urlscan.io logo urlscan.io
SecurityTrails logo

170.218.208.135 Open in urlscan Pro
170.218.208.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://170.218.208.135/
Effective URL: https://170.218.208.135/employeelogin/login/?ReturnUrl=%2f
Submission: On July 03 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 5 HTTP transactions. The main IP is 170.218.208.135, located in Cleveland, United States and belongs to PROGRESSIVE-AS - Progressive Casualty Insurance Companies, US. The main domain is 170.218.208.135.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 12th 2017. Valid for: 2 years.
This is the only time 170.218.208.135 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 4 170.218.208.135 11740 (PROGRESSI...)
4 104.108.57.91 16625 (AKAMAI-AS)
5 2
Apex Domain
Subdomains		 Transfer
4 progressive.com
perf-www.qa.progressive.com
60 KB
5 1
Domain Requested by
4 perf-www.qa.progressive.com 170.218.208.135
5 1

This site contains no links.

Subject Issuer Validity Valid
*.qa.progressive.com
DigiCert SHA2 Secure Server CA		 2017-12-12 -
2019-12-13		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://170.218.208.135/employeelogin/login/?ReturnUrl=%2f
Frame ID: 31B058155A87C9D0D35BCC72950B3F19
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://170.218.208.135/ HTTP 302
    http://170.218.208.135/employeelogin/Login/?ReturnUrl=%2f HTTP 301
    http://170.218.208.135/employeelogin/login/?ReturnUrl=%2f HTTP 301
    https://170.218.208.135/employeelogin/login/?ReturnUrl=%2f Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

5
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

2
Countries

64 kB
Transfer

134 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://170.218.208.135/ HTTP 302
    http://170.218.208.135/employeelogin/Login/?ReturnUrl=%2f HTTP 301
    http://170.218.208.135/employeelogin/login/?ReturnUrl=%2f HTTP 301
    https://170.218.208.135/employeelogin/login/?ReturnUrl=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
170.218.208.135/employeelogin/login/
Redirect Chain
  • http://170.218.208.135/
  • http://170.218.208.135/employeelogin/Login/?ReturnUrl=%2f
  • http://170.218.208.135/employeelogin/login/?ReturnUrl=%2f
  • https://170.218.208.135/employeelogin/login/?ReturnUrl=%2f
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://170.218.208.135/employeelogin/login/?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
170.218.208.135 Cleveland, United States, ASN11740 (PROGRESSIVE-AS - Progressive Casualty Insurance Companies, US),
Reverse DNS
3q10prg37f7764lo.progressive.com
Software
/
Resource Hash
e91614e9c0f44c29d2fa34a66292d9bb5c435870cf4f4ef9595686cfd5cf055a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
170.218.208.135
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
f5_cspm=1234; TLTSID=2045838D42786C6DCC3844AA7DAC3F74; TLTUID=2045838D42786C6DCC3844AA7DAC3F74; f5_cspm=1234
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
31B058155A87C9D0D35BCC72950B3F19

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Set-Cookie
SLAVESS=ID=c030c36cc11a434bad9e661a9894d43e; domain=208.135; expires=Thu, 03-Jul-2053 21:02:53 GMT; path=/ SLAVESS=ID=c030c36cc11a434bad9e661a9894d43e; domain=208.135; expires=Thu, 03-Jul-2053 21:02:53 GMT; path=/ cli_attr=MOBILE_IND=N&DEVICE_TYP=Google Chrome&MATCH=Y&OS_TYP=Desktop 0&BROWSER_TYP=Chrome Desktop 67.0&OVERRIDE_MOBILE_IND=N&TABLET_IND=N; domain=.progressive.com; path=/ CurrentUser=true; domain=.progressive.com; path=/ UserHistory=UserSource=&UserKeywords=&UserCode=&UserVisitCount=1&UserLastVisitDate=7/3/2018&UserDaysSinceLastVisit=0; domain=.progressive.com; expires=Sun, 30-Dec-2018 22:02:54 GMT; path=/ VisitorDataCaptureCookie=7/3/2018 5:02:54 PM; domain=.progressive.com; expires=Tue, 03-Jul-2018 21:32:54 GMT; path=/ f5_cspm=1234;
HostName
EPGR74
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
PGRXProtocol
443
Date
Tue, 03 Jul 2018 21:02:54 GMT
Content-Length
2754
Vary
Accept-Encoding
Content-Encoding
gzip
Connection
Keep-Alive

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://170.218.208.135/employeelogin/login/?ReturnUrl=%2f
HostName
EPGR74
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
PGRXProtocol
80
Date
Tue, 03 Jul 2018 21:02:52 GMT
Content-Length
968
Set-Cookie
f5_cspm=1234;
Vary
Accept-Encoding
Content-Encoding
gzip
Connection
Keep-Alive
jquery-3.3.1.min.js
perf-www.qa.progressive.com/js/cdn/jquery/ 		85 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perf-www.qa.progressive.com/js/cdn/jquery/jquery-3.3.1.min.js
Requested by
Host: 170.218.208.135
URL: https://170.218.208.135/employeelogin/login/?ReturnUrl=%2f
Protocol
SPDY
Server
104.108.57.91 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-57-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://170.218.208.135/employeelogin/login/?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 03 Jul 2018 21:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
40599
x-xss-protection
1; mode=block
last-modified
Mon, 22 Jan 2018 16:31:38 GMT
x-frame-options
SAMEORIGIN
etag
"091b6799e93d31:0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
private, max-age=86400
hostname
EPGR80
accept-ranges
bytes
expires
Wed, 04 Jul 2018 21:02:55 GMT
json2.js
perf-www.qa.progressive.com/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perf-www.qa.progressive.com/js/json2.js
Requested by
Host: 170.218.208.135
URL: https://170.218.208.135/employeelogin/login/?ReturnUrl=%2f
Protocol
SPDY
Server
104.108.57.91 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-57-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
325fbbca29fc8d3fda926e3a94b7f1c037d7535cc1dec726e6dcc9dd1b019e8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://170.218.208.135/employeelogin/login/?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 03 Jul 2018 21:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
7223
x-xss-protection
1; mode=block
last-modified
Sun, 17 Feb 2013 19:51:49 GMT
x-frame-options
SAMEORIGIN
etag
"80b8453948dce1:0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
private, max-age=300
hostname
EPGR80
accept-ranges
bytes
expires
Tue, 03 Jul 2018 21:07:55 GMT
utils.js
perf-www.qa.progressive.com/js/core/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perf-www.qa.progressive.com/js/core/utils.js
Requested by
Host: 170.218.208.135
URL: https://170.218.208.135/employeelogin/login/?ReturnUrl=%2f
Protocol
SPDY
Server
104.108.57.91 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-57-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dad864e445288a79020650dce05d4c124b669e5427d5aa84355672cfabdd6d4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://170.218.208.135/employeelogin/login/?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 03 Jul 2018 21:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
7713
x-xss-protection
1; mode=block
last-modified
Mon, 29 Jan 2018 20:27:48 GMT
x-frame-options
SAMEORIGIN
etag
"95e33a13f99d31:0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=300
hostname
EPGR80
accept-ranges
bytes
expires
Tue, 03 Jul 2018 21:07:55 GMT
prog-logo.png
perf-www.qa.progressive.com/Content/images/Prog/WebGuard/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf-www.qa.progressive.com/Content/images/Prog/WebGuard/prog-logo.png
Requested by
Host: 170.218.208.135
URL: https://170.218.208.135/employeelogin/login/?ReturnUrl=%2f
Protocol
SPDY
Server
104.108.57.91 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-57-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e7c693df7dfedf653ee44e9422edad6e711e5b1fafcb3795cbd510da096ac95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://170.218.208.135/employeelogin/login/?ReturnUrl=%2f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 03 Jul 2018 21:02:55 GMT
x-content-type-options
nosniff
last-modified
Sat, 16 Mar 2013 18:49:01 GMT
status
200
etag
"80cc85ec7622ce1:0"
x-frame-options
SAMEORIGIN
content-type
image/png
hostname
EPGR80
cache-control
private, max-age=300
accept-ranges
bytes
content-length
4441
x-xss-protection
1; mode=block
expires
Tue, 03 Jul 2018 21:07:55 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| domainCategory string| domainName function| HandleException function| AddHiddenField function| PersonalizationTracking function| WebLogMultiple object| splunkTracker function| getSplunkObj object| _gaObj function| appendTrackId function| appendPartnerCode function| GA_Event function| TabNext object| progTimer object| pFn function| SetCookie function| GetCookieDomain function| GetCookie function| GetHtmlForExternalUse function| SafeAttributeValue function| Sleep function| updateUrlParameter function| SafeUnDecodedQueryString function| Login object| trackUtils

3 Cookies

Domain/Path Name / Value
170.218.208.135/ Name: TLTUID
Value: 2045838D42786C6DCC3844AA7DAC3F74
170.218.208.135/ Name: TLTSID
Value: 2045838D42786C6DCC3844AA7DAC3F74
170.218.208.135/employeelogin/login Name: f5_cspm
Value: 1234

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block