Submitted URL: http://xn--allstatinvstmnts-uccdd.com/
Effective URL: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Submission: On February 08 via api from US — Scanned from DE

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 24 HTTP transactions. The main IP is 167.127.209.209, located in United States and belongs to ALLSTATE-INSURANCE-CO, US. The main domain is www.allstateinvestments.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on October 7th 2021. Valid for: a year.
This is the only time www.allstateinvestments.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.217.251.129 16509 (AMAZON-02)
17 167.127.209.209 11520 (ALLSTATE-...)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 3 34.255.158.76 16509 (AMAZON-02)
2 13.36.218.177 16509 (AMAZON-02)
2 52.50.112.53 16509 (AMAZON-02)
24 5
Apex Domain
Subdomains
Transfer
17 allstateinvestments.com
www.allstateinvestments.com
1 MB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205
allstate.demdex.net
10 KB
3 allstate.com
www.allstate.com — Cisco Umbrella Rank: 106825
smetrics.allstate.com — Cisco Umbrella Rank: 96523
40 KB
1 xn--allstatinvstmnts-uccdd.com
xn--allstatinvstmnts-uccdd.com
237 B
24 4
Domain Requested by
17 www.allstateinvestments.com www.allstateinvestments.com
3 dpm.demdex.net 1 redirects www.allstateinvestments.com
www.allstate.com
2 allstate.demdex.net www.allstate.com
2 smetrics.allstate.com www.allstate.com
1 www.allstate.com www.allstateinvestments.com
1 xn--allstatinvstmnts-uccdd.com 1 redirects
24 6

This site contains links to these domains. Also see Links.

Domain
allstate.com
www.allstate.com
Subject Issuer Validity Valid
*.allstateinvestments.com
Entrust Certification Authority - L1K
2021-10-07 -
2022-11-06
a year crt.sh
www.allstate.com
Entrust Certification Authority - L1M
2022-01-11 -
2022-05-31
5 months crt.sh
smetrics.allstate.com
Entrust Certification Authority - L1K
2021-10-01 -
2022-10-31
a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-19 -
2022-11-19
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Frame ID: 9F319911C7F49812426FB54C322E370C
Requests: 22 HTTP requests in this frame

Frame: https://allstate.demdex.net/dest5.html?d_nsid=0
Frame ID: C9431343340C6458E6C39B02753B6056
Requests: 1 HTTP requests in this frame

Frame: https://allstate.demdex.net/dest5.html?d_nsid=1
Frame ID: 996784679699EE75A6C771FCF2DED304
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Allstate Investments

Page URL History Show full URLs

  1. http://xn--allstatinvstmnts-uccdd.com/ HTTP 301
    https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments Page URL

Page Statistics

24
Requests

96 %
HTTPS

17 %
IPv6

4
Domains

6
Subdomains

5
IPs

4
Countries

1561 kB
Transfer

2232 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xn--allstatinvstmnts-uccdd.com/ HTTP 301
    https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://dpm.demdex.net/id?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1644290131093 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1644290131093

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.allstateinvestments.com/
Redirect Chain
  • http://xn--allstatinvstmnts-uccdd.com/
  • https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
13 KB
4 KB
Document
General
Full URL
https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
a2f4f8bc862d8b85f5dd97a2dd0c982678f380566276605caf4b82a19dcd4b1e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 18:31:36 GMT
Accept-Ranges
bytes
ETag
"0344a28abf2d71:0"
Vary
Accept-Encoding
Server
X-Powered-By
ASP.NET
Date
Tue, 08 Feb 2022 03:15:30 GMT
Content-Length
4060

Redirect headers

Content-Type
text/html; charset=utf-8
Location
https://www.allstateinvestments.com?CID=OTC-DNSR-GR-120523&att=investments
Date
Tue, 08 Feb 2022 03:15:29 GMT
Content-Length
113
Connection
close
main.css
www.allstateinvestments.com/styles/
156 KB
28 KB
Stylesheet
General
Full URL
https://www.allstateinvestments.com/styles/main.css
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
a44a8e9df3924a10636a38be169c202988ac1612fd75f7d74d4eec697708f32f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 03:15:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 18:31:36 GMT
Server
X-Powered-By
ASP.NET
ETag
"0344a28abf2d71:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
28728
bundle.js
www.allstateinvestments.com/scripts/
628 KB
212 KB
Script
General
Full URL
https://www.allstateinvestments.com/scripts/bundle.js
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
9a669c008ffa67a6be879bfaa8ce99bd49a3448f981abda382a0597c10310b6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 03:15:30 GMT
Content-Encoding
gzip
ETag
"0344a28abf2d71:0"
Last-Modified
Thu, 16 Dec 2021 18:31:36 GMT
Server
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Accept-Ranges
bytes
tipuesearch_set.js
www.allstateinvestments.com/scripts/tipuesearch/
3 KB
1 KB
Script
General
Full URL
https://www.allstateinvestments.com/scripts/tipuesearch/tipuesearch_set.js
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
30269619f42eef2b2dea0f8497519602049902560a8360cfdc185d30658b2019

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 03:15:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 18:31:36 GMT
Server
X-Powered-By
ASP.NET
ETag
"0344a28abf2d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1226
tipuesearch.js
www.allstateinvestments.com/scripts/tipuesearch/
33 KB
6 KB
Script
General
Full URL
https://www.allstateinvestments.com/scripts/tipuesearch/tipuesearch.js
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e3133a2131c8f501303245b1952faa937510880659c4a274d7ce91a60264ec43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 03:15:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 18:31:36 GMT
Server
X-Powered-By
ASP.NET
ETag
"0344a28abf2d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5559
s_code.js
www.allstate.com/resources/scripts/
127 KB
39 KB
Script
General
Full URL
https://www.allstate.com/resources/scripts/s_code.js
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:38d::2af4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / Electricity - Powering Stuff Since 1879
Resource Hash
f223d45e5b14d24f485821461e85b0ef7fcf088ae52a7f6a9d44369cbe1c33ee
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options *.encompassinsurance.com; *.encompassinsured.com
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allstateinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 03:15:30 GMT
content-encoding
br
x-content-type-options
nosniff
x-powered-by
Electricity - Powering Stuff Since 1879
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
39158
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Sun, 16 Jan 2022 07:42:39 GMT
server
Akamai Resource Optimizer
x-frame-options
*.encompassinsurance.com; *.encompassinsured.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
application/javascript
cache-control
public, max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 10 Mar 2022 03:15:30 GMT
allstate-investments-logo.png
www.allstateinvestments.com/images/
251 KB
251 KB
Image
General
Full URL
https://www.allstateinvestments.com/images/allstate-investments-logo.png
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
6985e9588985356bdd85672cdd741394e7bb37c31127258bf68a5372830317b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 03:15:30 GMT
Last-Modified
Thu, 16 Dec 2021 18:31:36 GMT
Server
X-Powered-By
ASP.NET
ETag
"0344a28abf2d71:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
256711
home.jpg
www.allstateinvestments.com/images/hero/
322 KB
322 KB
Image
General
Full URL
https://www.allstateinvestments.com/images/hero/home.jpg
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
c8f1c7d53bd262aba5de385563efa48db78f3a5eeef29f32b753a475f3f394b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 03:15:30 GMT
Last-Modified
Thu, 16 Dec 2021 18:31:36 GMT
Server
X-Powered-By
ASP.NET
ETag
"0344a28abf2d71:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
329477
home2.jpg
www.allstateinvestments.com/images/hero/
463 KB
463 KB
Image
General
Full URL
https://www.allstateinvestments.com/images/hero/home2.jpg
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
fb3c815d3cd1552b52cf3c84ed4c99fc99c911d4a77085672c7bad2e07d2bedb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 03:15:31 GMT
Last-Modified
Thu, 16 Dec 2021 18:31:36 GMT
Server
X-Powered-By
ASP.NET
ETag
"0344a28abf2d71:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
473786
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1644290131093
  • https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1644290131093
217 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1644290131093
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Protocol
HTTP/1.1
Server
34.255.158.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-158-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5e9d487382aaf32a9cc95fa852ed7c54f5531a147c4c2f9e0c0619ddfb03fe95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allstateinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v027-0213a5377.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
FHyoQwdVQJc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.allstateinvestments.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
210
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v027-0faf5f5c7.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://www.allstateinvestments.com
X-TID
RHfKg74qQQU=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1644290131093
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
allstatesansw-light.woff
www.allstateinvestments.com/fonts/
38 KB
39 KB
Font
General
Full URL
https://www.allstateinvestments.com/fonts/allstatesansw-light.woff
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/styles/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
9d0eb6f6a9838956f3069aa12026651f036a7e13a8d7172e59ddf7866f3145bb

Request headers

Referer
https://www.allstateinvestments.com/styles/main.css
Origin
https://www.allstateinvestments.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 03:15:31 GMT
Last-Modified
Thu, 16 Dec 2021 18:31:36 GMT
Server
X-Powered-By
ASP.NET
ETag
"0344a28abf2d71:0"
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
39384
white-nav-bg.png
www.allstateinvestments.com/images/
1 KB
1 KB
Image
General
Full URL
https://www.allstateinvestments.com/images/white-nav-bg.png
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/styles/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
84f787aa13b7e11860d581aded506cc48c320f2a29bc405283813de5728a7b52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allstateinvestments.com/styles/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 03:15:31 GMT
Last-Modified
Thu, 16 Dec 2021 18:31:36 GMT
Server
X-Powered-By
ASP.NET
ETag
"0344a28abf2d71:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1279
white-nav-notch-bg.png
www.allstateinvestments.com/images/
2 KB
2 KB
Image
General
Full URL
https://www.allstateinvestments.com/images/white-nav-notch-bg.png
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/styles/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
0a4b26e6abb2c8b9744b2ad468c4dcf64e7c941a4fc2bb2c255b124467c24c35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allstateinvestments.com/styles/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 03:15:31 GMT
Last-Modified
Thu, 16 Dec 2021 18:31:36 GMT
Server
X-Powered-By
ASP.NET
ETag
"0344a28abf2d71:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2175
allstatesansw-medium.woff
www.allstateinvestments.com/fonts/
38 KB
38 KB
Font
General
Full URL
https://www.allstateinvestments.com/fonts/allstatesansw-medium.woff
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/styles/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
d9d7879499422cc450ecac8eec3e7b02c8c7ae0474937c40b8c1ef221e7f6bdb

Request headers

Referer
https://www.allstateinvestments.com/styles/main.css
Origin
https://www.allstateinvestments.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 03:15:31 GMT
Last-Modified
Thu, 16 Dec 2021 18:31:36 GMT
Server
X-Powered-By
ASP.NET
ETag
"0344a28abf2d71:0"
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
38712
icons.woff
www.allstateinvestments.com/fonts/
3 KB
3 KB
Font
General
Full URL
https://www.allstateinvestments.com/fonts/icons.woff?84881092
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/styles/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
0a0d4a8b8a5e34f10e235bb8a6a383c46e75a1f4bd486ca11eb0a801ca11269f

Request headers

Referer
https://www.allstateinvestments.com/styles/main.css
Origin
https://www.allstateinvestments.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 03:15:31 GMT
Last-Modified
Thu, 16 Dec 2021 18:31:36 GMT
Server
X-Powered-By
ASP.NET
ETag
"0344a28abf2d71:0"
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
2636
allstatesansw-regular.woff
www.allstateinvestments.com/fonts/
38 KB
38 KB
Font
General
Full URL
https://www.allstateinvestments.com/fonts/allstatesansw-regular.woff
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/styles/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
834461ec6350b62b44a6dea9ce12cad25411e0baf62308213384f7055961ccd8

Request headers

Referer
https://www.allstateinvestments.com/styles/main.css
Origin
https://www.allstateinvestments.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 03:15:31 GMT
Last-Modified
Thu, 16 Dec 2021 18:31:36 GMT
Server
X-Powered-By
ASP.NET
ETag
"0344a28abf2d71:0"
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
38464
allstatesansw-bold.woff
www.allstateinvestments.com/fonts/
45 KB
45 KB
Font
General
Full URL
https://www.allstateinvestments.com/fonts/allstatesansw-bold.woff
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/styles/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
8ec28d145fd22007860bcc424814e90b519ae03e1e7d73d550782a9528b1b0ef

Request headers

Referer
https://www.allstateinvestments.com/styles/main.css
Origin
https://www.allstateinvestments.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 03:15:31 GMT
Last-Modified
Thu, 16 Dec 2021 18:31:36 GMT
Server
X-Powered-By
ASP.NET
ETag
"0344a28abf2d71:0"
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
45716
allstatesansw-regularitalic.woff
www.allstateinvestments.com/fonts/
42 KB
42 KB
Font
General
Full URL
https://www.allstateinvestments.com/fonts/allstatesansw-regularitalic.woff
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/styles/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
15eaaddc26214a480500a6488a7e171492f5a516c9b29893c85ff5f36951530d

Request headers

Referer
https://www.allstateinvestments.com/styles/main.css
Origin
https://www.allstateinvestments.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 03:15:31 GMT
Last-Modified
Thu, 16 Dec 2021 18:31:36 GMT
Server
X-Powered-By
ASP.NET
ETag
"0344a28abf2d71:0"
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
43036
bios.json
www.allstateinvestments.com/scripts/data/
17 KB
17 KB
XHR
General
Full URL
https://www.allstateinvestments.com/scripts/data/bios.json
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/scripts/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
61e335a149d37b24b303ad38768b28764e7b08e89387596ebb261b551ef9ad3a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 03:15:31 GMT
Last-Modified
Thu, 16 Dec 2021 18:31:36 GMT
Server
X-Powered-By
ASP.NET
ETag
"0344a28abf2d71:0"
Content-Type
application/json
Accept-Ranges
bytes
Content-Length
16929
id
smetrics.allstate.com/
89 B
665 B
XHR
General
Full URL
https://smetrics.allstate.com/id?d_visid_ver=2.0.0&d_fieldgroup=A&mcorgid=97021C8B53295DF30A490D4D%40AdobeOrg&mid=32983521480272484301005584405047208451&ts=1644290131465
Requested by
Host: www.allstate.com
URL: https://www.allstate.com/resources/scripts/s_code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
459256ef608aff0f07ae0e574573e153438134cbf71fa0f4b5cc6b489cdfeb6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.allstateinvestments.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 08 Feb 2022 03:15:31 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-cdfbd77b-jvrp8
vary
Origin
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.allstateinvestments.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
89
x-xss-protection
1; mode=block
id
dpm.demdex.net/
217 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=2.0.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&d_mid=32983521480272484301005584405047208451&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%013100F029E59C663B-40000CB150D40904&ts=1644290131596
Requested by
Host: www.allstate.com
URL: https://www.allstate.com/resources/scripts/s_code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.158.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-158-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e29e5f37b8ea35f15c222e22d0cca383bcc233c488d0ada403ae3457c59e9448
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.allstateinvestments.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v027-069e5a96a.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
016W73NmSKY=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.allstateinvestments.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
211
Expires
Thu, 01 Jan 1970 00:00:00 UTC
s94666202414752
smetrics.allstate.com/b/ss/allstateglobal,allstateinvestments/10/JS-2.0.0/
111 B
271 B
Script
General
Full URL
https://smetrics.allstate.com/b/ss/allstateglobal,allstateinvestments/10/JS-2.0.0/s94666202414752?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=8%2F1%2F2022%203%3A15%3A31%202%200&d.&nsid=1&jsonv=1&.d&mid=32983521480272484301005584405047208451&aid=3100F029E59C663B-40000CB150D40904&aamlh=6&ce=UTF-8&ns=allstate&pageName=%2FInvestments%2FHome&g=https%3A%2F%2Fwww.allstateinvestments.com%2F%3FCID%3DOTC-DNSR-GR-120523%26att%3Dinvestments&c.&vidAPICheck=VisitorAPI%20Present&.c&cc=USD&ch=%2FInvestments%2F&server=www.allstateinvestments.com&v0=OTC-DNSR-GR-120523%3Ainvestments&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v3=%2FInvestments%2FHome&c10=1600%7C1200%7C1920000%7CLandscape&v10=1600%7C1200%7C1920000%7CLandscape&c28=MCID2.0%7CAppMeasurement2.0%7C20170801&c31=%2FInvestments%2FHome%7Chttps%3A%2F%2Fwww.allstateinvestments.com%2F%3Fcid%3Dotc-dnsr-gr-120523%26att%3Dinvestments&c34=D%3DUser-Agent&c36=New&v45=New&v49=D%3DUser-Agent&c50=allstateglobal%2Callstateinvestments&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: www.allstate.com
URL: https://www.allstate.com/resources/scripts/s_code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
6c3a58ae23ab3df841355eb71a083e5abd057c42c93f6639906f6fd767c5b072
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.allstateinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 03:15:31 GMT
x-content-type-options
nosniff
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
vary
*
content-length
111
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 09 Feb 2022 03:15:31 GMT
server
jag
xserver
anedge-cdfbd77b-4qwd7
etag
3531086169304006656-4619608930279985909
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Mon, 07 Feb 2022 03:15:31 GMT
dest5.html
allstate.demdex.net/ Frame C943
7 KB
3 KB
Document
General
Full URL
https://allstate.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.allstate.com
URL: https://www.allstate.com/resources/scripts/s_code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.112.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-112-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.allstateinvestments.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Tue, 8 Feb 2022 03:15:33 GMT
DCS
dcs-prod-irl1-2-v027-0f5471d2c.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Wed, 19 Jan 2022 14:18:45 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
lQM/QmnwScQ=
transfer-encoding
chunked
Connection
keep-alive
dest5.html
allstate.demdex.net/ Frame 9967
7 KB
3 KB
Document
General
Full URL
https://allstate.demdex.net/dest5.html?d_nsid=1
Requested by
Host: www.allstate.com
URL: https://www.allstate.com/resources/scripts/s_code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.112.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-112-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.allstateinvestments.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Tue, 8 Feb 2022 03:15:33 GMT
DCS
dcs-prod-irl1-1-v027-09de5dfea.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Wed, 19 Jan 2022 13:28:58 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
8tFya787TgM=
transfer-encoding
chunked
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| jQuery object| tipuesearch_pages object| tipuesearch_stop_words object| tipuesearch_replace object| tipuesearch_weight object| tipuesearch_stem string| tipuesearch_string_1 string| tipuesearch_string_2 string| tipuesearch_string_3 string| tipuesearch_string_4 string| tipuesearch_string_5 string| tipuesearch_string_6 string| tipuesearch_string_7 string| tipuesearch_string_8 string| tipuesearch_string_9 string| tipuesearch_string_10 string| tipuesearch_string_11 string| tipuesearch_string_12 string| tipuesearch_string_13 string| s_account function| Visitor object| visitor object| s function| _scPV string| sc_hitType function| _scLV function| returnLinkDomains function| crossDomainClick function| s_doPlugins function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| c_r function| c_rspers function| c_w object| s_c_il number| s_c_in function| DIL number| s_objectID number| s_giq undefined| s_code function| cycleHeroImage string| j object| s_i_allstateglobal_allstateinvestments

5 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 25926594290429627060272589266954036287
.allstateinvestments.com/ Name: AMCVS_97021C8B53295DF30A490D4D%40AdobeOrg
Value: 1
.allstateinvestments.com/ Name: AMCV_97021C8B53295DF30A490D4D%40AdobeOrg
Value: 2096510701%7CMCIDTS%7C19032%7CMCMID%7C32983521480272484301005584405047208451%7CMCAAMLH-1644894931%7C6%7CMCAAMB-1644894931%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1644297331s%7CNONE%7CMCAID%7C3100F029E59C663B-40000CB150D40904%7CvVersion%7C2.0.0
.allstateinvestments.com/ Name: s_pers
Value: %20gpv_pn%3D%252FInvestments%252FHome%7C1644291931633%3B%20s_getNewRepeat%3D1644290131636-New%7C1646882131636%3B
.allstateinvestments.com/ Name: s_sess
Value: %20SC_LINKS%3D%3B%20s_cc%3Dtrue%3B

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

allstate.demdex.net
dpm.demdex.net
smetrics.allstate.com
www.allstate.com
www.allstateinvestments.com
xn--allstatinvstmnts-uccdd.com
13.36.218.177
167.127.209.209
18.217.251.129
2a02:26f0:1700:38d::2af4
34.255.158.76
52.50.112.53
0a0d4a8b8a5e34f10e235bb8a6a383c46e75a1f4bd486ca11eb0a801ca11269f
0a4b26e6abb2c8b9744b2ad468c4dcf64e7c941a4fc2bb2c255b124467c24c35
15eaaddc26214a480500a6488a7e171492f5a516c9b29893c85ff5f36951530d
30269619f42eef2b2dea0f8497519602049902560a8360cfdc185d30658b2019
459256ef608aff0f07ae0e574573e153438134cbf71fa0f4b5cc6b489cdfeb6f
5e9d487382aaf32a9cc95fa852ed7c54f5531a147c4c2f9e0c0619ddfb03fe95
61e335a149d37b24b303ad38768b28764e7b08e89387596ebb261b551ef9ad3a
6985e9588985356bdd85672cdd741394e7bb37c31127258bf68a5372830317b4
6c3a58ae23ab3df841355eb71a083e5abd057c42c93f6639906f6fd767c5b072
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
834461ec6350b62b44a6dea9ce12cad25411e0baf62308213384f7055961ccd8
84f787aa13b7e11860d581aded506cc48c320f2a29bc405283813de5728a7b52
8ec28d145fd22007860bcc424814e90b519ae03e1e7d73d550782a9528b1b0ef
9a669c008ffa67a6be879bfaa8ce99bd49a3448f981abda382a0597c10310b6a
9d0eb6f6a9838956f3069aa12026651f036a7e13a8d7172e59ddf7866f3145bb
a2f4f8bc862d8b85f5dd97a2dd0c982678f380566276605caf4b82a19dcd4b1e
a44a8e9df3924a10636a38be169c202988ac1612fd75f7d74d4eec697708f32f
c8f1c7d53bd262aba5de385563efa48db78f3a5eeef29f32b753a475f3f394b7
d9d7879499422cc450ecac8eec3e7b02c8c7ae0474937c40b8c1ef221e7f6bdb
e29e5f37b8ea35f15c222e22d0cca383bcc233c488d0ada403ae3457c59e9448
e3133a2131c8f501303245b1952faa937510880659c4a274d7ce91a60264ec43
f223d45e5b14d24f485821461e85b0ef7fcf088ae52a7f6a9d44369cbe1c33ee
fb3c815d3cd1552b52cf3c84ed4c99fc99c911d4a77085672c7bad2e07d2bedb