claims.specialtyapi.com Open in urlscan Pro
208.30.33.171 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://claims.specialtyapi.com/
Submission: On August 27 via automatic, source certstream-suspicious (August 27th 2020, 6:21:30 pm UTC)

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 208.30.33.171, located in United States and belongs to CAMBRIDGE-NA, US. The main domain is claims.specialtyapi.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on February 5th 2020. Valid for: 2 years.

This is the only time claims.specialtyapi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
14	208.30.33.171 208.30.33.171		40432 (CAMBRIDGE-NA) (CAMBRIDGE-NA)
14	1

14 208.30.33.171 (United States)

ASN40432 (CAMBRIDGE-NA, US)

claims.specialtyapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	specialtyapi.com claims.specialtyapi.com	486 KB
14	1

	Domain	Requested by
14	claims.specialtyapi.com	claims.specialtyapi.com
14	1

This site contains no links.

Subject Issuer	Validity	Valid
www.mcpeaceofmind.com Sectigo RSA Organization Validation Secure Server CA	`2020-02-05` - `2022-02-04`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://claims.specialtyapi.com/
Frame ID: 3BCE777ED07CD49FBC134521DF6DE594
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

14
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

486 kB
Transfer

780 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
claims.specialtyapi.com/ 7 KB
3 KB 746ms
118ms Document
text/html 208.30.33.171
CAMBRIDGE-NA

General

Check archive.org

Show headers Download Go to

Full URL

https://claims.specialtyapi.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.30.33.171 , United States, ASN40432 (CAMBRIDGE-NA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ec23281687ac19b6c48b113891765e123f5a1f5a1a550c736aa1ca0a4f8a5611

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'
Public-Key-Pins	pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: claims.specialtyapi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: private,max-age=0
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
Set-Cookie: ASP.NET_SessionId=gthkycezzij4llizndffsxq1; path=/; secure; HttpOnly; SameSite=Lax
X-AspNetMvc-Version: 5.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Security-Policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'
Public-Key-Pins: pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Feature-Policy: vibrate 'self'
Date: Thu, 27 Aug 2020 18:21:12 GMT
Content-Length: 2501

GET
H/1.1 200
OK css
claims.specialtyapi.com/Content/ 236 KB
57 KB 123ms
123ms Stylesheet
text/css 208.30.33.171
CAMBRIDGE-NA

General

Check archive.org

Show headers Download Go to

Full URL

https://claims.specialtyapi.com/Content/css?v=taBwuIg1hvF-TKX91rv3kAQB_R2cRmrZwufOCuHSc7M1

Requested by

Host: claims.specialtyapi.com
URL: https://claims.specialtyapi.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.30.33.171 , United States, ASN40432 (CAMBRIDGE-NA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

482730a49276b13b864a53ff8a3a582c954b54ba08048362d8cc5bfdd602bf59

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'
Public-Key-Pins	pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claims.specialtyapi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Length: 57117
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Referrer-Policy: strict-origin
Last-Modified: Thu, 27 Aug 2020 18:21:13 GMT
Server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
Date: Thu, 27 Aug 2020 18:21:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/css; charset=utf-8
Cache-Control: public,max-age=0
Feature-Policy: vibrate 'self'
Expires: Fri, 27 Aug 2021 18:21:13 GMT

GET
H/1.1 200
OK MainScriptsMEA Show response
claims.specialtyapi.com/Scripts/ 200 KB
82 KB 448ms
223ms Script
text/javascript 208.30.33.171
CAMBRIDGE-NA

General

Check archive.org

Show headers Download Go to

Full URL

https://claims.specialtyapi.com/Scripts/MainScriptsMEA?v=ROtATCnFBqQ0ezqEj9HoxQBMTKNt-K2wFPPAYOMG4NI1

Requested by

Host: claims.specialtyapi.com
URL: https://claims.specialtyapi.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.30.33.171 , United States, ASN40432 (CAMBRIDGE-NA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

71cab7742fb6256fd557d9542e508cfdfee78eaa3705bd98f6fdb9f397680c57

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'
Public-Key-Pins	pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claims.specialtyapi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Referrer-Policy: strict-origin
Last-Modified: Thu, 27 Aug 2020 18:21:13 GMT
Server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
Date: Thu, 27 Aug 2020 18:21:13 GMT
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public,max-age=0
Feature-Policy: vibrate 'self'
Expires: Fri, 27 Aug 2021 18:21:13 GMT

GET
H/1.1 200
OK logo-mastercard.png
claims.specialtyapi.com/images/ 6 KB
6 KB 117ms
116ms Image
image/png 208.30.33.171
CAMBRIDGE-NA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://claims.specialtyapi.com/images/logo-mastercard.png

Requested by

Host: claims.specialtyapi.com
URL: https://claims.specialtyapi.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.30.33.171 , United States, ASN40432 (CAMBRIDGE-NA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

87acde4c55311c32304db8e253e3b32cd3baff9f3514b3df8cf9cb46835f9fb6

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'
Public-Key-Pins	pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claims.specialtyapi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
Content-Length: 5836
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Referrer-Policy: strict-origin
Last-Modified: Wed, 31 Aug 2016 03:20:50 GMT
Server: Microsoft-IIS/10.0
Date: Thu, 27 Aug 2020 18:21:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=0
Feature-Policy: vibrate 'self'
ETag: "9734d1ac363d21:0"
Accept-Ranges: bytes

GET
H/1.1 200
OK MEA-WorldEliteCard.png
claims.specialtyapi.com/images/ 65 KB
66 KB 119ms
119ms Image
image/png 208.30.33.171
CAMBRIDGE-NA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://claims.specialtyapi.com/images/MEA-WorldEliteCard.png

Requested by

Host: claims.specialtyapi.com
URL: https://claims.specialtyapi.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.30.33.171 , United States, ASN40432 (CAMBRIDGE-NA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b3d31dc392866c840411501968ef4affba916d4e87c003b410b5bf4e854bf380

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'
Public-Key-Pins	pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claims.specialtyapi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
Content-Length: 66896
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Referrer-Policy: strict-origin
Last-Modified: Tue, 29 Jan 2019 14:15:43 GMT
Server: Microsoft-IIS/10.0
Date: Thu, 27 Aug 2020 18:21:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=0
Feature-Policy: vibrate 'self'
ETag: "fd6da91eddb7d41:0"
Accept-Ranges: bytes

GET
H/1.1 200
OK MEA-WorldCard.png
claims.specialtyapi.com/images/ 60 KB
60 KB 119ms
119ms Image
image/png 208.30.33.171
CAMBRIDGE-NA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://claims.specialtyapi.com/images/MEA-WorldCard.png

Requested by

Host: claims.specialtyapi.com
URL: https://claims.specialtyapi.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.30.33.171 , United States, ASN40432 (CAMBRIDGE-NA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ddb554a4e7572862e99c6cd6319f84d0ccd899df3bb3d2514f721cb18b5d1277

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'
Public-Key-Pins	pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claims.specialtyapi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
Content-Length: 60939
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Referrer-Policy: strict-origin
Last-Modified: Tue, 29 Jan 2019 14:15:43 GMT
Server: Microsoft-IIS/10.0
Date: Thu, 27 Aug 2020 18:21:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=0
Feature-Policy: vibrate 'self'
ETag: "a8bbcf1eddb7d41:0"
Accept-Ranges: bytes

GET
H/1.1 200
OK MEA-PlatinumCard.png
claims.specialtyapi.com/images/ 52 KB
52 KB 115ms
115ms Image
image/png 208.30.33.171
CAMBRIDGE-NA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://claims.specialtyapi.com/images/MEA-PlatinumCard.png

Requested by

Host: claims.specialtyapi.com
URL: https://claims.specialtyapi.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.30.33.171 , United States, ASN40432 (CAMBRIDGE-NA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

1d45c07dfe37987805e0a18f9354b18f9f1aaf977dc7c73370deb0efa7ada6a8

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'
Public-Key-Pins	pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claims.specialtyapi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
Content-Length: 52840
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Referrer-Policy: strict-origin
Last-Modified: Tue, 29 Jan 2019 14:15:42 GMT
Server: Microsoft-IIS/10.0
Date: Thu, 27 Aug 2020 18:21:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=0
Feature-Policy: vibrate 'self'
ETag: "f31e4b1eddb7d41:0"
Accept-Ranges: bytes

GET
H/1.1 200
OK MEA-TitaniumCard.png
claims.specialtyapi.com/images/ 60 KB
61 KB 449ms
221ms Image
image/png 208.30.33.171
CAMBRIDGE-NA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://claims.specialtyapi.com/images/MEA-TitaniumCard.png

Requested by

Host: claims.specialtyapi.com
URL: https://claims.specialtyapi.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.30.33.171 , United States, ASN40432 (CAMBRIDGE-NA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

df4db8da834c71ef94a4a84c9d054a0c431d99f6fcf46f84b3263297769243df

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'
Public-Key-Pins	pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claims.specialtyapi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
Content-Length: 61606
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Referrer-Policy: strict-origin
Last-Modified: Tue, 29 Jan 2019 14:15:42 GMT
Server: Microsoft-IIS/10.0
Date: Thu, 27 Aug 2020 18:21:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=0
Feature-Policy: vibrate 'self'
ETag: "322d571eddb7d41:0"
Accept-Ranges: bytes

GET
H/1.1 200
OK arrow-link-sec.png
claims.specialtyapi.com/images/ 1 KB
2 KB 341ms
115ms Image
image/png 208.30.33.171
CAMBRIDGE-NA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://claims.specialtyapi.com/images/arrow-link-sec.png

Requested by

Host: claims.specialtyapi.com
URL: https://claims.specialtyapi.com/Content/css?v=taBwuIg1hvF-TKX91rv3kAQB_R2cRmrZwufOCuHSc7M1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.30.33.171 , United States, ASN40432 (CAMBRIDGE-NA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a1a85b1bb80eaf8bbbc8b34c27e2234551da9c837c06a229516f613459cffa12

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'
Public-Key-Pins	pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claims.specialtyapi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
Content-Length: 1144
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Referrer-Policy: strict-origin
Last-Modified: Tue, 29 Jan 2019 14:15:42 GMT
Server: Microsoft-IIS/10.0
Date: Thu, 27 Aug 2020 18:21:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=0
Feature-Policy: vibrate 'self'
ETag: "5864751eddb7d41:0"
Accept-Ranges: bytes

GET
H/1.1 200
OK MarkForMCNarrowW00-Regular.woff2
claims.specialtyapi.com/Content/fonts/webfonts/ 39 KB
40 KB 136ms
120ms Font
application/font-woff2 208.30.33.171
CAMBRIDGE-NA

General

Check archive.org

Show headers Download Go to

Full URL

https://claims.specialtyapi.com/Content/fonts/webfonts/MarkForMCNarrowW00-Regular.woff2

Requested by

Host: claims.specialtyapi.com
URL: https://claims.specialtyapi.com/Content/css?v=taBwuIg1hvF-TKX91rv3kAQB_R2cRmrZwufOCuHSc7M1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.30.33.171 , United States, ASN40432 (CAMBRIDGE-NA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'
Public-Key-Pins	pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://claims.specialtyapi.com
Referer: https://claims.specialtyapi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
Content-Length: 40108
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Referrer-Policy: strict-origin
Last-Modified: Tue, 29 Jan 2019 14:15:22 GMT
Server: Microsoft-IIS/10.0
Date: Thu, 27 Aug 2020 18:21:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/font-woff2
Cache-Control: max-age=0
Feature-Policy: vibrate 'self'
ETag: "4a318712ddb7d41:0"
Accept-Ranges: bytes

GET
H/1.1 200
OK MarkWebPro-LightW01-Regular.woff2
claims.specialtyapi.com/Content/fonts/webfonts/ 14 KB
15 KB 208ms
115ms Font
application/font-woff2 208.30.33.171
CAMBRIDGE-NA

General

Check archive.org

Show headers Download Go to

Full URL

https://claims.specialtyapi.com/Content/fonts/webfonts/MarkWebPro-LightW01-Regular.woff2

Requested by

Host: claims.specialtyapi.com
URL: https://claims.specialtyapi.com/Content/css?v=taBwuIg1hvF-TKX91rv3kAQB_R2cRmrZwufOCuHSc7M1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.30.33.171 , United States, ASN40432 (CAMBRIDGE-NA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'
Public-Key-Pins	pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://claims.specialtyapi.com
Referer: https://claims.specialtyapi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
Content-Length: 14552
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Referrer-Policy: strict-origin
Last-Modified: Tue, 29 Jan 2019 14:15:21 GMT
Server: Microsoft-IIS/10.0
Date: Thu, 27 Aug 2020 18:21:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/font-woff2
Cache-Control: max-age=0
Feature-Policy: vibrate 'self'
ETag: "26441612ddb7d41:0"
Accept-Ranges: bytes

POST
H/1.1 200
OK SetVariable Show response
claims.specialtyapi.com/SetSession/ 16 B
721 B 273ms
113ms XHR
application/json 208.30.33.171
CAMBRIDGE-NA

General

Check archive.org

Show headers Download Go to

Full URL

https://claims.specialtyapi.com/SetSession/SetVariable

Requested by

Host: claims.specialtyapi.com
URL: https://claims.specialtyapi.com/Scripts/MainScriptsMEA?v=ROtATCnFBqQ0ezqEj9HoxQBMTKNt-K2wFPPAYOMG4NI1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.30.33.171 , United States, ASN40432 (CAMBRIDGE-NA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'
Public-Key-Pins	pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://claims.specialtyapi.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options: nosniff
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 16
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Referrer-Policy: strict-origin
X-AspNetMvc-Version: 5.0
Server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
Date: Thu, 27 Aug 2020 18:21:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json; charset=utf-8
Cache-Control: private,max-age=0
Feature-Policy: vibrate 'self'

GET
H/1.1 200
OK dropdown-img2.png
claims.specialtyapi.com/images/ 1 KB
2 KB 270ms
113ms Image
image/png 208.30.33.171
CAMBRIDGE-NA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://claims.specialtyapi.com/images/dropdown-img2.png

Requested by

Host: claims.specialtyapi.com
URL: https://claims.specialtyapi.com/Content/css?v=taBwuIg1hvF-TKX91rv3kAQB_R2cRmrZwufOCuHSc7M1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.30.33.171 , United States, ASN40432 (CAMBRIDGE-NA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

094c9510b3726c4c62e6cae9de9d2101c7084575bd06f0a01e3bdbcc508395a0

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'
Public-Key-Pins	pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claims.specialtyapi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
Content-Length: 1116
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Referrer-Policy: strict-origin
Last-Modified: Tue, 26 Mar 2019 13:45:40 GMT
Server: Microsoft-IIS/10.0
Date: Thu, 27 Aug 2020 18:21:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=0
Feature-Policy: vibrate 'self'
ETag: "7a181633dae3d41:0"
Accept-Ranges: bytes

GET
H/1.1 200
OK MarkForMCNarrowW00-Bold.woff2
claims.specialtyapi.com/Content/fonts/webfonts/ 39 KB
40 KB 193ms
120ms Font
application/font-woff2 208.30.33.171
CAMBRIDGE-NA

General

Check archive.org

Show headers Download Go to

Full URL

https://claims.specialtyapi.com/Content/fonts/webfonts/MarkForMCNarrowW00-Bold.woff2

Requested by

Host: claims.specialtyapi.com
URL: https://claims.specialtyapi.com/Content/css?v=taBwuIg1hvF-TKX91rv3kAQB_R2cRmrZwufOCuHSc7M1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.30.33.171 , United States, ASN40432 (CAMBRIDGE-NA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'
Public-Key-Pins	pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://claims.specialtyapi.com
Referer: https://claims.specialtyapi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
Content-Length: 39932
X-Xss-Protection: 1; mode=block
Public-Key-Pins: pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Referrer-Policy: strict-origin
Last-Modified: Tue, 29 Jan 2019 14:15:22 GMT
Server: Microsoft-IIS/10.0
Date: Thu, 27 Aug 2020 18:21:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/font-woff2
Cache-Control: max-age=0
Feature-Policy: vibrate 'self'
ETag: "9d663e12ddb7d41:0"
Accept-Ranges: bytes

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			claims.specialtyapi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: gthkycezzij4llizndffsxq1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'
Public-Key-Pins	pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec=';pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg=';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

claims.specialtyapi.com
208.30.33.171
094c9510b3726c4c62e6cae9de9d2101c7084575bd06f0a01e3bdbcc508395a0
1d45c07dfe37987805e0a18f9354b18f9f1aaf977dc7c73370deb0efa7ada6a8
482730a49276b13b864a53ff8a3a582c954b54ba08048362d8cc5bfdd602bf59
71cab7742fb6256fd557d9542e508cfdfee78eaa3705bd98f6fdb9f397680c57
87acde4c55311c32304db8e253e3b32cd3baff9f3514b3df8cf9cb46835f9fb6
a1a85b1bb80eaf8bbbc8b34c27e2234551da9c837c06a229516f613459cffa12
b3d31dc392866c840411501968ef4affba916d4e87c003b410b5bf4e854bf380
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ddb554a4e7572862e99c6cd6319f84d0ccd899df3bb3d2514f721cb18b5d1277
df4db8da834c71ef94a4a84c9d054a0c431d99f6fcf46f84b3263297769243df
ec23281687ac19b6c48b113891765e123f5a1f5a1a550c736aa1ca0a4f8a5611

claims.specialtyapi.com Open in urlscan Pro 208.30.33.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

486 kBTransfer

780 kBSize

1 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

claims.specialtyapi.com Open in urlscan Pro
208.30.33.171 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

486 kB
Transfer

780 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions