in urlscan Pro 20.96.62.89 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

1 Countries

15 kBTransfer

16 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

2 Console Messages

Security Headers

Indicators

help.ehr.com Open in urlscan Pro
20.96.62.89 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

15 kB
Transfer

16 kB
Size

2
Cookies

3 HTTP transactions
0 data transactions