links.email.allstateidentityprotection.com

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 7 HTTP transactions. The main IP is 52.204.15.131, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is links.email.allstateidentityprotection.com.

This is the only time links.email.allstateidentityprotection.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	52.204.15.131 52.204.15.131	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6811:7a07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.122.24 18.66.122.24	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:9284	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	4

2 52.204.15.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-15-131.compute-1.amazonaws.com

links.email.allstateidentityprotection.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:7a07 (United States)

ASN13335 (CLOUDFLARENET, US)

f.hubspotusercontent00.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-24.fra60.r.cloudfront.net

contentz.mkt10758.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9284 (United States)

ASN13335 (CLOUDFLARENET, US)

3836852.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	hubspotusercontent00.net f.hubspotusercontent00.net — Cisco Umbrella Rank: 55664	18 KB
2	allstateidentityprotection.com links.email.allstateidentityprotection.com	7 KB
1	hubspotusercontent-na1.net 3836852.fs1.hubspotusercontent-na1.net	3 KB
1	mkt10758.com contentz.mkt10758.com	2 KB
7	4

	Domain	Requested by
3	f.hubspotusercontent00.net	links.email.allstateidentityprotection.com
2	links.email.allstateidentityprotection.com	links.email.allstateidentityprotection.com
1	3836852.fs1.hubspotusercontent-na1.net	links.email.allstateidentityprotection.com
1	contentz.mkt10758.com	links.email.allstateidentityprotection.com
7	4

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://links.email.allstateidentityprotection.com/servlet/MailView?ms=MzkxMzk0OQS2&r=MTAzODk4OTE2NDk5S0&j=MTQ0MDA3MzYzNQS2&mt=1&rt=0
Frame ID: 8EC7859D57717CBB5FE27C6BBD1273AA
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

7
Requests

57 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

31 kB
Transfer

68 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
200 Primary Request MailView Show response
links.email.allstateidentityprotection.com/servlet/ 46 KB
7 KB 322ms
163ms Document
text/html 52.204.15.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://links.email.allstateidentityprotection.com/servlet/MailView?ms=MzkxMzk0OQS2&r=MTAzODk4OTE2NDk5S0&j=MTQ0MDA3MzYzNQS2&mt=1&rt=0
Protocol: HTTP/1.1
Server: 52.204.15.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-15-131.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 29b44a11d4dc1ae2a79aaeb689661f067c0bafdcc1e9dc6820029bbfc914cb63

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: close
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Thu, 08 Feb 2024 22:21:17 GMT
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Robots-Tag: noindex

GET
H2 200 Email-Allstate-Logo-White@2x.png
f.hubspotusercontent00.net/hub/3836852/hubfs/ 2 KB
3 KB 291ms
191ms Image
image/webp 2606:4700::6811:7a07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f.hubspotusercontent00.net/hub/3836852/hubfs/Email-Allstate-Logo-White@2x.png?upscale=true&width=264&upscale=true&name=Email-Allstate-Logo-White@2x.png

Requested by

Host: links.email.allstateidentityprotection.com
URL: http://links.email.allstateidentityprotection.com/servlet/MailView?ms=MzkxMzk0OQS2&r=MTAzODk4OTE2NDk5S0&j=MTQ0MDA3MzYzNQS2&mt=1&rt=0

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7a07 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30988f2afb175c3837ecbdd779f9036c4320af0e440eb33cf72b063408809340

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://links.email.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:21:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 5c91d033409cd7607633594f94b09064.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag: F-41810232593,P-3836852,FLS-ALL
content-length: 2124
cf-resized: internal=ok/m q=0 n=284+0 c=0+3 v=2024.1.1 l=2124
last-modified: Mon, 22 Feb 2021 18:19:49 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfEVsIdDOzbIeVtsBWkOO18ped3mtIStgXwChS5aYtDQ:137ffa00a4209ac9ec5dd850a1b29196"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 852743ca58106921-FRA

GET
H2 200 secure-pro-alert-icon.png
f.hubspotusercontent00.net/hub/3836852/hubfs/ 2 KB
2 KB 403ms
303ms Image
image/webp 2606:4700::6811:7a07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f.hubspotusercontent00.net/hub/3836852/hubfs/secure-pro-alert-icon.png?upscale=true&upscale=true&width=92&upscale=true&name=secure-pro-alert-icon.png

Requested by

Host: links.email.allstateidentityprotection.com
URL: http://links.email.allstateidentityprotection.com/servlet/MailView?ms=MzkxMzk0OQS2&r=MTAzODk4OTE2NDk5S0&j=MTQ0MDA3MzYzNQS2&mt=1&rt=0

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7a07 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83c6c96efe870acf589d1d95224e3005adeaaac71229f9a6818117533da2a960

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://links.email.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:21:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 eb9a7c491927f70f3921f0803caae61c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag: F-47907658851,P-3836852,FLS-ALL
content-length: 1686
cf-resized: internal=ok/m q=0 n=224+0 c=0+1 v=2024.1.3 l=1686
last-modified: Wed, 26 May 2021 03:01:12 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfd0Jwwr0DBCsk02tldQEhjNca5jWo7MKcpoWYvAEwDQ:776b32c08c7149726f84727a273bfbcf"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 852743ca58116921-FRA

GET
H2 200 secure-pro-email-decoration.jpg
f.hubspotusercontent00.net/hub/3836852/hubfs/ 13 KB
14 KB 297ms
198ms Image
image/webp 2606:4700::6811:7a07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f.hubspotusercontent00.net/hub/3836852/hubfs/secure-pro-email-decoration.jpg?upscale=true&width=1218&upscale=true&name=secure-pro-email-decoration.jpg

Requested by

Host: links.email.allstateidentityprotection.com
URL: http://links.email.allstateidentityprotection.com/servlet/MailView?ms=MzkxMzk0OQS2&r=MTAzODk4OTE2NDk5S0&j=MTQ0MDA3MzYzNQS2&mt=1&rt=0

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7a07 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ecfc9bcbfcb943c5b243dd861112af234d30a90c95ffdf7036cdccfc399aff5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://links.email.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:21:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 417c242b19212928b079740e6dd8f54c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag: F-47888947545,P-3836852,FLS-ALL
content-length: 13710
cf-resized: internal=ok/m q=0 n=307+0 c=2+10 v=2024.1.1 l=13710
last-modified: Tue, 25 May 2021 16:41:02 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfSikl4I6Ux-Crr-Mfukv8evMBojPuOtxXLxFrSyBXDQ:7d7c8c289bd9e7952ced331b0f4c5f9a"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 852743ca58126921-FRA

GET
H/1.1 200
OK 224203_security-pro-green-lightbulb-icon_0.png
contentz.mkt10758.com/ra/2024/11676/02/3913949/ 2 KB
2 KB 110ms
40ms Image
image/png 18.66.122.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://contentz.mkt10758.com/ra/2024/11676/02/3913949/224203_security-pro-green-lightbulb-icon_0.png
Requested by: Host: links.email.allstateidentityprotection.com
URL: http://links.email.allstateidentityprotection.com/servlet/MailView?ms=MzkxMzk0OQS2&r=MTAzODk4OTE2NDk5S0&j=MTQ0MDA3MzYzNQS2&mt=1&rt=0
Protocol: HTTP/1.1
Server: 18.66.122.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-24.fra60.r.cloudfront.net
Software: Apache /
Resource Hash: 38899886c8330a3d964bebc03f345ab27f059c9c3aa4c7b647182e9775b4ec6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://links.email.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 08 Feb 2024 22:03:03 GMT
Via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
Last-Modified: Thu, 08 Feb 2024 21:50:58 GMT
Server: Apache
X-Amz-Cf-Pop: FRA60-P2
Age: 1094
ETag: "7c4-610e5ce7bb94b"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1988
X-Amz-Cf-Id: Q-JEGPSB-8F_bHlXz-GLZ5C49NZhQJZrwBbPC2LP5ed1cZhdH3wojw==

GET
H2 200 feature-activation-allstate-logo-grey.png
3836852.fs1.hubspotusercontent-na1.net/hub/3836852/hubfs/feature-activation/ 2 KB
3 KB 213ms
110ms Image
image/webp 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3836852.fs1.hubspotusercontent-na1.net/hub/3836852/hubfs/feature-activation/feature-activation-allstate-logo-grey.png?width=300&upscale=true&name=feature-activation-allstate-logo-grey.png

Requested by

Host: links.email.allstateidentityprotection.com
URL: http://links.email.allstateidentityprotection.com/servlet/MailView?ms=MzkxMzk0OQS2&r=MTAzODk4OTE2NDk5S0&j=MTQ0MDA3MzYzNQS2&mt=1&rt=0

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14d830233039ff13f18df0d109b33b8e885eeb6f65b6240f6112f1ed80e7ced0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://links.email.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:21:17 GMT
via: 1.1 99baebf4b5bb631267dcfa82456151cc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag: F-62767082791,FD-62720654140,P-3836852,FLS-ALL
content-length: 2538
cf-resized: internal=ok/m q=0 n=287+0 c=0+2 v=2024.1.3 l=2538
last-modified: Tue, 28 Dec 2021 16:40:37 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cftvOrgGju3HdFmJxoWSN8bAyHPv3fHRErO2kJZaYSDQ:1c54ac78b4f1f670e526d1b0f114c95a"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 852743ca6dc63604-FRA

GET
H/1.1 200
OK S1liSkdrbWlPV1ZwRzlqSkJMZGZmUUVNWENEZy9BcmlnQ1Y5dU1XTjVPeEtMWFhrYWxscG1SelJpUmFEV0R2NE1McS9ySklSUkZEVk5CRkc1d2VXVEVGUlJTd0tER0tXT3psN0xVWkV5S3NBRjVQKzYzNXBudVZLaTZMY1h1M0Z3ckVjWnF3K3gyYisveTZqT0RuQ...
links.email.allstateidentityprotection.com/eos/v1/ 45 B
225 B 250ms
127ms Image
image/gif 52.204.15.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://links.email.allstateidentityprotection.com/eos/v1/S1liSkdrbWlPV1ZwRzlqSkJMZGZmUUVNWENEZy9BcmlnQ1Y5dU1XTjVPeEtMWFhrYWxscG1SelJpUmFEV0R2NE1McS9ySklSUkZEVk5CRkc1d2VXVEVGUlJTd0tER0tXT3psN0xVWkV5S3NBRjVQKzYzNXBudVZLaTZMY1h1M0Z3ckVjWnF3K3gyYisveTZqT0RuQlR0OVNYWHRUZDR5WFc4TjhqRWVxNmJ0eHo2K0lpeG1nU2c9PQS2
Requested by: Host: links.email.allstateidentityprotection.com
URL: http://links.email.allstateidentityprotection.com/servlet/MailView?ms=MzkxMzk0OQS2&r=MTAzODk4OTE2NDk5S0&j=MTQ0MDA3MzYzNQS2&mt=1&rt=0
Protocol: HTTP/1.1
Server: 52.204.15.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-15-131.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://links.email.allstateidentityprotection.com/servlet/MailView?ms=MzkxMzk0OQS2&r=MTAzODk4OTE2NDk5S0&j=MTQ0MDA3MzYzNQS2&mt=1&rt=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 08 Feb 2024 22:21:17 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 45
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3836852.fs1.hubspotusercontent-na1.net
contentz.mkt10758.com
f.hubspotusercontent00.net
links.email.allstateidentityprotection.com
18.66.122.24
2606:4700:4400::ac40:9284
2606:4700::6811:7a07
52.204.15.131
14d830233039ff13f18df0d109b33b8e885eeb6f65b6240f6112f1ed80e7ced0
29b44a11d4dc1ae2a79aaeb689661f067c0bafdcc1e9dc6820029bbfc914cb63
30988f2afb175c3837ecbdd779f9036c4320af0e440eb33cf72b063408809340
38899886c8330a3d964bebc03f345ab27f059c9c3aa4c7b647182e9775b4ec6f
4ecfc9bcbfcb943c5b243dd861112af234d30a90c95ffdf7036cdccfc399aff5
83c6c96efe870acf589d1d95224e3005adeaaac71229f9a6818117533da2a960
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

links.email.allstateidentityprotection.com Open in urlscan Pro 52.204.15.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

7 Requests

57 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

31 kBTransfer

68 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

links.email.allstateidentityprotection.com Open in urlscan Pro
52.204.15.131 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

57 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

31 kB
Transfer

68 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions