portal.allstateidentityprotection.com Open in urlscan Pro
104.255.33.112 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.email.allstateidentityprotection.com/els/v2/6j~LFZv4e3F0/UUMxSmcyMFVjb3NkSFNMZXpmeFlER2JmUzRuMEQ4azlHLzZ1OTNCM1VTc3JBRVBhMlpYSWozM0xH...
Effective URL:
https://portal.allstateidentityprotection.com/signin/?partnerid=allstateessentials&utm_source=AIP_email&utm_medium=email&utm_campaign=&utm_con...
Submission: On September 26 via api (September 26th 2022, 1:05:13 pm UTC) from US — Scanned from DE

Summary HTTP 89 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 41 IPs in 5 countries across 30 domains to perform 89 HTTP transactions. The main IP is 104.255.33.112, located in United States and belongs to AIP-AS13583, US. The main domain is portal.allstateidentityprotection.com. The Cisco Umbrella rank of the primary domain is 808916.
TLS certificate: Issued by R3 on August 17th 2022. Valid for: 3 months.

This is the only time portal.allstateidentityprotection.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.204.15.131 52.204.15.131	14618 (AMAZON-AES) (AMAZON-AES)
6	104.255.33.112 104.255.33.112	13583 (AIP-AS13583) (AIP-AS13583)
4	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	104.255.33.114 104.255.33.114	13583 (AIP-AS13583) (AIP-AS13583)
8	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	184.73.166.45 184.73.166.45	14618 (AMAZON-AES) (AMAZON-AES)
1	13.225.78.103 13.225.78.103	16509 (AMAZON-02) (AMAZON-02)
1 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
2	142.251.39.2 142.251.39.2	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:402... 2a00:1450:4025:402::9c	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	104.96.159.134 104.96.159.134	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	13.224.189.80 13.224.189.80	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:7fab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:74b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.103.105.16 104.103.105.16	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.31.254.154 52.31.254.154	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.255.33.113 104.255.33.113	13583 (AIP-AS13583) (AIP-AS13583)
1	2600:9000:211... 2600:9000:211a:e000:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	34.107.204.85 34.107.204.85	15169 (GOOGLE) (GOOGLE)
89	41

1 52.204.15.131 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-15-131.compute-1.amazonaws.com

links.email.allstateidentityprotection.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.255.33.112 (United States)

ASN13583 (AIP-AS13583, US)

portal.allstateidentityprotection.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.255.33.114 (United States)

ASN13583 (AIP-AS13583, US)

signin-api.infoarmor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.73.166.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-166-45.compute-1.amazonaws.com

www.sc.pages09.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pages09.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-103.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net

11038515.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.39.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4025:402::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.159.134 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-159-134.deploy.static.akamaitechnologies.com

lib-us-3.brilliantcollector.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-80.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e8cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7fab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.103.105.16 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-105-16.deploy.static.akamaitechnologies.com

libs.coremetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tmscdn.coremetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.254.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-254-154.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.255.33.113 (United States)

ASN13583 (AIP-AS13583, US)

cdn.infoarmor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:e000:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.204.85 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 85.204.107.34.bc.googleusercontent.com

app.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	google.com region1.analytics.google.com — Cisco Umbrella Rank: 5636 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 75	2 KB
8	doubleclick.net 1 redirects 11038515.fls.doubleclick.net — Cisco Umbrella Rank: 840990 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	5 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
7	google.de www.google.de — Cisco Umbrella Rank: 6352 adservice.google.de — Cisco Umbrella Rank: 9081	2 KB
7	allstateidentityprotection.com 1 redirects links.email.allstateidentityprotection.com — Cisco Umbrella Rank: 424852 portal.allstateidentityprotection.com — Cisco Umbrella Rank: 808916	423 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	268 B
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 394 www.linkedin.com — Cisco Umbrella Rank: 623 px4.ads.linkedin.com — Cisco Umbrella Rank: 6198	4 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	215 KB
4	hubspot.com forms.hubspot.com — Cisco Umbrella Rank: 3106 track.hubspot.com — Cisco Umbrella Rank: 2260	4 KB
4	coremetrics.com libs.coremetrics.com — Cisco Umbrella Rank: 14174 tmscdn.coremetrics.com — Cisco Umbrella Rank: 14004	7 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 591 script.hotjar.com — Cisco Umbrella Rank: 779 vars.hotjar.com — Cisco Umbrella Rank: 852 in.hotjar.com — Cisco Umbrella Rank: 1671	70 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	312 KB
3	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 781 app.pendo.io — Cisco Umbrella Rank: 1666	149 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 375	12 KB
3	infoarmor.com signin-api.infoarmor.com — Cisco Umbrella Rank: 636292 cdn.infoarmor.com — Cisco Umbrella Rank: 493535	34 KB
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2590
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128	31 KB
2	pages09.net www.sc.pages09.net — Cisco Umbrella Rank: 183140 www.pages09.net — Cisco Umbrella Rank: 187721	15 KB
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4400	443 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 769	3 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3542	917 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2156	16 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3246	3 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4853	23 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4128	88 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2138	22 KB
1	brilliantcollector.com lib-us-3.brilliantcollector.com — Cisco Umbrella Rank: 40050	10 KB
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 624	261 B
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2495	6 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2212	975 B
89	30

	Domain	Requested by
8	www.google-analytics.com	www.googletagmanager.com portal.allstateidentityprotection.com
6	www.google.de	portal.allstateidentityprotection.com
6	portal.allstateidentityprotection.com	portal.allstateidentityprotection.com
4	www.facebook.com
4	connect.facebook.net	js.hsadspixel.net connect.facebook.net
4	www.google.com	portal.allstateidentityprotection.com
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	region1.analytics.google.com	www.googletagmanager.com
4	www.googletagmanager.com	portal.allstateidentityprotection.com www.googletagmanager.com js.hsadspixel.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com portal.allstateidentityprotection.com
2	app.pendo.io	cdn.pendo.io
2	px.ads.linkedin.com	2 redirects
2	track.hubspot.com
2	forms.hubspot.com	js.hscollectedforms.net js.hsleadflows.net
2	tmscdn.coremetrics.com	lib-us-3.brilliantcollector.com tmscdn.coremetrics.com
2	libs.coremetrics.com	lib-us-3.brilliantcollector.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	www.googleadservices.com	www.googletagmanager.com
2	11038515.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	signin-api.infoarmor.com	portal.allstateidentityprotection.com
1	forms.hsforms.com
1	cdn.pendo.io	portal.allstateidentityprotection.com
1	cdn.infoarmor.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	js.hsadspixel.net
1	www.pages09.net
1	api.hubapi.com	js.hsadspixel.net
1	in.hotjar.com	script.hotjar.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	vars.hotjar.com	static.hotjar.com
1	adservice.google.de	adservice.google.com
1	script.hotjar.com	static.hotjar.com
1	adservice.google.com	11038515.fls.doubleclick.net
1	lib-us-3.brilliantcollector.com	www.googletagmanager.com
1	insight.adsrvr.org	portal.allstateidentityprotection.com
1	cdn.pdst.fm	portal.allstateidentityprotection.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.sc.pages09.net	www.googletagmanager.com
1	links.email.allstateidentityprotection.com	1 redirects
89	46

This site contains links to these domains. Also see Links.

Domain
www.allstateidentityprotection.com

Subject Issuer	Validity	Valid
*.allstateidentityprotection.com R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.infoarmor.com R3	`2022-08-14` - `2022-11-12`	3 months	crt.sh
*.engage9.silverpop.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-29` - `2022-10-19`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2022-08-08` - `2022-11-06`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
lib-us-3.brilliantcollector.com R3	`2022-07-20` - `2022-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.coremetrics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.pages09.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-06` - `2023-09-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-05` - `2022-10-03`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
cdn.pendo.io Amazon	`2022-07-30` - `2023-08-28`	a year	crt.sh
pendo.io GTS CA 1D4	`2022-08-31` - `2022-11-29`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://portal.allstateidentityprotection.com/signin/?partnerid=allstateessentials&utm_source=AIP_email&utm_medium=email&utm_campaign=&utm_content=B2B_FeatureOnboarding-Login-Send%202%20(3)&spMailingID=2894103&spUserID=MjcwODc0NTM2MTYS1&spJobID=1100120113&spReportId=MTEwMDEyMDExNAS2
Frame ID: CF30605F81B992A2E60CA8C9DAD8DB11
Requests: 83 HTTP requests in this frame

Frame: https://11038515.fls.doubleclick.net/activityi;dc_pre=COeCn-rCsvoCFeeAmwodjzEItA;src=11038515;type=secndry;cat=dmnvisit;ord=6344735164794;gtm=2wg9l0;auiddc=910890575.1664197507;~oref=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2
Frame ID: EEB5A6098A3E06AEC5443DFB0F501616
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COeCn-rCsvoCFeeAmwodjzEItA;src=11038515;type=secndry;cat=dmnvisit;ord=6344735164794;gtm=2wg9l0;auiddc=910890575.1664197507;~oref=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2
Frame ID: DB7A2204C4846A10F0CA017FFA9E09D7
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COeCn-rCsvoCFeeAmwodjzEItA;src=11038515;type=secndry;cat=dmnvisit;ord=6344735164794;gtm=2wg9l0;auiddc=910890575.1664197507;~oref=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2
Frame ID: 97DFB8E5196AA525CD5618AFEBB41680
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 388C85287986FE2DC09EB56586B7A062
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Secure Login

Page URL History Show full URLs

http://links.email.allstateidentityprotection.com/els/v2/6j~LFZv4e3F0/UUMxSmcyMFVjb3NkSFNMZXpmeFlER2JmUzRuMEQ4azlHLzZ1OTNCM1VT... HTTP 302
https://portal.allstateidentityprotection.com/signin/?partnerid=allstateessentials&utm_source=AIP_email&utm_medium=email&u... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

89
Requests

99 %
HTTPS

60 %
IPv6

30
Domains

46
Subdomains

41
IPs

5
Countries

1475 kB
Transfer

4958 kB
Size

48
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.allstateidentityprotection.com/terms-conditions
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.allstateidentityprotection.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.allstateidentityprotection.com/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.allstateidentityprotection.com/identity-fraud-reimbursement
Title: Fraud Reimbursement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.email.allstateidentityprotection.com/els/v2/6j~LFZv4e3F0/UUMxSmcyMFVjb3NkSFNMZXpmeFlER2JmUzRuMEQ4azlHLzZ1OTNCM1VTc3JBRVBhMlpYSWozM0xHUHIzUk0rUHd0bVFtREwvWTZLb1lhdlhBd2J2OWJwYkVyUmVhRGZXMHVTWUVjZGw5aS9wVVZYem5WeHhsY1kvdGNMd0JucWVScjBsU2UwYS9uYz0S1/S2JxenlmTmE1UXhZaVlMYkQyZW1YaXFkRFVMbG03bXVWWHJ0bUYxVExMMWVoTVVvbEQ4RnBGU2lGdUdBMXFSQ0NoM3h1OWJuY05kUWJTLy9ZRzdsRmc9PQS2 HTTP 302
https://portal.allstateidentityprotection.com/signin/?partnerid=allstateessentials&utm_source=AIP_email&utm_medium=email&utm_campaign=&utm_content=B2B_FeatureOnboarding-Login-Send%202%20(3)&spMailingID=2894103&spUserID=MjcwODc0NTM2MTYS1&spJobID=1100120113&spReportId=MTEwMDEyMDExNAS2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://11038515.fls.doubleclick.net/activityi;src=11038515;type=secndry;cat=dmnvisit;ord=6344735164794;gtm=2wg9l0;auiddc=910890575.1664197507;~oref=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2 HTTP 302
https://11038515.fls.doubleclick.net/activityi;dc_pre=COeCn-rCsvoCFeeAmwodjzEItA;src=11038515;type=secndry;cat=dmnvisit;ord=6344735164794;gtm=2wg9l0;auiddc=910890575.1664197507;~oref=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2

Request Chain 68

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2269737&time=1664197508645&url=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2269737%26time%3D1664197508645%26url%3Dhttps%253A%252F%252Fportal.allstateidentityprotection.com%252Fsignin%252F%253Fpartnerid%253Dallstateessentials%2526utm_source%253DAIP_email%2526utm_medium%253Demail%2526utm_campaign%253D%2526utm_content%253DB2B_FeatureOnboarding-Login-Send%2525202%252520%25283%2529%2526spMailingID%253D2894103%2526spUserID%253DMjcwODc0NTM2MTYS1%2526spJobID%253D1100120113%2526spReportId%253DMTEwMDEyMDExNAS2%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2269737&time=1664197508645&url=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520%283%29%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2269737&time=1664197508645&url=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520%283%29%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&liSync=true&e_ipv6=AQJ0UF9cqz37dQAAAYN55r_N1OJgaA4ULnD90kVogXj6h9ihEQdOlCH8PXSQS9q8E3c4R58AL_nZK1v-2uUWmB4A_AJ51g

89 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
portal.allstateidentityprotection.com/signin/
Redirect Chain

http://links.email.allstateidentityprotection.com/els/v2/6j~LFZv4e3F0/UUMxSmcyMFVjb3NkSFNMZXpmeFlER2JmUzRuMEQ4azlHLzZ1OTNCM1VTc3JBRVBhMlpYSWozM0xHUHIzUk0rUHd0bVFtREwvWTZLb1lhdlhBd2J2OWJwYkVyUmVhRGZ...
https://portal.allstateidentityprotection.com/signin/?partnerid=allstateessentials&utm_source=AIP_email&utm_medium=email&utm_campaign=&utm_content=B2B_FeatureOnboarding-Login-Send%202%20(3)&spMaili...

2 KB
1 KB

687ms
174ms

Document
text/html

104.255.33.112
AIP-AS13583

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.allstateidentityprotection.com/signin/?partnerid=allstateessentials&utm_source=AIP_email&utm_medium=email&utm_campaign=&utm_content=B2B_FeatureOnboarding-Login-Send%202%20(3)&spMailingID=2894103&spUserID=MjcwODc0NTM2MTYS1&spJobID=1100120113&spReportId=MTEwMDEyMDExNAS2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

104.255.33.112 , United States, ASN13583 (AIP-AS13583, US),

Reverse DNS

Software

Resource Hash

ece89873de7ed21bf50377af2d5574a05ad0167e3dff3beb484596dcd6593045

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-encoding: gzip
content-length: 792
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'
content-type: text/html; charset=UTF-8
date: Mon, 26 Sep 2022 13:05:05 GMT
etag: "858-5e77e20ef4300-gzip"
last-modified: Tue, 30 Aug 2022 23:56:28 GMT
strict-transport-security: max-age=86400; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
x-frame-options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 26 Sep 2022 13:05:05 GMT
content-language: de-DE
location: https://portal.allstateidentityprotection.com/signin/?partnerid=allstateessentials&utm_source=AIP_email&utm_medium=email&utm_campaign=&utm_content=B2B_FeatureOnboarding-Login-Send 2 (3)&spMailingID=2894103&spUserID=MjcwODc0NTM2MTYS1&spJobID=1100120113&spReportId=MTEwMDEyMDExNAS2
server: istio-envoy
x-envoy-upstream-service-time: 6

GET
H/1.1 200
OK ia-common.bundle.d312f1bd.js Show response
portal.allstateidentityprotection.com/signin/ 139 KB
45 KB 179ms
179ms Script
application/javascript 104.255.33.112
AIP-AS13583

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.allstateidentityprotection.com/signin/ia-common.bundle.d312f1bd.js

Requested by

Host: portal.allstateidentityprotection.com
URL: https://portal.allstateidentityprotection.com/signin/?partnerid=allstateessentials&utm_source=AIP_email&utm_medium=email&utm_campaign=&utm_content=B2B_FeatureOnboarding-Login-Send%202%20(3)&spMailingID=2894103&spUserID=MjcwODc0NTM2MTYS1&spJobID=1100120113&spReportId=MTEwMDEyMDExNAS2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

104.255.33.112 , United States, ASN13583 (AIP-AS13583, US),

Reverse DNS

Software

Resource Hash

509f70e61396584ed470f9364a5342e57a27a6aaf10d7042bb616337093a0765

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/signin/?partnerid=allstateessentials&utm_source=AIP_email&utm_medium=email&utm_campaign=&utm_content=B2B_FeatureOnboarding-Login-Send%202%20(3)&spMailingID=2894103&spUserID=MjcwODc0NTM2MTYS1&spJobID=1100120113&spReportId=MTEwMDEyMDExNAS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Sep 2022 02:53:14 GMT
etag: "22a45-5e8ae58c57b6c-gzip"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=60, public
date: Mon, 26 Sep 2022 13:05:05 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'
accept-ranges: bytes
x-envoy-upstream-service-time: 11
vary: Accept-Encoding
content-length: 45470

GET
H/1.1 200
OK vendors.bundle.5a28db32.js Show response
portal.allstateidentityprotection.com/signin/ 901 KB
284 KB 522ms
194ms Script
application/javascript 104.255.33.112
AIP-AS13583

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.allstateidentityprotection.com/signin/vendors.bundle.5a28db32.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

104.255.33.112 , United States, ASN13583 (AIP-AS13583, US),

Reverse DNS

Software

Resource Hash

2d476fee4b9eb7982cf8b77a46eda7f957d3fbd073789b491adfc7a6adf910bd

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/signin/?partnerid=allstateessentials&utm_source=AIP_email&utm_medium=email&utm_campaign=&utm_content=B2B_FeatureOnboarding-Login-Send%202%20(3)&spMailingID=2894103&spUserID=MjcwODc0NTM2MTYS1&spJobID=1100120113&spReportId=MTEwMDEyMDExNAS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Sep 2022 03:14:25 GMT
Transfer-Encoding: chunked
etag: "e124a-5e8aea4807216-gzip"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=60, public
date: Mon, 26 Sep 2022 13:05:06 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'
accept-ranges: bytes
x-envoy-upstream-service-time: 24
vary: Accept-Encoding

GET
H/1.1 200
OK main.bundle.1f15bf26.js Show response
portal.allstateidentityprotection.com/signin/ 320 KB
63 KB 527ms
196ms Script
application/javascript 104.255.33.112
AIP-AS13583

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.allstateidentityprotection.com/signin/main.bundle.1f15bf26.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

104.255.33.112 , United States, ASN13583 (AIP-AS13583, US),

Reverse DNS

Software

Resource Hash

a700a3c8787eb283adb408e51172f38dfdc97be2926223210797d769650743fe

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/signin/?partnerid=allstateessentials&utm_source=AIP_email&utm_medium=email&utm_campaign=&utm_content=B2B_FeatureOnboarding-Login-Send%202%20(3)&spMailingID=2894103&spUserID=MjcwODc0NTM2MTYS1&spJobID=1100120113&spReportId=MTEwMDEyMDExNAS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Sep 2022 03:22:38 GMT
Transfer-Encoding: chunked
etag: "500d4-5e8aec1e1752a-gzip"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=60, public
date: Mon, 26 Sep 2022 13:05:06 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'
accept-ranges: bytes
x-envoy-upstream-service-time: 23
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 399 KB
104 KB 142ms
92ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQM7N5X&l=aipGTM&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c83ea0ad8db50290380de75855740264fc2aba087e92da97cbc5b8124538b6e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106195
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Sep 2022 13:05:07 GMT

GET
H/1.1 200
OK allstateessentials Show response
signin-api.infoarmor.com/customizations/ 2 KB
4 KB 726ms
232ms Fetch
application/json 104.255.33.114
AIP-AS13583

General

Check archive.org

Show headers Download Go to

Full URL

https://signin-api.infoarmor.com/customizations/allstateessentials

Requested by

Host: portal.allstateidentityprotection.com
URL: https://portal.allstateidentityprotection.com/signin/main.bundle.1f15bf26.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

104.255.33.114 , United States, ASN13583 (AIP-AS13583, US),

Reverse DNS

Software

Resource Hash

0ca5398f240098188365ca82bb5c147222d1fb7ea16f5573c130fca685ee63d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; connect-src 'none'; font-src 'none'; form-action 'none'; frame-ancestors 'none'; frame-src 'none'; img-src 'none'; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src; style-src; worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
x-ia-partner: allstateessentials
Referer: https://portal.allstateidentityprotection.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: application/json

Response headers

date: Mon, 26 Sep 2022 13:05:08 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-envoy-upstream-service-time: 62
vary: Origin
content-length: 2369
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
x-frame-options: sameorigin
x-download-options: noopen
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json
access-control-allow-origin: https://portal.allstateidentityprotection.com
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Authorization,X-IA-Partner,HTTP_X_Forwarded_For,HTTP_Client_IP
cache-control: no-store, no-cache, must-revalidate
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; camera 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; payment 'self'; picture-in-picture *; speaker 'self'; usb 'self'; vr 'self'
content-security-policy: default-src 'none'; base-uri 'none'; connect-src 'none'; font-src 'none'; form-action 'none'; frame-ancestors 'none'; frame-src 'none'; img-src 'none'; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src; style-src; worker-src 'none'
access-control-allow-credentials: true
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H/1.1 204
No Content allstateessentials
signin-api.infoarmor.com/customizations/ Frame 0
0 695ms
184ms Preflight 104.255.33.114
AIP-AS13583

General

Check archive.org

Show headers Download Go to

Full URL

https://signin-api.infoarmor.com/customizations/allstateessentials

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

104.255.33.114 , United States, ASN13583 (AIP-AS13583, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; connect-src 'none'; font-src 'none'; form-action 'none'; frame-ancestors 'none'; frame-src 'none'; img-src 'none'; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src; style-src; worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ia-partner
Access-Control-Request-Method: GET
Origin: https://portal.allstateidentityprotection.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with, content-type, accept, authorization, x-ia-partner, http_x_forwarded_for, http_client_ip
access-control-allow-origin: https://portal.allstateidentityprotection.com
content-security-policy: default-src 'none'; base-uri 'none'; connect-src 'none'; font-src 'none'; form-action 'none'; frame-ancestors 'none'; frame-src 'none'; img-src 'none'; manifest-src 'none'; media-src 'none'; object-src 'none'; script-src; style-src; worker-src 'none'
date: Mon, 26 Sep 2022 13:05:07 GMT
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; camera 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; payment 'self'; picture-in-picture *; speaker 'self'; usb 'self'; vr 'self'
referrer-policy: no-referrer
strict-transport-security: max-age=86400; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-envoy-upstream-service-time: 14
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 91ms
19ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQM7N5X&l=aipGTM&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 187
date: Mon, 26 Sep 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Mon, 26 Sep 2022 15:02:00 GMT

GET
H/1.1 200
OK iMAWebCookie.js Show response
www.sc.pages09.net/lp/static/js/ 14 KB
14 KB 437ms
106ms Script
application/javascript 184.73.166.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sc.pages09.net/lp/static/js/iMAWebCookie.js?244f3b49-175c321d15a-2baacb7739ee1c16a824f9d47c8a8b8b&h=www.pages09.net

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQM7N5X&l=aipGTM&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

184.73.166.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-184-73-166-45.compute-1.amazonaws.com

Software

Apache /

Resource Hash

27a1e80167055f562f0ddda38620ec1f5a354c5ab795c75da16874f4095520f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 13:05:07 GMT
Last-Modified: Wed, 21 Sep 2022 03:37:41 GMT
Server: Apache
ETag: "3772-5e927aabf551c"
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 14194

GET
H2 200 hotjar-839336.js Show response
static.hotjar.com/c/ 18 KB
4 KB 423ms
174ms Script
application/javascript 13.225.78.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-839336.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQM7N5X&l=aipGTM&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-103.fra2.r.cloudfront.net

Software

Resource Hash

a54bc148ebbe7fa43eebb50af3b333b89f14a6da483ff9aed53bb6522614139f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA2-C2
etag: W/dfaa2ca0997a1c2069df809b72a304e9
strict-transport-security: max-age=604800; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-amz-cf-id: ApeNaW9U6XkZJ66JkVJ_oCHsBP6gdIK3nXbGMWi461mDt7P8uZjOvg==
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)

GET
H3

200

activityi;dc_pre=COeCn-rCsvoCFeeAmwodjzEItA;src=11038515;type=secndry;cat=dmnvisit;ord=6344735164794;gtm=2wg9l0;auiddc=910890575.1664197507;~oref=https%3A%2F%2Fportal.allstateidentityprotection.com... Show response
11038515.fls.doubleclick.net/ Frame EEB5
Redirect Chain

https://11038515.fls.doubleclick.net/activityi;src=11038515;type=secndry;cat=dmnvisit;ord=6344735164794;gtm=2wg9l0;auiddc=910890575.1664197507;~oref=https%3A%2F%2Fportal.allstateidentityprotection....
https://11038515.fls.doubleclick.net/activityi;dc_pre=COeCn-rCsvoCFeeAmwodjzEItA;src=11038515;type=secndry;cat=dmnvisit;ord=6344735164794;gtm=2wg9l0;auiddc=910890575.1664197507;~oref=https%3A%2F%2F...

784 B
593 B

102ms
58ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11038515.fls.doubleclick.net/activityi;dc_pre=COeCn-rCsvoCFeeAmwodjzEItA;src=11038515;type=secndry;cat=dmnvisit;ord=6344735164794;gtm=2wg9l0;auiddc=910890575.1664197507;~oref=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQM7N5X&l=aipGTM&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

cafe /

Resource Hash

877c4addcecc4513386de6e7c009594d6f1a32dc9557b2afa06bcb2d2aa86e0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.allstateidentityprotection.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 568
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 13:05:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 13:05:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11038515.fls.doubleclick.net/activityi;dc_pre=COeCn-rCsvoCFeeAmwodjzEItA;src=11038515;type=secndry;cat=dmnvisit;ord=6344735164794;gtm=2wg9l0;auiddc=910890575.1664197507;~oref=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 275ms
173ms Script
text/javascript 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQM7N5X&l=aipGTM&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 13:05:07 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 121ms
48ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQM7N5X&l=aipGTM&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1F28389C6F614A9394ED99DA3D8C48C4 Ref B: DUS30EDGE0915 Ref C: 2022-09-26T13:05:07Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Mon, 26 Sep 2022 13:05:07 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 3836852.js Show response
js.hs-scripts.com/ 2 KB
975 B 482ms
423ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/3836852.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQM7N5X&l=aipGTM&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c2e7e866318c521a0927f3d5d090311d70de3b7890458a863dca454b66000b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:07 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 25 Sep 2022 21:24:27 GMT
server: cloudflare
x-hubspot-correlation-id: 5d0b3e26-4233-4d7d-b477-06ed7c828fea
x-trace: 2B21EBA5CD5FD8E086DC500EF2D4C7E9FFF4F7C5DE000000000000000000
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://portal.allstateidentityprotection.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 750c35963de59072-FRA
expires: Mon, 26 Sep 2022 13:06:07 GMT

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 103ms
22ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: portal.allstateidentityprotection.com
URL: https://portal.allstateidentityprotection.com/signin/?partnerid=allstateessentials&utm_source=AIP_email&utm_medium=email&utm_campaign=&utm_content=B2B_FeatureOnboarding-Login-Send%202%20(3)&spMailingID=2894103&spUserID=MjcwODc0NTM2MTYS1&spJobID=1100120113&spReportId=MTEwMDEyMDExNAS2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 12:54:43 GMT
content-encoding: gzip
age: 624
x-guploader-uploadid: ADPycdu2JLUB5c-5eX5gy0JigXuQXgo9UbzM0tBOzhNxFG_vN1sYMy4bfzKenVRPXEbSdsAMoh2CCVaRk42iSyKanKzHEg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-generation: 1622234043862937
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Mon, 26 Sep 2022 13:54:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
73 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P4Y56CP6LY&l=aipGTM&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQM7N5X&l=aipGTM&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14a92ae2729bc6e2021f05e6c303b60912034da8ed8bf71601fe34247517c60c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:07 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74696
x-xss-protection: 0
expires: Mon, 26 Sep 2022 13:05:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
74 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RLKEQV2WQ7&l=aipGTM&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQM7N5X&l=aipGTM&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95196a28e6f3db94b0d4cd12ae254e220751cd21846602ee98bdf6a7808f451c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:07 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75167
x-xss-protection: 0
expires: Mon, 26 Sep 2022 13:05:07 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 152ms
48ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=ykk4yu8&ct=0:z8nsqfv&fmt=3
Requested by: Host: portal.allstateidentityprotection.com
URL: https://portal.allstateidentityprotection.com/signin/?partnerid=allstateessentials&utm_source=AIP_email&utm_medium=email&utm_campaign=&utm_content=B2B_FeatureOnboarding-Login-Send%202%20(3)&spMailingID=2894103&spUserID=MjcwODc0NTM2MTYS1&spJobID=1100120113&spReportId=MTEwMDEyMDExNAS2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:05:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 204 collect
region1.analytics.google.com/g/ 0
352 B 80ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RLKEQV2WQ7&gtm=2oe9l0&_p=331012686&_gaz=1&cid=1894663192.1664197508&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1664197507&sct=1&seg=0&dl=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&dt=Secure%20Login&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RLKEQV2WQ7&l=aipGTM&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:05:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.allstateidentityprotection.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 102ms
32ms Ping
text/plain 2a00:1450:4025:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RLKEQV2WQ7&cid=1894663192.1664197508&gtm=2oe9l0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RLKEQV2WQ7&l=aipGTM&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:402::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:05:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.allstateidentityprotection.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 133ms
69ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RLKEQV2WQ7&cid=1894663192.1664197508&gtm=2oe9l0&aip=1&z=1934889760

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:05:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P4Y56CP6LY&gtm=2oe9l0&_p=331012686&_gaz=1&cid=1894663192.1664197508&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1664197507&sct=1&seg=0&dl=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&dt=Secure%20Login&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4Y56CP6LY&l=aipGTM&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:05:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.allstateidentityprotection.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 31ms
31ms Ping
text/plain 2a00:1450:4025:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P4Y56CP6LY&cid=1894663192.1664197508&gtm=2oe9l0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4Y56CP6LY&l=aipGTM&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:402::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:05:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.allstateidentityprotection.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 95ms
68ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P4Y56CP6LY&cid=1894663192.1664197508&gtm=2oe9l0&aip=1&z=1248365525

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:05:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
456 B 54ms
31ms XHR
text/plain 2a00:1450:4025:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-99008470-6&cid=1894663192.1664197508&jid=1882664255&gjid=149966021&_gid=514309505.1664197508&_u=YCDAiEABBAAAAE~&z=1081046897

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.allstateidentityprotection.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 26 Sep 2022 13:05:07 GMT
content-type: text/plain
access-control-allow-origin: https://portal.allstateidentityprotection.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 51ms
31ms XHR
text/plain 2a00:1450:4025:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-99008470-3&cid=1894663192.1664197508&jid=1303167328&gjid=883887753&_gid=514309505.1664197508&_u=YCDAiEABBAAAAE~&z=194991333

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.allstateidentityprotection.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 26 Sep 2022 13:05:07 GMT
content-type: text/plain
access-control-allow-origin: https://portal.allstateidentityprotection.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 65ms
21ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=331012686&t=pageview&_s=1&dl=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&dp=%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&ul=en-us&de=UTF-8&dt=Secure%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cs=AIP_email&cm=email&_u=YCDAiEABB~&jid=1882664255&gjid=149966021&cid=1894663192.1664197508&tid=UA-99008470-6&_gid=514309505.1664197508&gtm=2wg9l0PQM7N5X&z=1879474380

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 06:12:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24742
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 65ms
21ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 06:12:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24742
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 249ms
202ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://portal.allstateidentityprotection.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Sep 2022 13:05:08 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: Google Frontend
access-control-allow-headers: Content-Type, Accept
x-powered-by: Express
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 67ee7935ecd804d0bf7f9d45fabbf9d4
function-execution-id: 2i2lnc1exhcq
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 194ms
139ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://portal.allstateidentityprotection.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Mon, 26 Sep 2022 13:05:07 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: m9tnv2hhn5o8
server: Google Frontend
x-cloud-trace-context: e3c327f67f4e7fab7ccb56841ecff75b
x-powered-by: Express

GET
H2 204 135001177.js Show response
bat.bing.com/p/action/ 0
120 B 168ms
167ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/135001177.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D908F7E54A4F4BEE9C80779942F9E845 Ref B: DUS30EDGE0915 Ref C: 2022-09-26T13:05:07Z
date: Mon, 26 Sep 2022 13:05:07 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
176 B 49ms
49ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=135001177&tm=gtm002&Ver=2&mid=8fa3dad8-d54b-47de-b872-5408b76f8c61&sid=d84c1bb03d9b11ed9a2671443a6cdc46&vid=d84c1de03d9b11ed8c20098706ce7c89&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Secure%20Login&p=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&r=&lt=2241&evt=pageLoad&sv=1&rn=657537

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 58B5124D41894194A02DCDC8C2449E6B Ref B: DUS30EDGE0915 Ref C: 2022-09-26T13:05:07Z
date: Mon, 26 Sep 2022 13:05:07 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 142ms
90ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-99008470-6&cid=1894663192.1664197508&jid=1882664255&_u=YCDAiEABBAAAAE~&z=1035345386

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:05:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 48ms
45ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-99008470-6&cid=1894663192.1664197508&jid=1882664255&_u=YCDAiEABBAAAAE~&z=1035345386

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:05:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 111ms
61ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-99008470-3&cid=1894663192.1664197508&jid=1303167328&_u=YCDAiEABBAAAAE~&z=370057042

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:05:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 68ms
67ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-99008470-3&cid=1894663192.1664197508&jid=1303167328&_u=YCDAiEABBAAAAE~&z=370057042

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:05:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK exchangeCapture.js Show response
lib-us-3.brilliantcollector.com/common/ 37 KB
10 KB 162ms
33ms Script
application/x-javascript 104.96.159.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lib-us-3.brilliantcollector.com/common/exchangeCapture.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQM7N5X&l=aipGTM&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.159.134 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-159-134.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ef44d1226b2978ea87a221cd81e7054f0bc3037daf0be7bcf36515d131c1785

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 13:05:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Mar 2021 14:46:43 GMT
Server: AkamaiNetStorage
ETag: "2e830ee69ef3ec34fd1647d91b5c1dd7:1616424403.574086"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 9262

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/322040722/ 3 KB
2 KB 93ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/322040722/?random=1664197507775&cv=9&fst=1664197507775&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&tiba=Secure%20Login&auid=910890575.1664197507&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b78a76f84e05d82824cab9e39f1d2d645d55a27ef784e2a8a89cd47012d400ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1191
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=COeCn-rCsvoCFeeAmwodjzEItA;src=11038515;type=secndry;cat=dmnvisit;ord=6344735164794;gtm=2wg9l0;auiddc=910890575.1664197507;~oref=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%... Show response
adservice.google.com/ddm/fls/i/ Frame DB7A 783 B
1 KB 113ms
61ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COeCn-rCsvoCFeeAmwodjzEItA;src=11038515;type=secndry;cat=dmnvisit;ord=6344735164794;gtm=2wg9l0;auiddc=910890575.1664197507;~oref=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2

Requested by

Host: 11038515.fls.doubleclick.net
URL: https://11038515.fls.doubleclick.net/activityi;dc_pre=COeCn-rCsvoCFeeAmwodjzEItA;src=11038515;type=secndry;cat=dmnvisit;ord=6344735164794;gtm=2wg9l0;auiddc=910890575.1664197507;~oref=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcbcc27d5d346987b4a8b5ff9ec0c51eb43bec52434e20417a610fff22785d2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11038515.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 568
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 13:05:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/322040722/ 42 B
64 B 87ms
38ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/322040722/?random=1664197507775&cv=9&fst=1664197200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&tiba=Secure%20Login&async=1&fmt=3&is_vtc=1&random=1946072749&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:05:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/322040722/ 42 B
64 B 79ms
34ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/322040722/?random=1664197507775&cv=9&fst=1664197200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&tiba=Secure%20Login&async=1&fmt=3&is_vtc=1&random=1946072749&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:05:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.01a02f6e8b126e8c8358.js Show response
script.hotjar.com/ 253 KB
65 KB 80ms
25ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.01a02f6e8b126e8c8358.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-839336.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

ee7bb17c3acb65101091c91000ab6880adea702b59d047ce9d5b2d178b7fa849

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 10:32:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 268381
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
content-length: 65760
access-control-allow-origin: *
last-modified: Fri, 23 Sep 2022 10:32:03 GMT
etag: "88b47d3464ed75957aaec1d6b297a6e8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ZqzC9rqeZ20W8UFLnNj5byF_to42WSdQ1WKDP_lvehk5NXcpgG9-Kw==

GET
H2 200 dc_pre=COeCn-rCsvoCFeeAmwodjzEItA;src=11038515;type=secndry;cat=dmnvisit;ord=6344735164794;gtm=2wg9l0;auiddc=910890575.1664197507;~oref=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%... Show response
adservice.google.de/ddm/fls/i/ Frame 97DF 194 B
870 B 113ms
61ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=COeCn-rCsvoCFeeAmwodjzEItA;src=11038515;type=secndry;cat=dmnvisit;ord=6344735164794;gtm=2wg9l0;auiddc=910890575.1664197507;~oref=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COeCn-rCsvoCFeeAmwodjzEItA;src=11038515;type=secndry;cat=dmnvisit;ord=6344735164794;gtm=2wg9l0;auiddc=910890575.1664197507;~oref=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 13:05:08 GMT
expires: Mon, 26 Sep 2022 13:05:08 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame 388C 2 KB
1 KB 95ms
22ms Document
text/html 13.224.189.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-839336.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-80.fra2.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://portal.allstateidentityprotection.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1655281
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 09:17:07 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
vary: Accept-Encoding
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
x-amz-cf-id: KtDJzYiBbP3ZNoDLNQzlIUrDm5z0cpFY42wqzPdONOAevL81VKbqbQ==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 3836852.js Show response
js.hs-analytics.net/analytics/1664197500000/ 89 KB
22 KB 216ms
173ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1664197500000/3836852.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3836852.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ac90fd09035a823148397b4d3ac48500ca094f567019973102686f582ea6cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:08 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 151DPBHKV2C3FKTR
x-amz-server-side-encryption: AES256
cf-ray: 750c35992a8f6967-FRA
x-amz-id-2: oCpfVVje208SNQvk+XD96peONJ4jcrIVgJcsrCQlILLEUFQth2X/tlIaY0Qr1+mTK0v5HeWR0o0=
last-modified: Mon, 12 Sep 2022 18:10:49 GMT
server: cloudflare
etag: W/"89ab76a1a00d3280d791745aae073f79"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Mon, 26 Sep 2022 13:10:08 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 548 KB
88 KB 94ms
40ms Script
application/javascript 2606:4700::6811:e8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3836852.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3a88c35bdc16d97403947a9f9188faf13af9a6776529a422286716605d5fee

Request headers

Referer: https://portal.allstateidentityprotection.com/
Origin: https://portal.allstateidentityprotection.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:08 GMT
via: 1.1 af714cbe72276e767e61cd6e1fa5ed48.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 76615
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js&cfRay=7504e71f18059a3c-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 06 Sep 2022 03:53:55 UTC
server: cloudflare
etag: W/"6ec4f161716a8da5c8c95cda1e89dc05"
vary: Accept-Encoding
x-amz-version-id: Ur8e8LShl3Q9Sr_qgQx0CQrFz7yEnpM5
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD55-P5
cf-ray: 750c35993f476977-FRA
x-amz-cf-id: yZw7DYSlVaTeQ7FQ-DQbT9KLKCKIWhkWY5AjETE8o5zTKGvu02t2Yg==
x-hs-target-asset: lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 65 KB
23 KB 73ms
30ms Script
application/javascript 2606:4700::6811:7fab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3836852.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7fab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb

Request headers

Referer: https://portal.allstateidentityprotection.com/
Origin: https://portal.allstateidentityprotection.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:08 GMT
via: 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 74386
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=75051d8b9bb3927d-IAD
x-cache: Miss from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 750c35992f43bb47-FRA
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
server: cloudflare
etag: W/"7a468b833be86c01bc8dfd455308f792"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD12-P3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: ocJ7eiLAmLQtzya4w1GT7zs4vRpMeeLZb9v6-003TabW4i95tthinw==
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 109ms
55ms Script
application/javascript 2606:4700::6811:74b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3836852.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbe5717b2e530ed3889fef7a3f64bd8703892af4df7a50ebdab50877d714ccb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:08 GMT
via: 1.1 36b04143ac1626bb30bb225fb2cccb1e.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 298
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.293/bundles/pixels-release.js&cfRay=750c2e531abb911f-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Fri, 23 Sep 2022 05:23:07 UTC
server: cloudflare
etag: W/"46dd82490c71a41bce1eabb2e38c89c0"
vary: Accept-Encoding
x-amz-version-id: 7KJ54BFzipn1nE_Td6RfTtNOqayLQBYG
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD12-P3
cf-ray: 750c35994ded9124-FRA
x-amz-cf-id: HFTh_kMi0w7kGZ7IPbZGLCc_jEtMIZOX62XKuaOyFoYTWsgzWgSIrA==
x-hs-target-asset: adsscriptloaderstatic/static-1.293/bundles/pixels-release.js

GET
H2 200 3836852.js Show response
js.hs-banner.com/ 62 KB
16 KB 325ms
282ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3836852.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3836852.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9728e0a0068ba41e49f4552eb343583b52eab7b091509e189fbfb61e3a65c433

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:08 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 1511YSYV278NFCN1
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: IxirDpliHae/OWvR//xUvWrIG5ESrg8oHkOwyQL8lx8mGwhZ3PrxgzbcJ0uq/qSJXCRjtyAKiWQ=
timing-allow-origin: *
last-modified: Mon, 12 Sep 2022 18:11:28 GMT
server: cloudflare
etag: W/"297a4ed4d3cede193a4a46cac05a71eb"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: dsxHi5xLmOFEsZkQnYJX5Nyq6101CB2o
access-control-allow-origin: https://portal.allstateidentityprotection.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 750c35992b69bb8b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 26 Sep 2022 13:10:08 GMT

GET
H/1.1 200
OK yahoo-min.js Show response
libs.coremetrics.com/ddxlibs/ 7 KB
3 KB 155ms
32ms Script
application/x-javascript 104.103.105.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.coremetrics.com/ddxlibs/yahoo-min.js
Requested by: Host: lib-us-3.brilliantcollector.com
URL: https://lib-us-3.brilliantcollector.com/common/exchangeCapture.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.105.16 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-105-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c642c7ca52f6c1109ae4f95cc996868b27c2aa5d230bb2fae8b73969093eac17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 13:05:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Aug 2014 12:31:47 GMT
Server: AkamaiNetStorage
ETag: "839e18c2abe9817eb0b63acb4f014aa4:1407414707"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3005

GET
H/1.1 200
OK json-min.js Show response
libs.coremetrics.com/ddxlibs/ 5 KB
2 KB 157ms
33ms Script
application/x-javascript 104.103.105.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.coremetrics.com/ddxlibs/json-min.js
Requested by: Host: lib-us-3.brilliantcollector.com
URL: https://lib-us-3.brilliantcollector.com/common/exchangeCapture.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.105.16 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-105-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f9c6a26ce3e203ceae1433c8c1618f7c93d695131a53262ff72f8154421fde40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 13:05:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Aug 2014 12:31:47 GMT
Server: AkamaiNetStorage
ETag: "59d3be5741942c7fca3daff0b2d977ef:1407414707"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2204

GET
H/1.1 200
OK ecDispatcher-v3.js Show response
tmscdn.coremetrics.com/tms/ 5 KB
2 KB 167ms
32ms Script
application/x-javascript 104.103.105.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tmscdn.coremetrics.com/tms/ecDispatcher-v3.js
Requested by: Host: lib-us-3.brilliantcollector.com
URL: https://lib-us-3.brilliantcollector.com/common/exchangeCapture.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.105.16 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-105-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6fac6c51838f1325f244d0205e529f0ca8a8021edcac7188c078caf657c97b05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 13:05:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Oct 2020 12:10:29 GMT
Server: AkamaiNetStorage
ETag: "1a1b837364e6b5339e71c69665620a60:1603973497.238919"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1231

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/839336/ 148 B
322 B 169ms
46ms XHR
application/json 52.31.254.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/839336/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.01a02f6e8b126e8c8358.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.254.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-254-154.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 46354f041f1d15b2ef3ae63228cb7116fa498f180ea9e49e442f1a561aedf7d2

Request headers

Referer: https://portal.allstateidentityprotection.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 26 Sep 2022 13:05:08 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1 KB 212ms
157ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=3836852&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70b3d587ff1a0d154329235762340889e0bc875117ebaf183ce6171400e0884a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.allstateidentityprotection.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:08 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c4f8cfb2-2bf9-43d3-ae46-c22e039d5266
cf-ray: 750c3599efa79b70-FRA
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7MiKtARFjuNczr9LodFCPcBEypXJV9oyHQNIbi%2Ftk6UEBqPZ6vnXZ4%2FE04JTe6pASVoZ3LdNwUUbu5%2Be4QGmX3RwMulWRfOBPqdZce%2BNNPsbeLup%2F3mBmpZO4%2BN%2FHQt932pyQyWnyqSmlPbKR2r"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://portal.allstateidentityprotection.com
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *

GET
H/1.1 404
Not Found cp-v3.js
tmscdn.coremetrics.com/tms/25000017/ 0
0 335ms
335ms Script
text/plain 104.103.105.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tmscdn.coremetrics.com/tms/25000017/cp-v3.js?__t=20220926130508151
Requested by: Host: tmscdn.coremetrics.com
URL: https://tmscdn.coremetrics.com/tms/ecDispatcher-v3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.103.105.16 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-105-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 13:05:08 GMT
Server: AkamaiNetStorage
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 265 B
917 B 210ms
161ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=3836852

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

451d7d8769c92d8519dc1877a80b433c92e70427cf3da94fa9670697026580bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:08 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c50fc5c9-141c-48ae-bed0-cc12df539784
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BC6AB875C1D5C11B33140DB27D3E2FE5D77835BBF000000000000000000
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQui%2BATtCyPoOP2authxUx0rhyzLRCP8JEo4Cr9FIVtBNMFcx9tDP97pY2yUV46Vt9m9TnGTJMCLR6E%2F1gkrc26zZ8ebsb0zQRxdAT7RWlGnAT4XeWv9FEzWCgIUEhvZvizaLLOKAfM%2BTGXx"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://portal.allstateidentityprotection.com
access-control-allow-credentials: false
cf-ray: 750c359b4a96929b-FRA
access-control-allow-headers: *

GET
H/1.1 200
OK event.jpeg
www.pages09.net/WTS/ 0
474 B 450ms
111ms Image
image/jpeg 184.73.166.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pages09.net/WTS/event.jpeg?accesskey=244f3b49-175c321d15a-2baacb7739ee1c16a824f9d47c8a8b8b&v=1.31&isNewSession=1&type=pageview&isNewVisitor=1&sessionGUID=382587dd-3898-1609-ec0d-28701c3cce21&webSyncID=6d2ee10a-10cb-9c26-b917-b1b1e93c5096&url=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&newSiteVisit=1&hostname=portal.allstateidentityprotection.com&pathname=%2Fsignin%2F&spMailingID=2894103&spUserID=MjcwODc0NTM2MTYS1&spJobID=1100120113&spReportId=MTEwMDEyMDExNAS2&newPageVisit=1&eventKey=53d22867-25e9-7448-8485-742018e102ce

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

184.73.166.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-184-73-166-45.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Sep 2022 13:05:08 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
p3p: CP="CAO PSA OUR"
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
Connection: close
Content-Type: image/jpeg
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
889 B 214ms
164ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=492729889&v=1.1&a=3836852&ct=standard-page&po=%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&pu=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&t=Secure+Login&cts=1664197508500&vi=acdd80bae9ad40147790d938fb02b4b4&nc=true&u=241286365.acdd80bae9ad40147790d938fb02b4b4.1664197508497.1664197508497.1664197508497.1&b=241286365.1.1664197508497&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:08 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 5a1b552f-d35b-4549-9e80-e5d492698328
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
x-robots-tag: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfP3Xhmpy%2BOcTTQV5z24qd5%2FOVpgGtnP%2FV6%2ByBe1AK1ijz9V17FTQOSsONi7EbflzA9ewmOcmGcfyz5XZm0w0IrR4at03i9uqIPn3rFcEXZmOcfJrGbvmbw6crUvyN6H16o5pJBwl1wBm1s0VvHk"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 750c359c9c375c50-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
559 B 235ms
186ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=492729889&v=1.1&a=3836852&ct=standard-page&po=%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&pu=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&t=Secure+Login&cts=1664197508503&vi=acdd80bae9ad40147790d938fb02b4b4&nc=true&u=241286365.acdd80bae9ad40147790d938fb02b4b4.1664197508497.1664197508497.1664197508497.1&b=241286365.1.1664197508497&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:08 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c8132621-0456-4969-8e0f-f987491ce6e5
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
x-robots-tag: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uB9BuPb1ssqPAu9%2B1okHAf5RaW9BXG7Mz3Mb6dXjg9%2FVrcHxjuq57vDaiSkUTeU8%2FA69fYMfyS%2FEVd6aHKLGUWPu8HXkiGt4gRP4WBeoWZ65hzFLU0MC3wIw%2BDulgBxTBJH2DoalfNX55pJkSY4N"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 750c359c9c3a5c50-FRA

GET
H3 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 254 B
1 KB 231ms
201ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=3836852&utk=acdd80bae9ad40147790d938fb02b4b4&__hstc=241286365.acdd80bae9ad40147790d938fb02b4b4.1664197508497.1664197508497.1664197508497.1&__hssc=241286365.1.1664197508497&currentUrl=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

088a8eecee95066d2353dba2352743c8066525a2ba4f54a6e96a8dc639e97d8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:08 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 43730c61-7f2d-4a91-a8eb-2ebd4e19088f
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-robots-tag: none
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWhLGaj1QWAt6ZAnAmELUmx1bQWxWWYJoByC2Q9yNTgM0pQ%2FJ3bv5m%2FForY6EOFsI8id0zSNujLNZ50RcGLWqTnxe4Q4OU%2BuHLvBirVPUSR0%2BqB5pT73hb%2Fc71Fj29D9EdCRkl%2F%2FjD5C6aRtP0Zl"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://portal.allstateidentityprotection.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 750c359c8c2690b5-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
22ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=331012686&t=event&ni=1&_s=1&dl=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&ul=en-us&de=UTF-8&dt=Secure%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=on-page%20interaction&ea=scroll%20tracking&el=10&_u=aCDAiEABBAAAAE~&jid=&gjid=&cid=1894663192.1664197508&tid=UA-99008470-3&_gid=514309505.1664197508&gtm=2wg9l0PQM7N5X&z=1884516999

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 06:12:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24743
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
23ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=331012686&t=event&ni=1&_s=1&dl=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&ul=en-us&de=UTF-8&dt=Secure%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=on-page%20interaction&ea=scroll%20tracking&el=25&_u=aCDAiEABBAAAAE~&jid=&gjid=&cid=1894663192.1664197508&tid=UA-99008470-3&_gid=514309505.1664197508&gtm=2wg9l0PQM7N5X&z=1043952154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 06:12:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24743
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
24ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=331012686&t=event&ni=1&_s=1&dl=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&ul=en-us&de=UTF-8&dt=Secure%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=on-page%20interaction&ea=scroll%20tracking&el=50&_u=aCDAiEABBAAAAE~&jid=&gjid=&cid=1894663192.1664197508&tid=UA-99008470-3&_gid=514309505.1664197508&gtm=2wg9l0PQM7N5X&z=1089609673

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 06:12:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24743
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
24ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=331012686&t=event&ni=1&_s=1&dl=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&ul=en-us&de=UTF-8&dt=Secure%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=on-page%20interaction&ea=scroll%20tracking&el=75&_u=aCDAiEABBAAAAE~&jid=&gjid=&cid=1894663192.1664197508&tid=UA-99008470-3&_gid=514309505.1664197508&gtm=2wg9l0PQM7N5X&z=1484748174

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 06:12:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24743
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
24ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=331012686&t=event&ni=1&_s=1&dl=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&ul=en-us&de=UTF-8&dt=Secure%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=on-page%20interaction&ea=scroll%20tracking&el=100&_u=aCDAiEABBAAAAE~&jid=&gjid=&cid=1894663192.1664197508&tid=UA-99008470-3&_gid=514309505.1664197508&gtm=2wg9l0PQM7N5X&z=1503662941

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 06:12:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24743
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
61 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-626434865

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

244abd3a465f33cb5651934e5076af9b6701d4d87b48f122878be69c02c79d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62389
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Sep 2022 13:05:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 109ms
32ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-xss-protection: 0
pragma: public
x-fb-debug: IrGdD/arp3kfFBqdjNbnFv8S7ldp3CP/iJH2Fv4/FRsZ4Cq8AiB9j7ru/c5OdWv7Q70woliZ0/hSd7F72XMpvA==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 26 Sep 2022 13:05:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 79ms
22ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:08 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=57603
accept-ranges: bytes
content-length: 3063

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 146ms
74ms Script
text/javascript 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-626434865

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 26 Sep 2022 13:05:08 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2269737&time=1664197508645&url=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2269737%26time%3D1664197508645%26url%3Dhttps%253A%252F%252Fportal.allstateidentit...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2269737&time=1664197508645&url=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2269737&time=1664197508645&url=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAI...

0
267 B

216ms
131ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2269737&time=1664197508645&url=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520%283%29%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&liSync=true&e_ipv6=AQJ0UF9cqz37dQAAAYN55r_N1OJgaA4ULnD90kVogXj6h9ihEQdOlCH8PXSQS9q8E3c4R58AL_nZK1v-2uUWmB4A_AJ51g
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:09 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E66CEDF664674DF8B89D19D33D733A1A Ref B: DUS30EDGE0320 Ref C: 2022-09-26T13:05:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXplC1gXYbXpZeUB1AYDA==
x-li-fabric: prod-lva1

Redirect headers

date: Mon, 26 Sep 2022 13:05:08 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 763D8CCB02944025ADEEE2C66C600E22 Ref B: DUS30EDGE0813 Ref C: 2022-09-26T13:05:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2269737&time=1664197508645&url=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520%283%29%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&liSync=true&e_ipv6=AQJ0UF9cqz37dQAAAYN55r_N1OJgaA4ULnD90kVogXj6h9ihEQdOlCH8PXSQS9q8E3c4R58AL_nZK1v-2uUWmB4A_AJ51g
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXplC1c/4qqLeCIhdsPXA==

GET
H/1.1 200
OK Allstate%20Logo.png
cdn.infoarmor.com/files/ 29 KB
29 KB 707ms
171ms Image
image/png 104.255.33.113
AIP-AS13583

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.infoarmor.com/files/Allstate%20Logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 104.255.33.113 , United States, ASN13583 (AIP-AS13583, US),
Reverse DNS
Software: /
Resource Hash: 026b5c3de510829935907a6421ddcbeb5f8f0f8bb35697e32d87a67e44a77b98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 26 Sep 2022 13:05:09 GMT
Last-Modified: Mon, 08 Jul 2019 23:44:30 GMT
Connection: close
Accept-Ranges: bytes
Content-Length: 29737
Content-Type: image/png

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/0dc1622e-c2cc-4c1d-428d-89885cdde616/ 477 KB
147 KB 341ms
179ms Script
application/javascript 2600:9000:211a:e000:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/0dc1622e-c2cc-4c1d-428d-89885cdde616/pendo.js
Requested by: Host: portal.allstateidentityprotection.com
URL: https://portal.allstateidentityprotection.com/signin/ia-common.bundle.d312f1bd.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:e000:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b4baf303fee0483ad77b7b9dfb3d3f3cf7c06fd7565d40239a6b2a46aa0383c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 26 Sep 2022 13:05:08 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: VIE50-C2
X-GUploader-UploadID: ADPycdvuLc68r_gjuuytsdDPQmmMDsTckGaN6o4NHxO0y3XO5Wx7LCoLjzibLtXbJitFscTbwLJSbTOVE1FnfnzwrfSFYs36xoNa
X-Cache: RefreshHit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 149309
Access-Control-Allow-Origin: *
Last-Modified: Thu, 22 Sep 2022 18:13:17 GMT
Server: UploadServer
ETag: "055459fc4874f89528fecee9680eb561"
Vary: Accept-Encoding
x-goog-hash: crc32c=DLbgIw==, md5=BVRZ/Eh0+JUo/s7paA61YQ==
x-goog-generation: 1663870397628740
Via: 1.1 fadd210e8fada96866356688e5524d10.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 149309
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: Q8GjH8XfqYIgwh-Xz9gIDpd4bugMtq-Ve1PuwOH88OAlL_pslsNHQQ==
Expires: Mon, 26 Sep 2022 13:12:38 GMT

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
443 B 198ms
152ms Image
image/gif 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: c1075c91-d759-4773-abe1-cedd3bb86cbc
x-trace: 2B3BEA209F36BD8E1EA3F12270E83659A6D10C1BE0000000000000000000
x-robots-tag: none
vary: Accept-Encoding
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 750c359d78f692c5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35

GET
H/1.1 200
OK open-sans-v15-latin-regular.woff2
portal.allstateidentityprotection.com/fonts/ 14 KB
14 KB 171ms
170ms Font
text/plain 104.255.33.112
AIP-AS13583

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.allstateidentityprotection.com/fonts/open-sans-v15-latin-regular.woff2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

104.255.33.112 , United States, ASN13583 (AIP-AS13583, US),

Reverse DNS

Software

Resource Hash

4959e89463a9467fbd929f85e9d62b347dbb7c4fb1d42fda16561dda4acb84fe

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://portal.allstateidentityprotection.com/signin/?partnerid=allstateessentials&utm_source=AIP_email&utm_medium=email&utm_campaign=&utm_content=B2B_FeatureOnboarding-Login-Send%202%20(3)&spMailingID=2894103&spUserID=MjcwODc0NTM2MTYS1&spJobID=1100120113&spReportId=MTEwMDEyMDExNAS2
Origin: https://portal.allstateidentityprotection.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubdomains;
x-content-type-options: nosniff
last-modified: Tue, 30 Aug 2022 23:56:27 GMT
etag: "36e0-5e77e20e000c0"
x-frame-options: SAMEORIGIN
cache-control: max-age=60, public
date: Mon, 26 Sep 2022 13:05:08 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'
accept-ranges: bytes
x-envoy-upstream-service-time: 1
content-length: 14048

GET
H/1.1 200
OK open-sans-v15-latin-600.woff2
portal.allstateidentityprotection.com/fonts/ 14 KB
15 KB 175ms
174ms Font
text/plain 104.255.33.112
AIP-AS13583

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.allstateidentityprotection.com/fonts/open-sans-v15-latin-600.woff2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

104.255.33.112 , United States, ASN13583 (AIP-AS13583, US),

Reverse DNS

Software

Resource Hash

6db8f13cec3a790404fd5bca6adae8ae790eab9c8e6c89d5d6fb9fa2671564e2

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://portal.allstateidentityprotection.com/signin/?partnerid=allstateessentials&utm_source=AIP_email&utm_medium=email&utm_campaign=&utm_content=B2B_FeatureOnboarding-Login-Send%202%20(3)&spMailingID=2894103&spUserID=MjcwODc0NTM2MTYS1&spJobID=1100120113&spReportId=MTEwMDEyMDExNAS2
Origin: https://portal.allstateidentityprotection.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubdomains;
x-content-type-options: nosniff
last-modified: Tue, 30 Aug 2022 23:56:27 GMT
etag: "38d0-5e77e20e000c0"
x-frame-options: SAMEORIGIN
cache-control: max-age=60, public
date: Mon, 26 Sep 2022 13:05:08 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'
accept-ranges: bytes
x-envoy-upstream-service-time: 4
content-length: 14544

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 68ms
33ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.84

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-xss-protection: 0
pragma: public
x-fb-debug: 8SRy3ECvvUWrZhFwhZOayk1Oeurr5QPEXmuENDgDPO6U+nyVv8in6oxSVw8HNyfdFj25iLRU+S7hSTGO28v74g==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 26 Sep 2022 13:05:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 569151950665830 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 130ms
96ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/569151950665830?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d6bab1599c898678340f5063afa5d667d7d773470bcaeefc2ca61a91cfa9b79

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: +k8MKSh0ya5D0+bO/tWrD6AwfFOZlaX8B8qBeMLlhA3DMlZBXw3VvqMGT7wS+9po/Af9WE0xVe81J5eRPCSUSQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 26 Sep 2022 13:05:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/626434865/ 3 KB
1 KB 148ms
103ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/626434865/?random=1664197508802&cv=9&fst=1664197508802&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&tiba=Secure%20Login&auid=910890575.1664197507&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06a793120e0e4572c9356a2abcaae6ab74d07ef57347b5d6bcda1b0c788454f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1208
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 820064158521194 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 126ms
126ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/820064158521194?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6d1b2aead8307eb5e594a2f5ee9203093ef037482565294eea9d37eec3959194

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: QnhDsqvsIWSVGJQXpaCMFvjaxUBVCPhUT8yRuXsX1iOmsK+Qz6tUo7frryONNbw80C3kh5pbCdbg/uqk3Jfl1Q==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 26 Sep 2022 13:05:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/626434865/ 42 B
64 B 38ms
37ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/626434865/?random=1664197508802&cv=9&fst=1664197200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&tiba=Secure%20Login&async=1&fmt=3&is_vtc=1&random=3975160152&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:05:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/626434865/ 42 B
64 B 39ms
38ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/626434865/?random=1664197508802&cv=9&fst=1664197200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&tiba=Secure%20Login&async=1&fmt=3&is_vtc=1&random=3975160152&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:05:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 68ms
24ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=569151950665830&ev=PageView&dl=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&rl=&if=false&ts=1664197509013&sw=1600&sh=1200&ud[external_id]=acdd80bae9ad40147790d938fb02b4b4&v=2.9.84&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1664197509012.1789777491&it=1664197508695&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 26 Sep 2022 13:05:09 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 68ms
24ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=820064158521194&ev=PageView&dl=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&rl=&if=false&ts=1664197509015&sw=1600&sh=1200&ud[external_id]=acdd80bae9ad40147790d938fb02b4b4&v=2.9.84&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1664197509012.1789777491&it=1664197508695&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 26 Sep 2022 13:05:09 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 0dc1622e-c2cc-4c1d-428d-89885cdde616
app.pendo.io/data/ptm.gif/ 42 B
116 B 260ms
190ms Image
image/gif 34.107.204.85
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.pendo.io/data/ptm.gif/0dc1622e-c2cc-4c1d-428d-89885cdde616?v=2.153.1_prod&ct=1664197509116&jzb=eJztklFr2zAUhf-LYWWD1LZkO00CZqQkYy51EpL0oS3DKNZdpk2WXEmOF0r-e6-TNX3r2_Y0g8A6V_eg--k8PntuX4M38ipwzOt5G6NbC6ZwokKV9PsxGV4l4ZCEYc_bCSucNoXg2FAsprPJvFgXT1O6TAZts7mfogErS90odzoTxXGMWmMkbn44V9tRENTaOCZ9JqV1zIHgoJzAWxjtoHRCK7_UVWDFVgkVfK6ZcQqM4OlrA1jbdTBpLxpXFVY3poR0nC0KqJiQR7ECLpoqfRNKVtUMLdPTTiuHHuk1vS6-AHONgbnaaGa4UNvLW70V6nIFin-gIcX1Mfp0YescvbCcTVI6GMYkjFC7Q1Yo5D_Ldj4pw9k6p_n6fkWwdKM3WCEIjtCQkO70ErrZM57m62mbT6Z7XL9n4xVFRjh-bb3R8yvk7vc9zpKpbcO23dOBKu5W3uHM_tx6xI86MsRpx-cqShxB4gnaD8JhgFN2V9iBsYi_k32SRD4p8FL8zWDNNhnaqkbKnudOG6_tu69l9lAnVSThoVmhz3fDKjgW82XLd0-_BgNyoybZ7aIL2N4Bztmn8aF3Dp_UjL8bPvI_fP8kfN1D_MEf0Sjx0aD7aDSI6V_JQRJeHb69AAEjfrs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:09 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 0dc1622e-c2cc-4c1d-428d-89885cdde616 Show response
app.pendo.io/data/guide.js/ 3 KB
2 KB 217ms
150ms Script
application/javascript 34.107.204.85
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.pendo.io/data/guide.js/0dc1622e-c2cc-4c1d-428d-89885cdde616?jzb=eJx9kdFr2zAQxv8XwcoGa2wp6WgDZqTEg4w5KXX60CdxkQ5Pw5Y86dSsjPzvPWcse9uDwPp995183_0WLy45CnFjxVLoh3q73um9_lmrx5vbYz481-KjAGNC9nQumS8WC0Y59nz5TjSmZVGMIRL0M-j7REDoLHpy9DrGQGjIBT8zYSiS67zzxecRInmMzlZ_DZjS5IA-XWUadAo5GqxWmweNA7j-DAe0Lg_VP2BgGIFbVn9uwRP3qO7Vvf6CQDnizh8CROt8d_0tdM5ft-jtO1UqPu_nH67S2HAvljfrSt3eLWQ5Z_aUMDJofpjjbm3K7b5Rzf65lSx9DQdWpCxLqUopp-pHnGbf2KrZ18dmXb_y-bVdtYozGpDAAoFYXlKePt1_ku7Bdxk65Ar0-qkVp0v6F-t5A8w5Rh54dVEZ8WuTVX0qyruCB53-4gVj4g1MeCZv5jOpeS1WnE5vOXGpKQ&v=2.153.1_prod&ct=1664197509118

Requested by

Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/0dc1622e-c2cc-4c1d-428d-89885cdde616/pendo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

Resource Hash

81f877de9beca2fd7aee514042de9ff813f2b5964216e57c276cb66181b8b9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
via: 1.1 google
access-control-max-age: 600
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 47ms
22ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=569151950665830&ev=Microdata&dl=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&rl=&if=false&ts=1664197510516&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Secure%20Login%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=acdd80bae9ad40147790d938fb02b4b4&v=2.9.84&r=stable&a=tmhubspot&ec=1&o=30&fbp=fb.1.1664197509012.1789777491&it=1664197508695&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 26 Sep 2022 13:05:10 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 46ms
23ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=820064158521194&ev=Microdata&dl=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&rl=&if=false&ts=1664197510518&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Secure%20Login%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=acdd80bae9ad40147790d938fb02b4b4&v=2.9.84&r=stable&a=tmhubspot&ec=1&o=30&fbp=fb.1.1664197509012.1789777491&it=1664197508695&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 26 Sep 2022 13:05:10 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 75ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RLKEQV2WQ7&gtm=2oe9l0&_p=331012686&cid=1894663192.1664197508&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1664197507&sct=1&seg=0&dl=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&dt=Secure%20Login&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RLKEQV2WQ7&l=aipGTM&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:05:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.allstateidentityprotection.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 39ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P4Y56CP6LY&gtm=2oe9l0&_p=331012686&cid=1894663192.1664197508&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1664197507&sct=1&seg=0&dl=https%3A%2F%2Fportal.allstateidentityprotection.com%2Fsignin%2F%3Fpartnerid%3Dallstateessentials%26utm_source%3DAIP_email%26utm_medium%3Demail%26utm_campaign%3D%26utm_content%3DB2B_FeatureOnboarding-Login-Send%25202%2520(3)%26spMailingID%3D2894103%26spUserID%3DMjcwODc0NTM2MTYS1%26spJobID%3D1100120113%26spReportId%3DMTEwMDEyMDExNAS2&dt=Secure%20Login&en=scroll&epn.percent_scrolled=90&_et=8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4Y56CP6LY&l=aipGTM&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.allstateidentityprotection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Sep 2022 13:05:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.allstateidentityprotection.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
portal.allstateidentityprotection.com/signin	1969-12-31 23:59:59	Name: partnerid Value: allstateessentials
.portal.allstateidentityprotection.com/	1969-12-31 23:59:59	Name: TS01089195 Value: 0103150ea23194f7d52bf2e4a775c5887b5ac16adbe4be0c0c40af2206c0e5222c11960a3c320a2832440ff1498d535521c0aa156f
.allstateidentityprotection.com/	1970-01-20 08:26:13	Name: _gcl_au Value: 1.1.910890575.1664197507
.allstateidentityprotection.com/	1970-01-20 10:35:49	Name: __utmzz Value: utmcsr=AIP_email\|utmcmd=email\|utmccn=\|utmcct=B2B_FeatureOnboarding-Login-Send%202%20(3)
.allstateidentityprotection.com/	1969-12-31 23:59:59	Name: __utmzzses Value: 1
.allstateidentityprotection.com/	1970-01-20 15:52:37	Name: _ga_RLKEQV2WQ7 Value: GS1.1.1664197507.1.0.1664197507.60.0.0
.allstateidentityprotection.com/	1970-01-20 15:52:37	Name: _ga_P4Y56CP6LY Value: GS1.1.1664197507.1.0.1664197507.60.0.0
.bing.com/	1970-01-20 15:38:13	Name: MUID Value: 30D2F6C1B27969E93B41E4EAB3D36854
.allstateidentityprotection.com/	1970-01-20 15:52:37	Name: _ga Value: GA1.2.1894663192.1664197508
.allstateidentityprotection.com/	1970-01-20 06:18:03	Name: _gid Value: GA1.2.514309505.1664197508
.allstateidentityprotection.com/	1970-01-20 06:16:37	Name: _dc_gtm_UA-99008470-6 Value: 1
.allstateidentityprotection.com/	1970-01-20 06:16:37	Name: _dc_gtm_UA-99008470-3 Value: 1
portal.allstateidentityprotection.com/	1970-01-20 15:02:13	Name: __pdst Value: d261422e7d2c4b8a98254ba4b00a070d
.allstateidentityprotection.com/	1970-01-20 06:18:03	Name: _uetsid Value: d84c1bb03d9b11ed9a2671443a6cdc46
.allstateidentityprotection.com/	1970-01-20 15:38:13	Name: _uetvid Value: d84c1de03d9b11ed8c20098706ce7c89
www.sc.pages09.net/	1969-12-31 23:59:59	Name: Silverpop_cookie Value: 1234165770.17439.0000
.allstateidentityprotection.com/	1970-01-20 15:52:37	Name: WCXUID Value: 22179191976016641975079
.allstateidentityprotection.com/	1969-12-31 23:59:59	Name: WCXSID Value: 00002810151166419750798025000017
.allstateidentityprotection.com/	1969-12-31 23:59:59	Name: WCXSID_expiry Value: 1664197507981
.allstateidentityprotection.com/	1970-01-20 15:02:13	Name: _hjSessionUser_839336 Value: eyJpZCI6IjEyYjhkMzBmLWUyMDktNTgzYS04NjliLWM5MWIyZjU4YzkyYSIsImNyZWF0ZWQiOjE2NjQxOTc1MDgwMjAsImV4aXN0aW5nIjpmYWxzZX0=
.allstateidentityprotection.com/	1970-01-20 06:16:39	Name: _hjFirstSeen Value: 1
portal.allstateidentityprotection.com/	1970-01-20 06:16:37	Name: _hjIncludedInSessionSample Value: 0
.allstateidentityprotection.com/	1970-01-20 06:16:39	Name: _hjSession_839336 Value: eyJpZCI6IjJmOTFkOTZhLWI3NzUtNGU1ZS1iNjAzLTlkNDJmZTU5MzM5OCIsImNyZWF0ZWQiOjE2NjQxOTc1MDgwNTcsImluU2FtcGxlIjpmYWxzZX0=
portal.allstateidentityprotection.com/	1970-01-20 06:16:37	Name: _hjIncludedInPageviewSample Value: 1
.allstateidentityprotection.com/	1970-01-20 06:16:39	Name: _hjAbsoluteSessionInProgress Value: 0
.allstateidentityprotection.com/	1970-01-20 15:52:37	Name: com.silverpop.iMAWebCookie Value: 6d2ee10a-10cb-9c26-b917-b1b1e93c5096
.allstateidentityprotection.com/	1970-01-20 06:16:38	Name: com.silverpop.iMA.session Value: 382587dd-3898-1609-ec0d-28701c3cce21
.allstateidentityprotection.com/	1969-12-31 23:59:59	Name: com.silverpop.iMA.mid Value: 2894103
.allstateidentityprotection.com/	1969-12-31 23:59:59	Name: com.silverpop.iMA.uid Value: MjcwODc0NTM2MTYS1
.allstateidentityprotection.com/	1969-12-31 23:59:59	Name: com.silverpop.iMA.jid Value: 1100120113
.allstateidentityprotection.com/	1969-12-31 23:59:59	Name: com.silverpop.iMA.rid Value: MTEwMDEyMDExNAS2
.allstateidentityprotection.com/	1970-01-20 06:16:38	Name: com.silverpop.iMA.page_visit Value: -1898987074:
.allstateidentityprotection.com/	1970-01-20 10:35:49	Name: __hstc Value: 241286365.acdd80bae9ad40147790d938fb02b4b4.1664197508497.1664197508497.1664197508497.1
.allstateidentityprotection.com/	1970-01-20 10:35:49	Name: hubspotutk Value: acdd80bae9ad40147790d938fb02b4b4
.allstateidentityprotection.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.allstateidentityprotection.com/	1970-01-20 06:16:39	Name: __hssc Value: 241286365.1.1664197508497
.hubspot.com/	1970-01-20 06:16:39	Name: __cf_bm Value: qN1j_wXdTCzj0u09ET0PN7Qg7tbFCyr8okFOsOeyYh8-1664197508-0-Ad2wORplKpZnmqFaXTzTMT3z0lAIHjhnITmUAXJfVKjvR9+ow5xq8WsCFOWjxuYyGKDphiEMRqZTTMoKl8lMPQo=
.linkedin.com/	1970-01-20 06:59:49	Name: UserMatchHistory Value: AQKpQec-XOY1TwAAAYN55r6_Foxx3XmGv-Rl-mFQY5AX5nzS5jyR8HRVA7eyScwrw2fa_N5cIPsSwQ
.linkedin.com/	1970-01-20 06:59:49	Name: AnalyticsSyncHistory Value: AQL2gYXXUn8QgQAAAYN55r6_SketvyvRljtqtox55UudpQ6vH1yl2oBIF-DSrqwf4zjoLsluDtsEqvx4r-VbrA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:02:13	Name: bcookie Value: "v=2&07714318-d25e-4ee7-8949-8e6da8138038"
.linkedin.com/	1970-01-20 06:18:03	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2698:u=1:x=1:i=1664197508:t=1664283908:v=2:sig=AQFXPug9qB6orFnyoi-wWXZkpRWTLYiK"
www.pages09.net/	1969-12-31 23:59:59	Name: Silverpop_cookie Value: 1234165770.4525.0000
.doubleclick.net/	1970-01-20 15:38:13	Name: IDE Value: AHWqTUkWK2H43cyDwmPKWnmxK2BjVdn7RtnvjQnhVVniALkWlb4SGyw9ctn0VVgz
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 15:02:13	Name: bscookie Value: "v=1&2022092613050810dd752e-c7fb-44c2-807e-22599a6d90edAQGYDRIMGY7voD5P5kJucSR1_sf_2QaV"
.linkedin.com/	1970-01-20 10:35:49	Name: li_gc Value: MTswOzE2NjQxOTc1MDg7MjswMjHjp1EgmxiEeyAx8yNTIKta4G74lifCv/AGBknb/TogKg==
.allstateidentityprotection.com/	1970-01-20 08:26:13	Name: _fbp Value: fb.1.1664197509012.1789777491

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tmscdn.coremetrics.com/tms/25000017/cp-v3.js?__t=20220926130508151 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=86400; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11038515.fls.doubleclick.net
adservice.google.com
adservice.google.de
api.hubapi.com
app.pendo.io
bat.bing.com
cdn.infoarmor.com
cdn.pdst.fm
cdn.pendo.io
connect.facebook.net
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
in.hotjar.com
insight.adsrvr.org
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
lib-us-3.brilliantcollector.com
libs.coremetrics.com
links.email.allstateidentityprotection.com
portal.allstateidentityprotection.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
script.hotjar.com
signin-api.infoarmor.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
tmscdn.coremetrics.com
track.hubspot.com
us-central1-adaptive-growth.cloudfunctions.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.pages09.net
www.sc.pages09.net
104.103.105.16
104.255.33.112
104.255.33.113
104.255.33.114
104.96.159.134
13.107.42.14
13.224.189.80
13.225.78.103
142.251.39.2
172.217.18.6
184.73.166.45
2001:4860:4802:32::36
2001:4860:4802:36::36
2600:9000:211a:e000:1f:aa31:7740:93a1
2606:4700:4400::6812:21ab
2606:4700::6810:5505
2606:4700::6811:46b0
2606:4700::6811:74b0
2606:4700::6811:7fab
2606:4700::6811:cccc
2606:4700::6811:d4cc
2606:4700::6811:e8cc
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:802::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4025:402::9c
2a02:26f0:3500:16::215:14a0
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f12d:83:face:b00c:0:25de
3.33.220.150
34.107.204.85
35.244.142.80
52.204.15.131
52.222.236.122
52.31.254.154
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
026b5c3de510829935907a6421ddcbeb5f8f0f8bb35697e32d87a67e44a77b98
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06a793120e0e4572c9356a2abcaae6ab74d07ef57347b5d6bcda1b0c788454f2
088a8eecee95066d2353dba2352743c8066525a2ba4f54a6e96a8dc639e97d8f
0ca5398f240098188365ca82bb5c147222d1fb7ea16f5573c130fca685ee63d2
14a92ae2729bc6e2021f05e6c303b60912034da8ed8bf71601fe34247517c60c
244abd3a465f33cb5651934e5076af9b6701d4d87b48f122878be69c02c79d32
27a1e80167055f562f0ddda38620ec1f5a354c5ab795c75da16874f4095520f3
2d476fee4b9eb7982cf8b77a46eda7f957d3fbd073789b491adfc7a6adf910bd
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
451d7d8769c92d8519dc1877a80b433c92e70427cf3da94fa9670697026580bb
46354f041f1d15b2ef3ae63228cb7116fa498f180ea9e49e442f1a561aedf7d2
4959e89463a9467fbd929f85e9d62b347dbb7c4fb1d42fda16561dda4acb84fe
4d6bab1599c898678340f5063afa5d667d7d773470bcaeefc2ca61a91cfa9b79
509f70e61396584ed470f9364a5342e57a27a6aaf10d7042bb616337093a0765
5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb
5c2e7e866318c521a0927f3d5d090311d70de3b7890458a863dca454b66000b3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d1b2aead8307eb5e594a2f5ee9203093ef037482565294eea9d37eec3959194
6db8f13cec3a790404fd5bca6adae8ae790eab9c8e6c89d5d6fb9fa2671564e2
6fac6c51838f1325f244d0205e529f0ca8a8021edcac7188c078caf657c97b05
70b3d587ff1a0d154329235762340889e0bc875117ebaf183ce6171400e0884a
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
81f877de9beca2fd7aee514042de9ff813f2b5964216e57c276cb66181b8b9a0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
877c4addcecc4513386de6e7c009594d6f1a32dc9557b2afa06bcb2d2aa86e0c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
95196a28e6f3db94b0d4cd12ae254e220751cd21846602ee98bdf6a7808f451c
9728e0a0068ba41e49f4552eb343583b52eab7b091509e189fbfb61e3a65c433
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9ef44d1226b2978ea87a221cd81e7054f0bc3037daf0be7bcf36515d131c1785
a54bc148ebbe7fa43eebb50af3b333b89f14a6da483ff9aed53bb6522614139f
a700a3c8787eb283adb408e51172f38dfdc97be2926223210797d769650743fe
b4baf303fee0483ad77b7b9dfb3d3f3cf7c06fd7565d40239a6b2a46aa0383c4
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b78a76f84e05d82824cab9e39f1d2d645d55a27ef784e2a8a89cd47012d400ac
bbe5717b2e530ed3889fef7a3f64bd8703892af4df7a50ebdab50877d714ccb1
bf3a88c35bdc16d97403947a9f9188faf13af9a6776529a422286716605d5fee
c5ac90fd09035a823148397b4d3ac48500ca094f567019973102686f582ea6cb
c642c7ca52f6c1109ae4f95cc996868b27c2aa5d230bb2fae8b73969093eac17
c83ea0ad8db50290380de75855740264fc2aba087e92da97cbc5b8124538b6e1
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
ece89873de7ed21bf50377af2d5574a05ad0167e3dff3beb484596dcd6593045
ee7bb17c3acb65101091c91000ab6880adea702b59d047ce9d5b2d178b7fa849
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9c6a26ce3e203ceae1433c8c1618f7c93d695131a53262ff72f8154421fde40
fcbcc27d5d346987b4a8b5ff9ec0c51eb43bec52434e20417a610fff22785d2d

portal.allstateidentityprotection.com Open in urlscan Pro 104.255.33.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

99 %HTTPS

60 %IPv6

30 Domains

46 Subdomains

41 IPs

5 Countries

1475 kBTransfer

4958 kBSize

48 Cookies

4 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

portal.allstateidentityprotection.com Open in urlscan Pro
104.255.33.112 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

99 %
HTTPS

60 %
IPv6

30
Domains

46
Subdomains

41
IPs

5
Countries

1475 kB
Transfer

4958 kB
Size

48
Cookies

89 HTTP transactions
0 data transactions