urlscan.io logo urlscan.io
SecurityTrails logo

myaccounts.allstate.com Open in urlscan Pro
167.127.115.52  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://l.service01.email-allstate.com/rts/go2.aspx?h=618360&tp=i-1NGB-A2-VEs-2RBZXd-1z-6Re0L-1c-21CE03-l7Baj8dlwk-gKZe5&x=myaccounts.a...
Effective URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Submission: On February 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 21 HTTP transactions. The main IP is 167.127.115.52, located in United States and belongs to ALLSTATE-INSURANCE-CO, US. The main domain is myaccounts.allstate.com. The Cisco Umbrella rank of the primary domain is 195632.
TLS certificate: Issued by Entrust Certification Authority - L1K on August 2nd 2021. Valid for: a year.
This is the only time myaccounts.allstate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 63.148.46.72 53316 (ASN-CHEET...)
7 167.127.115.52 11520 (ALLSTATE-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
3 35.163.235.176 16509 (AMAZON-02)
1 3 54.220.215.179 16509 (AMAZON-02)
2 13.36.218.177 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
21 11
1    63.148.46.72 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: rts.eccmp.com
l.service01.email-allstate.com
7    167.127.115.52 (United States)

ASN11520 (ALLSTATE-INSURANCE-CO, US)
myaccounts.allstate.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a02:26f0:6c00:299::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    2a02:26f0:1700:38d::2af4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
resources.allstate.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    35.163.235.176 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-235-176.us-west-2.compute.amazonaws.com
dispawsusva.inmoment.com
3    54.220.215.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-215-179.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
smetrics.allstate.com
1    2600:9000:2156:6400:1c:3dc0:7500:93a1 (United States)

ASN16509 (AMAZON-02, US)
intercept-client.inmoment.com
Apex Domain
Subdomains		 Transfer
10 allstate.com
myaccounts.allstate.com — Cisco Umbrella Rank: 195632
resources.allstate.com — Cisco Umbrella Rank: 75224
smetrics.allstate.com — Cisco Umbrella Rank: 73869
725 KB
4 inmoment.com
dispawsusva.inmoment.com — Cisco Umbrella Rank: 16224
intercept-client.inmoment.com — Cisco Umbrella Rank: 18609
54 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 187
3 KB
2 gstatic.com
fonts.gstatic.com
37 KB
1 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 505
22 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197
28 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 email-allstate.com
l.service01.email-allstate.com — Cisco Umbrella Rank: 284208
447 B
21 8
Domain Requested by
7 myaccounts.allstate.com myaccounts.allstate.com
3 dpm.demdex.net 1 redirects myaccounts.allstate.com
resources.allstate.com
3 dispawsusva.inmoment.com myaccounts.allstate.com
intercept-client.inmoment.com
2 smetrics.allstate.com resources.allstate.com
2 fonts.gstatic.com fonts.googleapis.com
1 intercept-client.inmoment.com dispawsusva.inmoment.com
1 resources.allstate.com assets.adobedtm.com
1 assets.adobedtm.com myaccounts.allstate.com
1 cdnjs.cloudflare.com myaccounts.allstate.com
1 fonts.googleapis.com myaccounts.allstate.com
1 l.service01.email-allstate.com 1 redirects
21 11

This site contains links to these domains. Also see Links.

Domain
www.allstate.com
info.evidon.com
Subject Issuer Validity Valid
myaccounts.allstate.com
Entrust Certification Authority - L1K		 2021-08-02 -
2022-08-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
www.allstate.com
Entrust Certification Authority - L1M		 2022-01-11 -
2022-05-31		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.inmoment.com
Entrust Certification Authority - L1K		 2021-08-26 -
2022-09-25		 a year crt.sh
smetrics.allstate.com
Entrust Certification Authority - L1K		 2021-10-01 -
2022-10-31		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Frame ID: 6F08C1CC1F551F3B593CA8158EA343A6
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Allstate - MyClaim® Allstate Insurance

Page URL History Show full URLs

  1. http://l.service01.email-allstate.com/rts/go2.aspx?h=618360&tp=i-1NGB-A2-VEs-2RBZXd-1z-6Re0L-1c-21CE03-l7Baj8dlwk-... HTTP 302
    https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E-- Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

95 %
HTTPS

55 %
IPv6

8
Domains

11
Subdomains

11
IPs

4
Countries

870 kB
Transfer

2397 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://l.service01.email-allstate.com/rts/go2.aspx?h=618360&tp=i-1NGB-A2-VEs-2RBZXd-1z-6Re0L-1c-21CE03-l7Baj8dlwk-gKZe5&x=myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&pl=QUNUSU9OPUNMQUlNfFBBUlRZPTA0ODYzMjUyNjIwMDAxNXxQT0w9MDAwOTUyODE5NjQxfENMTT0wMDA2NjAxNjY3MDN8UkVGVVJMPVZpZXdDbGFpbVN1bW1hcnk%3D&hh=dtqgHDk6j2O6mzTQIFCYYa3bmEJP22o%2FsstGnIlvJ3AzSwZsVCm%2FxsdNd5GqGGuqlbIMjsK13ErxLdOnTRfRcw%3D%3D&ec=Bd4Dg2tHyYSfuUDOvYf05gCvFpgqp4PzD23Fahq9NSslmZC8IhuaUnBtoRbjUXSu|P_CLAIMS_1969_AUTOSUBMITTED3RD_T|20210108| HTTP 302
    https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E-- Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1645641979782 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1645641979782

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ThirdPartyLogin
myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/
Redirect Chain
  • http://l.service01.email-allstate.com/rts/go2.aspx?h=618360&tp=i-1NGB-A2-VEs-2RBZXd-1z-6Re0L-1c-21CE03-l7Baj8dlwk-gKZe5&x=myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/Th...
  • https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
116 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.115.52 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1af0558f7fa0682fa5ed29f43b948def675f56d1e1e96e5c6a58eb2df8ac44c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
date
Wed, 23 Feb 2022 18:46:18 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
server
Microsoft-IIS/8.5
x-old-content-length
118273
x-frame-options
SAMEORIGIN
x-aspnetmvc-version
5.2
x-dynatrace-js-agent
true
cache-control
private,no-cache, no-store, max-age=0
x-powered-by
ASP.NET
x-aspnet-version
4.0.30319
strict-transport-security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Server
X-Powered-By
Date
Wed, 23 Feb 2022 18:46:17 GMT
Connection
close
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
943
dtagent_ICA_7000200271016.js
myaccounts.allstate.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccounts.allstate.com/dtagent_ICA_7000200271016.js
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.115.52 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/
Resource Hash
928c5eca6d13b56d5466aeda8780bef5a881b9ff087a7d5d624f5e01439392e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 18:46:18 GMT
Content-Encoding
gzip
pwd-time-left
Unknown
Vary
Accept-Encoding
tam-username
unauthenticated
p3p
CP="NON CUR OTPi OUR NOR UNI"
tam-operation
login
cache-control
no-store
Transfer-Encoding
chunked
tam-error-code
0x00000000
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
tam-error-text
HPDBA0521I Successful completion
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Allstate+Sans:300,300i,400,400i,500,500i,700,700i,800,800i&key=7gw5RZn4zm8X2MRJ
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc30f58dad8da5c928a5ab00f6dd4c3ef46a28fb54333fce541bfac310a6ed12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 23 Feb 2022 18:46:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 23 Feb 2022 18:46:18 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 18:46:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
511065
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
timing-allow-origin
*
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gj%2FWqea5ttR9n2JQj4MwVcvMizGTeYob9a0tXCxJHKCQLVkh%2Br8ZEiKNAhdRsq3gm%2Bs%2F5JjoQ9Vv%2FbHQQBq6FhTMg%2Fr3d0DkY1%2FjnZKIekzS23sdPZWhzR%2Bvg636VbZb9AkREjhykTVcJVQCXgcDT0Rf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e229dbfa9c03751-MXP
expires
Mon, 13 Feb 2023 18:46:18 GMT
status_css
myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/styles/ 		1 MB
383 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/styles/status_css?v=eV_SWLmfPodLS4sImQ2_1k1xRRJUgSiHlmpLJHq9zSs1
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.115.52 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ec729d75c3691cc8e9a9cf283900a99e0c64562a7560ff9cdfc97ac38ec2ac80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 18:46:18 GMT
Content-Encoding
gzip
etag
"1645641978:dtagent70002002710162nhS"
last-modified
Wed, 23 Feb 2022 18:46:17 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent, Accept-Encoding
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
public,max-age=0
Transfer-Encoding
chunked
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css; charset=utf-8
expires
Thu, 23 Feb 2023 18:46:18 GMT
launch-4a806fda3294.min.js
assets.adobedtm.com/d5ff4550c9ef/da22ea71bc01/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/d5ff4550c9ef/da22ea71bc01/launch-4a806fda3294.min.js
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9c8ec307137689fefa144f2bd62a06fb8afd2cd112e142e72575fa33c4f9b760

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 18:46:19 GMT
content-encoding
gzip
last-modified
Mon, 16 Aug 2021 16:49:35 GMT
server
AkamaiNetStorage
etag
"784f88e898ae58a1f808b41f18b39cfa:1629132575.594953"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
22515
expires
Wed, 23 Feb 2022 19:46:19 GMT
AdChoices.png
myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/images/AdChoices.png
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.115.52 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5939875d7db8dd9d2cb7cc9f0cf55fd36b406199050dc451e418c2f85dd7bf64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 18:46:18 GMT
etag
"0563eccee21d81:0"
last-modified
Mon, 14 Feb 2022 22:04:12 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=0
Transfer-Encoding
chunked
accept-ranges
bytes
content-type
image/png
status_js
myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/scripts/ 		621 KB
211 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/scripts/status_js?v=dJCtpxkpdbh1iDiMlT73BQe4azKEN_stHXnNToO8BkU1
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.115.52 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ac72740ad9aa9f05724272d373faec9e4af1b1c0d12f8441efb3566f9af148e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 18:46:18 GMT
Content-Encoding
gzip
etag
"1645641979:dtagent70002002710162nhS"
last-modified
Wed, 23 Feb 2022 18:46:18 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent, Accept-Encoding
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
public,max-age=0
Transfer-Encoding
chunked
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
expires
Thu, 23 Feb 2023 18:46:19 GMT
thirdparty.js
myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/scripts/components/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/scripts/components/thirdparty.js
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.115.52 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e8ad4491eb3bfcd4da6ce7d988dbbfb4bc7b6795d66195942ce4a0def4356843
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 18:46:18 GMT
etag
"0563eccee21d81:0"
last-modified
Mon, 14 Feb 2022 22:04:12 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=0
Transfer-Encoding
chunked
accept-ranges
bytes
content-type
application/javascript
s_code.js
resources.allstate.com/scripts/ 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.allstate.com/scripts/s_code.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d5ff4550c9ef/da22ea71bc01/launch-4a806fda3294.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:38d::2af4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
a8c59406e68572b00beb965de147118baa69757c24c4fe47a13dee0fc1b2ea3b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 18:46:19 GMT
content-encoding
br
last-modified
Tue, 18 Jan 2022 01:36:09 GMT
server
Akamai Resource Optimizer
x-powered-by
ASP.NET
etag
"8045969547cfd71:0"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
application/javascript
cache-control
max-age=576428
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
37421
expires
Wed, 02 Mar 2022 10:53:27 GMT
truncated
/ 		564 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8de0dcfdf17147c2a96776126fb9aa9fbaad8370a2c20d9ca681d68369de2901

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
allstatesansw-regular.woff
myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/fonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/fonts/allstatesansw-regular.woff
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/styles/status_css?v=eV_SWLmfPodLS4sImQ2_1k1xRRJUgSiHlmpLJHq9zSs1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.115.52 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
834461ec6350b62b44a6dea9ce12cad25411e0baf62308213384f7055961ccd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/styles/status_css?v=eV_SWLmfPodLS4sImQ2_1k1xRRJUgSiHlmpLJHq9zSs1
Origin
https://myaccounts.allstate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 18:46:19 GMT
etag
"0563eccee21d81:0:dtagent70002002710162nhS"
last-modified
Mon, 14 Feb 2022 22:04:11 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=0
Transfer-Encoding
chunked
accept-ranges
bytes
content-type
application/x-font-woff
font
fonts.gstatic.com/l/nFgi21cdObyPj4ADrEVfhg/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/nFgi21cdObyPj4ADrEVfhg/font?kit=GFD3WAp_g3SaSendXpV4ytwrKPg6YWQbaf1F&skey=d003ad37c76a3ecf&v=v1
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Allstate+Sans:300,300i,400,400i,500,500i,700,700i,800,800i&key=7gw5RZn4zm8X2MRJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2594290a5808f97dce17736afcd77367097a3810e1ae5d18c8069522214c302b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://myaccounts.allstate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 11:59:46 GMT
x-content-type-options
nosniff
age
24393
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17236
x-xss-protection
0
last-modified
Mon, 25 Apr 2016 15:52:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Wed, 23 Feb 2022 11:59:46 GMT
font
fonts.gstatic.com/l/nFgi21cdObyPj4ADrEVfhg/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/nFgi21cdObyPj4ADrEVfhg/font?kit=GFD3WAp_g3SaSendXpV4ytwrKLA8YWQbaf1F&skey=2f6a59d00f4d383f&v=v1
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Allstate+Sans:300,300i,400,400i,500,500i,700,700i,800,800i&key=7gw5RZn4zm8X2MRJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2cfad197471b194c8d17aa8324a508228cf363f620ef0f34d02b60efca154a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://myaccounts.allstate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 11:59:46 GMT
x-content-type-options
nosniff
age
24393
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19908
x-xss-protection
0
last-modified
Mon, 25 Apr 2016 15:52:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Wed, 23 Feb 2022 11:59:46 GMT
truncated
/ 		724 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4524a037e69e480b843b0ac6ac60e3d0c6f22bb5aa9cf5ac2f4c55342c29093

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
8olPEUIYbJCrHR3pyrKF1g==
dispawsusva.inmoment.com/intercept/v1/init/2658/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dispawsusva.inmoment.com/intercept/v1/init/2658/8olPEUIYbJCrHR3pyrKF1g==?testing=false
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.235.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-235-176.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
fa4b0f9822e1b1d64a343b15f59b3197bf987fac8737a3ddd100a2f268c23d4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 18:46:20 GMT
content-encoding
gzip
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=21600
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
897
x-request-id
7d344024-984d-4d67-a4be-e6665b28dcc3
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1645641979782
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1645641979782
217 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1645641979782
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
HTTP/1.1
Server
54.220.215.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-215-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bb856f30a36fe98da11380dfafbc6921afbe72df116a6f3d999ca5c86f8a65d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v028-0d02bd033.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
IG+UNDrmRAo=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://myaccounts.allstate.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
215
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v028-0d2a35883.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://myaccounts.allstate.com
X-TID
RwxKy7aaSQ8=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1645641979782
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
id
smetrics.allstate.com/ 		89 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.allstate.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=97021C8B53295DF30A490D4D%40AdobeOrg&mid=57575998937859708510691732655520373040&ts=1645641979959
Requested by
Host: resources.allstate.com
URL: https://resources.allstate.com/scripts/s_code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
5ee28734bcf69f8950c351f60e3137de3cc5a0c4232567b83a719dd0400e401f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 23 Feb 2022 18:46:19 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-cdfbd77b-dbc9c
vary
Origin
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://myaccounts.allstate.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
89
x-xss-protection
1; mode=block
id
dpm.demdex.net/ 		217 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&d_mid=57575998937859708510691732655520373040&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%01310B407DB9241FEF-60000B34D6B3C609&ts=1645641980016
Requested by
Host: resources.allstate.com
URL: https://resources.allstate.com/scripts/s_code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.215.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-215-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8f7e62922a76efd7cfc01d328904a7d51549350cba0692c7d05ee8cc60e4a583
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v028-094b2c1e4.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
lq7ER2wyS+c=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://myaccounts.allstate.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
214
Expires
Thu, 01 Jan 1970 00:00:00 UTC
intercept-client-v1.17.0.js
intercept-client.inmoment.com/ 		150 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intercept-client.inmoment.com/intercept-client-v1.17.0.js
Requested by
Host: dispawsusva.inmoment.com
URL: https://dispawsusva.inmoment.com/intercept/v1/init/2658/8olPEUIYbJCrHR3pyrKF1g==?testing=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6400:1c:3dc0:7500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ffd9394641d05e2ad4e1004d0fa2503505a257fb7fba8d64c13179e555be01c

Request headers

Referer
Origin
https://myaccounts.allstate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 12:04:03 GMT
content-encoding
gzip
last-modified
Fri, 06 Aug 2021 15:29:37 GMT
server
AmazonS3
age
14971338
etag
W/"7891b2410bc2afe06b3d3948c4b447f5"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
dL9AsURfAedkr2Sk-ddFxaxa9g9Xz9UnEYhEVFoWURLMjjqfrAKn2Q==
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
8olPEUIYbJCrHR3pyrKF1g==
dispawsusva.inmoment.com/intercept/v1/customJS/2658/ 		30 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dispawsusva.inmoment.com/intercept/v1/customJS/2658/8olPEUIYbJCrHR3pyrKF1g==?loadTestCustomJS=false
Requested by
Host: intercept-client.inmoment.com
URL: https://intercept-client.inmoment.com/intercept-client-v1.17.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.235.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-235-176.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
36dac023b9d971c9b0c4a7d32ed391597ae1e86bb97f8d43abba74594b806e14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 18:46:20 GMT
content-encoding
gzip
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=21600
x-envoy-upstream-service-time
1
Connection
keep-alive
transfer-encoding
chunked
x-request-id
78baab6b-eb46-4008-bc16-740caf00cbd0
s44265049535579
smetrics.allstate.com/b/ss/allstateglobal,allstateclaimsselfservice/1/JS-2.17.0-LBWB/ 		43 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.allstate.com/b/ss/allstateglobal,allstateclaimsselfservice/1/JS-2.17.0-LBWB/s44265049535579?AQB=1&ndh=1&pf=1&t=23%2F1%2F2022%2018%3A46%3A20%203%200&mid=57575998937859708510691732655520373040&aid=310B407DB9241FEF-60000B34D6B3C609&aamlh=6&ce=UTF-8&ns=allstate&pageName=claims%2Fstatus%2Fthirdparty%2Fthirdpartylogin&g=https%3A%2F%2Fmyaccounts.allstate.com%2FAllstateCTSThirdPartyCSWeb%2Fb%2FAnonPage%2FThirdParty%2FThirdPartyLogin%3F%26cid%3DEMC-C-E--&c.&vidAPICheck=VisitorAPI%20Present&.c&cc=USD&ch=claims%2Fstatus&server=empty&v0=EMC-C-E--&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v3=claims%2Fstatus%2Fthirdparty%2Fthirdpartylogin&v8=MyC%7C&c10=1600%7C1200%7C1920000%7CLandscape&v10=1600%7C1200%7C1920000%7CLandscape&v15=CSS%7C%7C%7C&c28=VisitorID5.2.0%7CAppMeasurement2.17.0%7C20211004&c31=claims%2Fstatus%2Fthirdparty%2Fthirdpartylogin%7Chttps%3A%2F%2Fmyaccounts.allstate.com%2Fallstatectsthirdpartycsweb%2Fb%2Fanonpage%2Fthirdparty%2Fthirdpartylogin%3F%26cid%3Demc-c-e--&c34=D%3DUser-Agent&c36=New&v40=44heh1jjnoqvn00ohpgnzc33&v45=New&v49=D%3DUser-Agent&c50=allstateglobal%2Callstateclaimsselfservice&v77=Wed%20Feb%2023%202022%2018%3A46%3A20&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=97021C8B53295DF30A490D4D%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 18:46:20 GMT
x-content-type-options
nosniff
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 24 Feb 2022 18:46:20 GMT
server
jag
xserver
anedge-cdfbd77b-4g6rl
etag
3533989242666811392-4619673308286705417
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 22 Feb 2022 18:46:20 GMT
8olPEUIYbJCrHR3pyrKF1g==
dispawsusva.inmoment.com/intercept/v1/2658/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dispawsusva.inmoment.com/intercept/v1/2658/8olPEUIYbJCrHR3pyrKF1g==?testing=false&cacheKey=DCQwZaVyaQDxBLxaKuVZsw
Requested by
Host: intercept-client.inmoment.com
URL: https://intercept-client.inmoment.com/intercept-client-v1.17.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.235.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-235-176.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
264ccb8f0eab2b810be00f44949b49983e342129bb26ac54aa2976d1697b56f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 18:46:20 GMT
content-encoding
gzip
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=3600
x-envoy-upstream-service-time
5
Connection
keep-alive
transfer-encoding
chunked
x-request-id
cff78efe-1afd-4559-bdab-7a3a8bd0d3ba
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b5247e86f2eb964174b65cd978dbd40075480f31c9ddce22cc3befce45d5682

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone function| $ function| jQuery object| _satellite boolean| __satelliteLoaded function| ClearSession function| getBaseURL function| ISAMLogout function| _toConsumableArray function| _slice object| fnol number| timerCountdown number| timerModalDelay undefined| timeoutModal string| cssUserType string| cssClaimNumber object| lua object| Modernizr object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley object| $fileUpload object| newEventSource object| newEventAction object| ChatAvailability object| TransactionError object| digitalData function| DataLayerFunction string| pathToAssets string| bar_gif string| float_gif string| loading_gif string| tab_1_gif string| bar_gif_retina string| float_gif_retina string| tab_1_gif_retina object| css string| customVars undefined| ClaimNumber undefined| ClaimID undefined| ClaimOffice undefined| ICSPartyID function| GetAccordianSelection function| Track object| OOo string| cssText function| e object| visitor object| s function| _scPV string| sc_hitType function| _scLV function| returnLinkDomains function| crossDomainClick function| setIntegrateModuleForDI function| s_doPlugins function| AppMeasurement_Module_Integrate function| AppMeasurement function| s_gi function| s_pgicq function| c_r function| c_rspers function| c_w object| adobe function| Visitor object| s_c_il number| s_c_in number| s_objectID number| s_giq boolean| imiInterceptClientLoaded function| handleLocalStorageOverrides object| IMI string| j object| s_i_allstateglobal_allstateclaimsselfservice object| im_data

13 Cookies

Domain/Path Name / Value
l.service01.email-allstate.com/ Name: ASP.NET_SessionId
Value: 1kc2bt0r4mqu1v1bta0yf4az
myaccounts.allstate.com/ Name: ASP.NET_SessionId
Value: 44heh1jjnoqvn00ohpgnzc33
myaccounts.allstate.com/ Name: __RequestVerificationToken_L0FsbHN0YXRlQ1RTVGhpcmRQYXJ0eUNTV2Vi0
Value: pl5zFrGWeAOvC3xWjla4vkMxAzzS_sX3_McfI-RdWk8HElH1JNi3zyOjBBIUYTuiwbcpLZ5l0gTbtoYuKvHGwR_vE_01
myaccounts.allstate.com/ Name: dtCookie
Value: 19310B8B8237CF21495DADBAC89C8739|Q1NTLUN1c3RvbWVyQ1N8MQ
.allstate.com/ Name: CP-PROD-PD-S-SESSION-ID
Value: 1_2_0_V06jLmQaeQMmZMeUjK6D2DYL+Od-+0yXkTC3JOEgWhfjE9Ax
myaccounts.allstate.com/ Name: BIGipServerisam-prod-consumer-443-pool
Value: !N8py9IrTOHZ+aFqNoA1kqAVyS9KOawIUTijd73laiPQQIEQ8mN9y7fPQpnZxOANXHuzeobcjmNvNdd4=
.demdex.net/ Name: demdex
Value: 47456607848095597110550957448416433932
.allstate.com/ Name: AMCVS_97021C8B53295DF30A490D4D%40AdobeOrg
Value: 1
.allstate.com/ Name: s_vi
Value: [CS]v1|310B407DB9241FEF-60000B34D6B3C609[CE]
.allstate.com/ Name: s_ecid
Value: MCMID%7C57575998937859708510691732655520373040
.allstate.com/ Name: AMCV_97021C8B53295DF30A490D4D%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C19047%7CMCMID%7C57575998937859708510691732655520373040%7CMCAAMLH-1646246780%7C6%7CMCAAMB-1646246780%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1645649180s%7CNONE%7CMCAID%7C310B407DB9241FEF-60000B34D6B3C609%7CvVersion%7C5.2.0
.allstate.com/ Name: s_pers
Value: %20gpv_pn%3Dclaims%252Fstatus%252Fthirdparty%252Fthirdpartylogin%7C1645643780549%3B%20s_getNewRepeat%3D1645641980552-New%7C1648233980552%3B
.allstate.com/ Name: s_sess
Value: %20SC_LINKS%3D%3B%20s_cc%3Dtrue%3B

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdnjs.cloudflare.com
dispawsusva.inmoment.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
intercept-client.inmoment.com
l.service01.email-allstate.com
myaccounts.allstate.com
resources.allstate.com
smetrics.allstate.com
13.36.218.177
167.127.115.52
2600:9000:2156:6400:1c:3dc0:7500:93a1
2606:4700::6810:125e
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2003
2a02:26f0:1700:38d::2af4
2a02:26f0:6c00:299::1e80
35.163.235.176
54.220.215.179
63.148.46.72
1af0558f7fa0682fa5ed29f43b948def675f56d1e1e96e5c6a58eb2df8ac44c4
2594290a5808f97dce17736afcd77367097a3810e1ae5d18c8069522214c302b
264ccb8f0eab2b810be00f44949b49983e342129bb26ac54aa2976d1697b56f2
36dac023b9d971c9b0c4a7d32ed391597ae1e86bb97f8d43abba74594b806e14
5939875d7db8dd9d2cb7cc9f0cf55fd36b406199050dc451e418c2f85dd7bf64
5b5247e86f2eb964174b65cd978dbd40075480f31c9ddce22cc3befce45d5682
5ee28734bcf69f8950c351f60e3137de3cc5a0c4232567b83a719dd0400e401f
7ffd9394641d05e2ad4e1004d0fa2503505a257fb7fba8d64c13179e555be01c
834461ec6350b62b44a6dea9ce12cad25411e0baf62308213384f7055961ccd8
8de0dcfdf17147c2a96776126fb9aa9fbaad8370a2c20d9ca681d68369de2901
8f7e62922a76efd7cfc01d328904a7d51549350cba0692c7d05ee8cc60e4a583
928c5eca6d13b56d5466aeda8780bef5a881b9ff087a7d5d624f5e01439392e2
9c8ec307137689fefa144f2bd62a06fb8afd2cd112e142e72575fa33c4f9b760
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a8c59406e68572b00beb965de147118baa69757c24c4fe47a13dee0fc1b2ea3b
ac72740ad9aa9f05724272d373faec9e4af1b1c0d12f8441efb3566f9af148e2
bb856f30a36fe98da11380dfafbc6921afbe72df116a6f3d999ca5c86f8a65d9
bc30f58dad8da5c928a5ab00f6dd4c3ef46a28fb54333fce541bfac310a6ed12
c2cfad197471b194c8d17aa8324a508228cf363f620ef0f34d02b60efca154a0
d4524a037e69e480b843b0ac6ac60e3d0c6f22bb5aa9cf5ac2f4c55342c29093
e8ad4491eb3bfcd4da6ce7d988dbbfb4bc7b6795d66195942ce4a0def4356843
ec729d75c3691cc8e9a9cf283900a99e0c64562a7560ff9cdfc97ac38ec2ac80
fa4b0f9822e1b1d64a343b15f59b3197bf987fac8737a3ddd100a2f268c23d4b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e