urlscan.io logo urlscan.io
SecurityTrails logo

claims.mybodhi.com Open in urlscan Pro
208.82.207.41  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://claims.mybodhi.com/
Effective URL: https://claims.mybodhi.com/login/?backlink=ix1jq
Submission: On August 09 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 208.82.207.41, located in United States and belongs to CONNECTRIA-ASN-1, US. The main domain is claims.mybodhi.com.
TLS certificate: Issued by R11 on August 9th 2024. Valid for: 3 months.
This is the only time claims.mybodhi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 208.82.207.41 11734 (CONNECTRI...)
6 1
Apex Domain
Subdomains		 Transfer
7 mybodhi.com
claims.mybodhi.com
158 KB
6 1
Domain Requested by
7 claims.mybodhi.com 1 redirects claims.mybodhi.com
6 1

This site contains no links.

Subject Issuer Validity Valid
claims.mybodhi.com
R11		 2024-08-09 -
2024-11-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://claims.mybodhi.com/login/?backlink=ix1jq
Frame ID: A009C7A16B84357E752D178B655B67F4
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in | MyBodhi CLAIMS

Page URL History Show full URLs

  1. https://claims.mybodhi.com/ HTTP 302
    http://claims.mybodhi.com/login/?backlink=ix1jq HTTP 307
    https://claims.mybodhi.com/login/?backlink=ix1jq Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+data-nette-rules
  • <input[^>]+id="frm-

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

158 kB
Transfer

863 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://claims.mybodhi.com/ HTTP 302
    http://claims.mybodhi.com/login/?backlink=ix1jq HTTP 307
    https://claims.mybodhi.com/login/?backlink=ix1jq Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
claims.mybodhi.com/login/
Redirect Chain
  • https://claims.mybodhi.com/
  • http://claims.mybodhi.com/login/?backlink=ix1jq
  • https://claims.mybodhi.com/login/?backlink=ix1jq
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://claims.mybodhi.com/login/?backlink=ix1jq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.82.207.41 , United States, ASN11734 (CONNECTRIA-ASN-1, US),
Reverse DNS
Software
nginx / Nette Framework 3
Resource Hash
0e14d6cf4bad498c541ada274454f2f8a3689da629f0c3b6023ba6215aa79744
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
797
content-type
text/html; charset=utf-8
date
Fri, 09 Aug 2024 07:33:10 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
X-Requested-With,Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN DENY
x-powered-by
Nette Framework 3
x-xss-protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://claims.mybodhi.com/login/?backlink=ix1jq
Non-Authoritative-Reason
HSTS
752.8fefbdab.css
claims.mybodhi.com/build/ 		237 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://claims.mybodhi.com/build/752.8fefbdab.css
Requested by
Host: claims.mybodhi.com
URL: https://claims.mybodhi.com/login/?backlink=ix1jq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.82.207.41 , United States, ASN11734 (CONNECTRIA-ASN-1, US),
Reverse DNS
Software
nginx /
Resource Hash
312cd3e0e899af23b421e70e70a8e06679036b75d54841f59fff2dc3238330bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://claims.mybodhi.com/login/?backlink=ix1jq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:33:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 01 Aug 2024 11:38:23 GMT
server
nginx
etag
"3b4f5-61e9da5f109c0-gzip"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
content-length
38592
x-xss-protection
1; mode=block
libs.7a2c7ebe.css
claims.mybodhi.com/build/ 		588 KB
90 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://claims.mybodhi.com/build/libs.7a2c7ebe.css
Requested by
Host: claims.mybodhi.com
URL: https://claims.mybodhi.com/login/?backlink=ix1jq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.82.207.41 , United States, ASN11734 (CONNECTRIA-ASN-1, US),
Reverse DNS
Software
nginx /
Resource Hash
be6ee420ad18b19bfaa27ac0a9031a1c7153471229811a7b967cc9e9a013fe44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://claims.mybodhi.com/login/?backlink=ix1jq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:33:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 01 Aug 2024 11:38:23 GMT
server
nginx
etag
"93169-61e9da5f109c0-gzip"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
x-xss-protection
1; mode=block
src.b8406e19.css
claims.mybodhi.com/build/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://claims.mybodhi.com/build/src.b8406e19.css
Requested by
Host: claims.mybodhi.com
URL: https://claims.mybodhi.com/login/?backlink=ix1jq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.82.207.41 , United States, ASN11734 (CONNECTRIA-ASN-1, US),
Reverse DNS
Software
nginx /
Resource Hash
2f08fd86b5550fb5a7d515f2d40cb351aabc47b057d9a359c7af674ee10af2c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://claims.mybodhi.com/login/?backlink=ix1jq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:33:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 01 Aug 2024 11:38:23 GMT
server
nginx
etag
"293a-61e9da5f109c0-gzip"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
content-length
3050
x-xss-protection
1; mode=block
logo.png
claims.mybodhi.com/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claims.mybodhi.com/images/logo.png
Requested by
Host: claims.mybodhi.com
URL: https://claims.mybodhi.com/login/?backlink=ix1jq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.82.207.41 , United States, ASN11734 (CONNECTRIA-ASN-1, US),
Reverse DNS
Software
nginx /
Resource Hash
98202317dc0e460711f38982b5daf6632e6410b4f60eb6f4b7f0adce418d62e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://claims.mybodhi.com/login/?backlink=ix1jq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:33:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 09:13:24 GMT
server
nginx
etag
"2fb3-60e93d7d05500"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
content-length
12211
x-xss-protection
1; mode=block
favicon.ico
claims.mybodhi.com/ 		13 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://claims.mybodhi.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.82.207.41 , United States, ASN11734 (CONNECTRIA-ASN-1, US),
Reverse DNS
Software
nginx /
Resource Hash
66b86b1c60634772a2969d7929ff220753ab77cd7714e51186115c2e2d50cdb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://claims.mybodhi.com/login/?backlink=ix1jq
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:33:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 10 Jan 2024 09:13:24 GMT
server
nginx
etag
"34ca-60e93d7d05500"
x-frame-options
DENY
content-type
image/vnd.microsoft.icon
accept-ranges
bytes
content-length
13514
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
claims.mybodhi.com/ Name: _nss
Value: 1
claims.mybodhi.com/ Name: MYBODHI_CLAIMS_APP
Value: 2e5596b495793e341e8b83b4c46c8f95

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://claims.mybodhi.com/login/?backlink=ix1jq
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN DENY
X-Xss-Protection 1; mode=block