Submitted URL: https://claims.maverick.markelinsurance.com/
Effective URL: https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2F...
Submission: On July 13 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 198.186.236.56, located in United States and belongs to ULTRADDOS, US. The main domain is sso.markelinsurance.com.
TLS certificate: Issued by Thawte RSA CA 2018 on July 14th 2020. Valid for: 2 years.
This is the only time sso.markelinsurance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 12 198.186.236.56 19905 (ULTRADDOS)
4 18.209.117.28 14618 (AMAZON-AES)
13 2
Apex Domain
Subdomains
Transfer
12 markelinsurance.com
claims.maverick.markelinsurance.com — Cisco Umbrella Rank: 655004
sso.markelinsurance.com
146 KB
4 brilliantcollector.com
lib-us-2.brilliantcollector.com — Cisco Umbrella Rank: 20853
700 B
13 2
Domain Requested by
9 sso.markelinsurance.com sso.markelinsurance.com
4 lib-us-2.brilliantcollector.com sso.markelinsurance.com
3 claims.maverick.markelinsurance.com 3 redirects
13 3

This site contains links to these domains. Also see Links.

Domain
www.markelcorp.com
www.markelinsurance.com
Subject Issuer Validity Valid
sso.markelinsurance.com
Thawte RSA CA 2018
2020-07-14 -
2022-07-19
2 years crt.sh
*.brilliantcollector.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-13 -
2023-04-14
a year crt.sh

This page contains 1 frames:

Primary Page: https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
Frame ID: 9FB5E2DA1211A891A38F05D4DC45E856
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

Markel Log In

Page URL History Show full URLs

  1. https://claims.maverick.markelinsurance.com/ HTTP 302
    https://claims.maverick.markelinsurance.com/default.cfm HTTP 302
    https://claims.maverick.markelinsurance.com/policymgmt/ HTTP 302
    https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&retu... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.cfm(?:$|\?)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

143 kB
Transfer

353 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://claims.maverick.markelinsurance.com/ HTTP 302
    https://claims.maverick.markelinsurance.com/default.cfm HTTP 302
    https://claims.maverick.markelinsurance.com/policymgmt/ HTTP 302
    https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.cfm
sso.markelinsurance.com/
Redirect Chain
  • https://claims.maverick.markelinsurance.com/
  • https://claims.maverick.markelinsurance.com/default.cfm
  • https://claims.maverick.markelinsurance.com/policymgmt/?
  • https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
6 KB
4 KB
Document
General
Full URL
https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.186.236.56 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a8dbdf551d1c77ff2c12ed534b66b2e1d623539ae7f45d3c3e9bfd7c13149936
Security Headers
Name Value
Strict-Transport-Security max-age=-1435328; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 13 Jul 2022 16:44:26 GMT
Request-Context
appId=cid-v1:fa5051e2-c08c-4e02-923f-2846790bdd76
Server
Microsoft-IIS/8.5
Strict-Transport-Security
max-age=-1435328; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
ASP.NET

Redirect headers

Cache-Control
no-cache
Content-Type
text/html;charset=UTF-8
Date
Wed, 13 Jul 2022 16:44:25 GMT
Location
https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
Pragma
no-cache
Request-Context
appId=cid-v1:fa5051e2-c08c-4e02-923f-2846790bdd76
Server
Microsoft-IIS/8.5
Strict-Transport-Security
max-age=-1435328; includeSubDomains
Transfer-Encoding
chunked
X-Powered-By
ASP.NET
agency.css
sso.markelinsurance.com/assets/css/
92 KB
22 KB
Stylesheet
General
Full URL
https://sso.markelinsurance.com/assets/css/agency.css
Requested by
Host: sso.markelinsurance.com
URL: https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.186.236.56 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2b2482bb3245f582e64c33b43cb80b8088e0a92583d632870ce05bbcef5f8b0f
Security Headers
Name Value
Strict-Transport-Security max-age=-1435329; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 16:44:26 GMT
Content-Encoding
gzip
Last-Modified
Sat, 11 Sep 2021 01:10:24 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"12b8b7cca9a6d71:0"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=-1435329; includeSubDomains
Accept-Ranges
bytes
jquery1.8.1.min.js
sso.markelinsurance.com/assets/javascript/
91 KB
42 KB
Script
General
Full URL
https://sso.markelinsurance.com/assets/javascript/jquery1.8.1.min.js
Requested by
Host: sso.markelinsurance.com
URL: https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.186.236.56 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
032ac8f2e2cfb6bc47a8b46a0ce3605dcde912788f3b31551f4f1664af775499
Security Headers
Name Value
Strict-Transport-Security max-age=-1435329; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 16:44:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 May 2014 18:01:32 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"eccb51db9e7acf1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=-1435329; includeSubDomains
Accept-Ranges
bytes
skynet.js
sso.markelinsurance.com/assets/javascript/
5 KB
3 KB
Script
General
Full URL
https://sso.markelinsurance.com/assets/javascript/skynet.js
Requested by
Host: sso.markelinsurance.com
URL: https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.186.236.56 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7824715f0b63675a2b46f24a379df6bba662dca0337958010b8187643f3caa57
Security Headers
Name Value
Strict-Transport-Security max-age=-1435329; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 16:44:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 May 2014 18:01:31 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"8133d8da9e7acf1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=-1435329; includeSubDomains
Accept-Ranges
bytes
skynet.modal.js
sso.markelinsurance.com/assets/javascript/skynet/
6 KB
2 KB
Script
General
Full URL
https://sso.markelinsurance.com/assets/javascript/skynet/skynet.modal.js
Requested by
Host: sso.markelinsurance.com
URL: https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.186.236.56 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
947ac8753894033c1ff0d6978e948260be3d5189e005808c37fdcabb77bc8e66
Security Headers
Name Value
Strict-Transport-Security max-age=-1435329; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 16:44:26 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Jul 2016 02:17:30 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"464cd4b88d9d11:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=-1435329; includeSubDomains
Accept-Ranges
bytes
iframeResizer.contentWindow.min.js
sso.markelinsurance.com/assets/javascript/iframe-resizer/
13 KB
6 KB
Script
General
Full URL
https://sso.markelinsurance.com/assets/javascript/iframe-resizer/iframeResizer.contentWindow.min.js
Requested by
Host: sso.markelinsurance.com
URL: https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.186.236.56 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
abd7c0c0527010ae1f871066012661de726edb7b1fd0c4bb8ec4b8439b703b0f
Security Headers
Name Value
Strict-Transport-Security max-age=-1435329; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 16:44:26 GMT
Content-Encoding
gzip
Last-Modified
Sat, 01 Apr 2017 03:29:34 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"438a22e98aad21:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=-1435329; includeSubDomains
Accept-Ranges
bytes
tealeaf.markel-v5.3.0.js
sso.markelinsurance.com/assets/javascript/tealeaf/
131 KB
55 KB
Script
General
Full URL
https://sso.markelinsurance.com/assets/javascript/tealeaf/tealeaf.markel-v5.3.0.js
Requested by
Host: sso.markelinsurance.com
URL: https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.186.236.56 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
508a19c4a86e1fe44f8a0b3ba02c13e8aaaeece34f953f724560682524bef261
Security Headers
Name Value
Strict-Transport-Security max-age=-1435329; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 16:44:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jun 2020 01:09:31 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"2ba229f8d53ad61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=-1435329; includeSubDomains
Accept-Ranges
bytes
markelGoldMaverickLogo.png
sso.markelinsurance.com/assets/images/
6 KB
7 KB
Image
General
Full URL
https://sso.markelinsurance.com/assets/images/markelGoldMaverickLogo.png
Requested by
Host: sso.markelinsurance.com
URL: https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.186.236.56 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
fd17c4b82102641ccaccf547a6e9d6bb33efcb2894954a063facd2b387b38985
Security Headers
Name Value
Strict-Transport-Security max-age=-1435329; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 16:44:27 GMT
Last-Modified
Sat, 18 Apr 2015 01:06:14 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"a6c7c5dd7379d01:0"
Strict-Transport-Security
max-age=-1435329; includeSubDomains
Content-Type
image/png
Transfer-Encoding
chunked
Accept-Ranges
bytes
jquery.forgotPassword.js
sso.markelinsurance.com/assets/javascript/plugins/
4 KB
2 KB
Script
General
Full URL
https://sso.markelinsurance.com/assets/javascript/plugins/jquery.forgotPassword.js
Requested by
Host: sso.markelinsurance.com
URL: https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.186.236.56 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c0322ca18cadbb41e996976cc84f2bbb6ded9ceb7762c24d055562a25c9caa28
Security Headers
Name Value
Strict-Transport-Security max-age=-1435329; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.markelinsurance.com/index.cfm?action=sso:authentication.login&logo=maverick&returnType=href&returnURL=https%3A%2F%2Fclaims%2Emaverick%2Emarkelinsurance%2Ecom%2Fpolicymgmt%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 16:44:27 GMT
Content-Encoding
gzip
Last-Modified
Sat, 10 Apr 2021 01:43:30 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"f0df8de8aa2dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=-1435329; includeSubDomains
Accept-Ranges
bytes
collectorPost
lib-us-2.brilliantcollector.com/collector/
0
0
Preflight
General
Full URL
https://lib-us-2.brilliantcollector.com/collector/collectorPost
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.209.117.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-117-28.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-pageid,x-requested-with,x-tealeaf-endpointcheck,x-tealeaf-saas-appkey
Access-Control-Request-Method
POST
Origin
https://sso.markelinsurance.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-pageid, x-requested-with, x-tealeaf-endpointcheck, x-tealeaf-saas-appkey
access-control-allow-methods
POST
access-control-allow-origin
https://sso.markelinsurance.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Wed, 13 Jul 2022 16:44:28 GMT
server
istio-envoy
vary
Accept-Encoding,Origin
x-envoy-upstream-service-time
0
collectorPost
lib-us-2.brilliantcollector.com/collector/
38 B
334 B
XHR
General
Full URL
https://lib-us-2.brilliantcollector.com/collector/collectorPost
Requested by
Host: sso.markelinsurance.com
URL: https://sso.markelinsurance.com/assets/javascript/tealeaf/tealeaf.markel-v5.3.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.209.117.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-117-28.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60

Request headers

X-Requested-With
XMLHttpRequest
X-Tealeaf-SaaS-AppKey
b5b4a1d10a40485e9511d27bd7d60c5e
X-PageId
P.GC75AXTY3FYYCNSMT7NTX8HQ69P2
X-Tealeaf-EndpointCheck
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer
https://sso.markelinsurance.com/

Response headers

date
Wed, 13 Jul 2022 16:44:28 GMT
dcname
prod-wdc
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://sso.markelinsurance.com
cache-control
no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
nodeid
wscollector-6d4679d759-pcz2k
content-length
38
server
istio-envoy
expires
Fri, 31 Dec 1998 12:00:00 GMT
collectorPost
lib-us-2.brilliantcollector.com/collector/
38 B
366 B
XHR
General
Full URL
https://lib-us-2.brilliantcollector.com/collector/collectorPost
Requested by
Host: sso.markelinsurance.com
URL: https://sso.markelinsurance.com/assets/javascript/tealeaf/tealeaf.markel-v5.3.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.209.117.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-117-28.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60

Request headers

X-WCXSID
2752431096286467077283819837
X-Tealeaf-SyncXHR
false
X-Tealeaf
device (UIC) Lib/5.3.0.1788
X-TeaLeaf-Page-Url
/index.cfm
accept-language
de-DE,de;q=0.9
X-Tealeaf-MessageTypes
1,2,5,12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json
X-Tealeaf-SaaS-AppKey
b5b4a1d10a40485e9511d27bd7d60c5e
X-Tealeaf-SaaS-TLTSID
6ED57B023C2DEDA9A0C197693BD8E54B
X-Requested-With
XMLHttpRequest
X-TealeafType
GUI
X-PageId
P.GC75AXTY3FYYCNSMT7NTX8HQ69P2
Content-Encoding
gzip
Referer
https://sso.markelinsurance.com/

Response headers

date
Wed, 13 Jul 2022 16:44:28 GMT
dcname
prod-wdc
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://sso.markelinsurance.com
cache-control
no-cache
access-control-allow-credentials
true
tltsid
6ED57B023C2DEDA9A0C197693BD8E54B
x-envoy-upstream-service-time
0
nodeid
wscollector-6d4679d759-pcz2k
content-length
38
server
istio-envoy
expires
Fri, 31 Dec 1998 12:00:00 GMT
collectorPost
lib-us-2.brilliantcollector.com/collector/
0
0
Preflight
General
Full URL
https://lib-us-2.brilliantcollector.com/collector/collectorPost
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.209.117.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-117-28.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type,x-pageid,x-requested-with,x-tealeaf,x-tealeaf-messagetypes,x-tealeaf-page-url,x-tealeaf-saas-appkey,x-tealeaf-saas-tltsid,x-tealeaf-syncxhr,x-tealeaftype,x-wcxsid
Access-Control-Request-Method
POST
Origin
https://sso.markelinsurance.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-encoding, content-type, x-pageid, x-requested-with, x-tealeaf, x-tealeaf-messagetypes, x-tealeaf-page-url, x-tealeaf-saas-appkey, x-tealeaf-saas-tltsid, x-tealeaf-syncxhr, x-tealeaftype, x-wcxsid
access-control-allow-methods
POST
access-control-allow-origin
https://sso.markelinsurance.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Wed, 13 Jul 2022 16:44:28 GMT
server
istio-envoy
vary
Accept-Encoding,Origin
x-envoy-upstream-service-time
0

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| jQuery18104210736221917257 object| pako object| TLT function| doOnLoad function| callback

15 Cookies

Domain/Path Name / Value
claims.maverick.markelinsurance.com/ Name: CFID
Value: 81705944
claims.maverick.markelinsurance.com/ Name: CFTOKEN
Value: d0e0ee0e350367e6-B4798A98-5056-880D-B3F6056C3958080E
claims.maverick.markelinsurance.com/ Name: JSESSIONID
Value: 09DE4A0F7B6C10EC165C3C5605610CB4.Maverick
claims.maverick.markelinsurance.com/ Name: Maverick_Internal_Prod
Value: 764100874.20480.0000
.markelinsurance.com/ Name: TLTSID
Value: 6ED57B023C2DEDA9A0C197693BD8E54B
.markelinsurance.com/ Name: TLTUID
Value: E80E88371A20F87048001FB7C60D0090
claims.maverick.markelinsurance.com/ Name: BIGipServer
Value: 764100874.20480.0000
claims.maverick.markelinsurance.com/ Name: CFGLOBALS
Value: urltoken%3DCFID%23%3D81705944%26CFTOKEN%23%3Dd0e0ee0e350367e6%2DB4798A98%2D5056%2D880D%2DB3F6056C3958080E%26jsessionid%23%3D09DE4A0F7B6C10EC165C3C5605610CB4%2EMaverick%23lastvisit%3D%7Bts%20%272022%2D07%2D13%2012%3A44%3A26%27%7D%23hitcount%3D4%23timecreated%3D%7Bts%20%272022%2D07%2D13%2012%3A44%3A25%27%7D%23cftoken%3Dd0e0ee0e350367e6%2DB4798A98%2D5056%2D880D%2DB3F6056C3958080E%23cfid%3D81705944%23
sso.markelinsurance.com/ Name: CFID
Value: 40495131
sso.markelinsurance.com/ Name: CFTOKEN
Value: f25a92316ee8691b-B479476B-5056-AE0A-05BFD08043271274
sso.markelinsurance.com/ Name: JSESSIONID
Value: 57DFF4847DDCB09C3780598239863FD9.Maverick
sso.markelinsurance.com/ Name: CFGLOBALS
Value: urltoken%3DCFID%23%3D40495131%26CFTOKEN%23%3Df25a92316ee8691b%2DB479476B%2D5056%2DAE0A%2D05BFD08043271274%26jsessionid%23%3D57DFF4847DDCB09C3780598239863FD9%2EMaverick%23lastvisit%3D%7Bts%20%272022%2D07%2D13%2012%3A44%3A26%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272022%2D07%2D13%2012%3A44%3A26%27%7D%23cftoken%3Df25a92316ee8691b%2DB479476B%2D5056%2DAE0A%2D05BFD08043271274%23cfid%3D40495131%23
sso.markelinsurance.com/ Name: Maverick_External_Prod
Value: 126304522.20480.0000
sso.markelinsurance.com/ Name: BIGipServer
Value: 126304522.20480.0000
.markelinsurance.com/ Name: WCXSID
Value: 2752431096286467077283819837

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=-1435328; includeSubDomains