urlscan.io logo urlscan.io
SecurityTrails logo

myaccounts.allstate.com Open in urlscan Pro
167.127.115.52  Public Scan

Go To Rescan Add Verdict Report
URL: https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/ClaimDocument/DocsLogin?DocsListId=9A9654A15F4E54DF&cid=EMC-C-E-P_CLAIM...
Submission: On January 12 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 6 domains to perform 14 HTTP transactions. The main IP is 167.127.115.52, located in United States and belongs to ALLSTATE-INSURANCE-CO, US. The main domain is myaccounts.allstate.com. The Cisco Umbrella rank of the primary domain is 174639.
TLS certificate: Issued by Entrust Certification Authority - L1K on June 9th 2022. Valid for: a year.
This is the only time myaccounts.allstate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 167.127.115.52 11520 (ALLSTATE-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
1 2 34.241.134.251 16509 (AMAZON-02)
2 13.37.25.97 16509 (AMAZON-02)
14 9
7    167.127.115.52 (United States)

ASN11520 (ALLSTATE-INSURANCE-CO, US)
myaccounts.allstate.com
1    2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a02:26f0:11a:384::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:26f0:11a:491::2af4 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
resources.allstate.com
2    34.241.134.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-134-251.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    13.37.25.97 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-25-97.eu-west-3.compute.amazonaws.com
smetrics.allstate.com
Apex Domain
Subdomains		 Transfer
10 allstate.com
myaccounts.allstate.com — Cisco Umbrella Rank: 174639
resources.allstate.com — Cisco Umbrella Rank: 73498
smetrics.allstate.com — Cisco Umbrella Rank: 73979
832 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 204
2 KB
1 gstatic.com
fonts.gstatic.com
17 KB
1 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 475
23 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 200
28 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
14 6
Domain Requested by
7 myaccounts.allstate.com 1 redirects myaccounts.allstate.com
2 smetrics.allstate.com resources.allstate.com
2 dpm.demdex.net 1 redirects
1 resources.allstate.com assets.adobedtm.com
1 fonts.gstatic.com fonts.googleapis.com
1 assets.adobedtm.com myaccounts.allstate.com
1 cdnjs.cloudflare.com myaccounts.allstate.com
1 fonts.googleapis.com myaccounts.allstate.com
14 8

This site contains links to these domains. Also see Links.

Domain
www.allstate.com
Subject Issuer Validity Valid
myaccounts.allstate.com
Entrust Certification Authority - L1K		 2022-06-09 -
2023-07-08		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.allstate.com
Entrust Certification Authority - L1M		 2022-05-18 -
2023-06-03		 a year crt.sh
smetrics.allstate.com
Entrust Certification Authority - L1K		 2022-09-21 -
2023-10-21		 a year crt.sh

This page contains 1 frames:

Primary Page: https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/ClaimDocument/DocsLogin?DocsListId=9A9654A15F4E54DF&cid=EMC-C-E-P_CLAIMS_E0065_LIMITEDACCESSDOCS_T-20170511
Frame ID: 0586804C9959FD6074B9C7B395DF6184
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Allstate - MyClaim®

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

86 %
HTTPS

63 %
IPv6

6
Domains

8
Subdomains

9
IPs

4
Countries

902 kB
Transfer

2480 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/Content/assets/scripts/components/input.js HTTP 302
  • https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/b/AnonPage/HttpError/StopError
Request Chain 12
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1673517303807 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1673517303807

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request DocsLogin
myaccounts.allstate.com/AllstateCTSCustomerCSWeb/ClaimDocument/ 		97 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/ClaimDocument/DocsLogin?DocsListId=9A9654A15F4E54DF&cid=EMC-C-E-P_CLAIMS_E0065_LIMITEDACCESSDOCS_T-20170511
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.115.52 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e7e91788a4c8834c6a72587c860c428be176736bf4cd59886113ffd05d2cf144
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding
cache-control
private,no-cache, no-store, max-age=0
content-type
text/html; charset=utf-8
date
Thu, 12 Jan 2023 09:55:01 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
server
Microsoft-IIS/8.5
strict-transport-security
max-age=31536000; includeSubDomains
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-frame-options
SAMEORIGIN
x-old-content-length
98859
x-powered-by
ASP.NET
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Allstate+Sans:300,300i,400,400i,500,500i,700,700i,800,800i&key=7gw5RZn4zm8X2MRJ
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/ClaimDocument/DocsLogin?DocsListId=9A9654A15F4E54DF&cid=EMC-C-E-P_CLAIMS_E0065_LIMITEDACCESSDOCS_T-20170511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4e7c248b024a73fbfdded5fbed86fb29b96ebaaba097367d8ba270c568dc1c36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 12 Jan 2023 09:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 Jan 2023 09:55:02 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/ClaimDocument/DocsLogin?DocsListId=9A9654A15F4E54DF&cid=EMC-C-E-P_CLAIMS_E0065_LIMITEDACCESSDOCS_T-20170511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 09:55:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4970178
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RS3aAg7PPODXfONElQQAXROZbXVDFuIOu62DH9XeriUWLVkuvDKczhNvCgzT9qIVnVpUHXMdPKiEPHs9%2B%2F0X1tPAqmLMVV5GfoT%2FENMvOlwPfXx30ucwb45VzBOp4QF7yu9YMXnDQ%2Fvut4q3KB02%2FUPK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
788503a47acb9bd7-FRA
expires
Tue, 02 Jan 2024 09:55:02 GMT
status_css
myaccounts.allstate.com/AllstateCTSCustomerCSWeb/Content/assets/styles/ 		1 MB
406 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/Content/assets/styles/status_css?v=Tp6bHiSgh6RMo_iZPqbhlsLnUz4Yel2E4VHUn31qC8s1
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/ClaimDocument/DocsLogin?DocsListId=9A9654A15F4E54DF&cid=EMC-C-E-P_CLAIMS_E0065_LIMITEDACCESSDOCS_T-20170511
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.115.52 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0694e3ae26599f22a2414b99277db2074d825e83db6b9218c8fe8f00f8a4d863
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/ClaimDocument/DocsLogin?DocsListId=9A9654A15F4E54DF&cid=EMC-C-E-P_CLAIMS_E0065_LIMITEDACCESSDOCS_T-20170511
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 09:55:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
last-modified
Thu, 12 Jan 2023 09:55:01 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent, Accept-Encoding
Transfer-Encoding
chunked
content-type
text/css; charset=utf-8
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
public,max-age=0
expires
Fri, 12 Jan 2024 09:55:01 GMT
launch-4a806fda3294.min.js
assets.adobedtm.com/d5ff4550c9ef/da22ea71bc01/ 		75 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/d5ff4550c9ef/da22ea71bc01/launch-4a806fda3294.min.js
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/ClaimDocument/DocsLogin?DocsListId=9A9654A15F4E54DF&cid=EMC-C-E-P_CLAIMS_E0065_LIMITEDACCESSDOCS_T-20170511
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:384::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
70219ddae4b27c75f7415df198152d22e9ab91b0b6d240904a8f555e9f2ebc20

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 09:55:03 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 09:25:23 GMT
server
AkamaiNetStorage
etag
"c3941d87841d681b16ba50f0c307d884:1657617923.56253"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
23558
expires
Thu, 12 Jan 2023 10:55:03 GMT
status_js
myaccounts.allstate.com/AllstateCTSCustomerCSWeb/Content/assets/scripts/ 		669 KB
225 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/Content/assets/scripts/status_js?v=qMobRcWApqxA-HMpo6GMH4s2gLPjkt1BRpOjfUk54nM1
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/ClaimDocument/DocsLogin?DocsListId=9A9654A15F4E54DF&cid=EMC-C-E-P_CLAIMS_E0065_LIMITEDACCESSDOCS_T-20170511
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.115.52 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e4e711fe9dc1668e3f205872a01d1df3683f30b1921092bad771738b1c1c3f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/ClaimDocument/DocsLogin?DocsListId=9A9654A15F4E54DF&cid=EMC-C-E-P_CLAIMS_E0065_LIMITEDACCESSDOCS_T-20170511
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 09:55:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
last-modified
Thu, 12 Jan 2023 09:55:02 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent, Accept-Encoding
Transfer-Encoding
chunked
content-type
text/javascript; charset=utf-8
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
public,max-age=0
expires
Fri, 12 Jan 2024 09:55:02 GMT
StopError
myaccounts.allstate.com/AllstateCTSCustomerCSWeb/b/AnonPage/HttpError/
Redirect Chain
  • https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/Content/assets/scripts/components/input.js
  • https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/b/AnonPage/HttpError/StopError
117 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/b/AnonPage/HttpError/StopError
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/ClaimDocument/DocsLogin?DocsListId=9A9654A15F4E54DF&cid=EMC-C-E-P_CLAIMS_E0065_LIMITEDACCESSDOCS_T-20170511
Protocol
HTTP/1.1
Server
167.127.115.52 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7e2245d49ea703dbea99666984ad2b5f1cdae7faf7c6707d5c075ff1bc6e0215
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/ClaimDocument/DocsLogin?DocsListId=9A9654A15F4E54DF&cid=EMC-C-E-P_CLAIMS_E0065_LIMITEDACCESSDOCS_T-20170511
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 09:55:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
x-aspnetmvc-version
5.2
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
Vary
Accept-Encoding
Transfer-Encoding
chunked
content-type
text/html; charset=utf-8
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
private,no-cache, no-store, max-age=0
x-old-content-length
119939

Redirect headers

date
Thu, 12 Jan 2023 09:55:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
x-aspnetmvc-version
5.2
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
Vary
Accept-Encoding
Transfer-Encoding
chunked
content-type
text/html; charset=utf-8
location
https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/b/AnonPage/HttpError/StopError
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=0
x-old-content-length
173
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
666d81a682097c52d6a9d43ba754d9cd22955361c0613ee77cae7cf352cc6015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69071c0ae4e2dc9841b899b1b63adc6bd002df78ddec6d3918a2b6b7801d315a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
allstatesansw-regular.woff
myaccounts.allstate.com/AllstateCTSCustomerCSWeb/Content/assets/fonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/Content/assets/fonts/allstatesansw-regular.woff
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/Content/assets/styles/status_css?v=Tp6bHiSgh6RMo_iZPqbhlsLnUz4Yel2E4VHUn31qC8s1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.115.52 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
834461ec6350b62b44a6dea9ce12cad25411e0baf62308213384f7055961ccd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/Content/assets/styles/status_css?v=Tp6bHiSgh6RMo_iZPqbhlsLnUz4Yel2E4VHUn31qC8s1
Origin
https://myaccounts.allstate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 09:55:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 06 Jan 2023 11:44:22 GMT
server
Microsoft-IIS/8.5
etag
"02ff137c421d91:0"
x-powered-by
ASP.NET
Transfer-Encoding
chunked
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-type
application/x-font-woff
cache-control
max-age=0
accept-ranges
bytes
allstatesansw-bold.woff
myaccounts.allstate.com/AllstateCTSCustomerCSWeb/Content/assets/fonts/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/Content/assets/fonts/allstatesansw-bold.woff
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/Content/assets/styles/status_css?v=Tp6bHiSgh6RMo_iZPqbhlsLnUz4Yel2E4VHUn31qC8s1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.115.52 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8ec28d145fd22007860bcc424814e90b519ae03e1e7d73d550782a9528b1b0ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://myaccounts.allstate.com/AllstateCTSCustomerCSWeb/Content/assets/styles/status_css?v=Tp6bHiSgh6RMo_iZPqbhlsLnUz4Yel2E4VHUn31qC8s1
Origin
https://myaccounts.allstate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 09:55:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 06 Jan 2023 11:44:22 GMT
server
Microsoft-IIS/8.5
etag
"02ff137c421d91:0"
x-powered-by
ASP.NET
Transfer-Encoding
chunked
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-type
application/x-font-woff
cache-control
max-age=0
accept-ranges
bytes
font
fonts.gstatic.com/l/Gd42t16mhdOlGKYlojLt0g/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/Gd42t16mhdOlGKYlojLt0g/font?kit=GFD3WAp_g3SaSendXpV4ytwrKPg6YWQbaf1F&skey=d003ad37c76a3ecf&v=v1
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Allstate+Sans:300,300i,400,400i,500,500i,700,700i,800,800i&key=7gw5RZn4zm8X2MRJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2594290a5808f97dce17736afcd77367097a3810e1ae5d18c8069522214c302b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://myaccounts.allstate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 09:55:03 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17236
x-xss-protection
0
last-modified
Mon, 25 Apr 2016 15:52:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Thu, 12 Jan 2023 09:55:03 GMT
s_codeplus.js
resources.allstate.com/scripts/ 		127 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.allstate.com/scripts/s_codeplus.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d5ff4550c9ef/da22ea71bc01/launch-4a806fda3294.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:491::2af4 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
11bb2b9049b72f77ce187dbae9f50520ce4e8d84fc679fdee21ad638487edf08
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 09:55:03 GMT
content-encoding
br
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
last-modified
Wed, 04 Jan 2023 03:49:55 GMT
server
Akamai Resource Optimizer
etag
"80f253653bed91:0"
x-powered-by
ASP.NET
content-type
application/javascript
cache-control
max-age=1878841
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
38234
expires
Fri, 03 Feb 2023 03:49:04 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1673517303807
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1673517303807
217 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1673517303807
Protocol
HTTP/1.1
Server
34.241.134.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-134-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a89c107eb1e4e1b4171bf8f5c439b6493a1d07fe56dcb4c52b048dcb57b32ded
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-024ef1325.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
eNUJ1dojTzY=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://myaccounts.allstate.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
209
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v045-0f2a7c28b.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
8Td3j+EuQ7A=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://myaccounts.allstate.com
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1673517303807
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
id
smetrics.allstate.com/ 		48 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.allstate.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=97021C8B53295DF30A490D4D%40AdobeOrg&mid=72182521215357110724070200179147173038&ts=1673517304052
Requested by
Host: resources.allstate.com
URL: https://resources.allstate.com/scripts/s_codeplus.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-37-25-97.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
5ab14646a8ee5692afe66e96070b5bf43306b74ff0e2141134072d9940d9cd96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 12 Jan 2023 09:55:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://myaccounts.allstate.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
s5968665523220
smetrics.allstate.com/b/ss/allstateglobal/1/JS-2.17.0-LCUM/ 		43 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.allstate.com/b/ss/allstateglobal/1/JS-2.17.0-LCUM/s5968665523220?AQB=1&ndh=1&pf=1&t=12%2F0%2F2023%209%3A55%3A4%204%200&mid=72182521215357110724070200179147173038&aamlh=6&ce=UTF-8&ns=allstate&pageName=claims%2Fstatus%2Fclaimdocument%2Fdocslogin&g=https%3A%2F%2Fmyaccounts.allstate.com%2FAllstateCTSCustomerCSWeb%2FClaimDocument%2FDocsLogin%3FDocsListId%3D9A9654A15F4E54DF%26cid%3DEMC-C-E-P_CLAIMS_E0065_LIMITEDACCESSDOCS_T-20170511&c.&vidAPICheck=VisitorAPI%20Present&.c&cc=USD&ch=claims%2Fstatus&server=myaccounts.allstate.com&v0=EMC-C-E-P_CLAIMS_E0065_LIMITEDACCESSDOCS_T-20170511&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v3=claims%2Fstatus%2Fclaimdocument%2Fdocslogin&v8=MyC%7C&c10=1600%7C1200%7C1920000%7CLandscape&v10=1600%7C1200%7C1920000%7CLandscape&v15=CSS%7C%7C%7C&c28=VisitorID5.2.0%7CAppMeasurement2.17.0%7C20221114%7CPlus&c31=claims%2Fstatus%2Fclaimdocument%2Fdocslogin%7Chttps%3A%2F%2Fmyaccounts.allstate.com%2Fallstatectscustomercsweb%2Fclaimdocument%2Fdocslogin%3Fdocslistid%3D9a9654a15f4e54df%26cid%3Demc-c-e-p_claims_e0065_limitedaccessdocs_t-20170511&c34=D%3DUser-Agent&c36=New&v40=2dmjmlf00sufoudda3jrn3d3&v45=New&v49=D%3DUser-Agent&c50=allstateglobal&c56=other%7Chttps%3A%2F%2Fmyaccounts.allstate.com%2FAllstateCTSCustomerCSWeb%2FClaimDocument%2FDocsLogin%3FDocsListId%3D9A9654A15F4E54DF%26cid%3DEMC-C-E-P_CLAIMS_E0065_LIMITEDACCESSDOCS_T-20170511%7CRef--%3E&v77=Thu%20Jan%2012%202023%2009%3A55%3A00&v223=72182521215357110724070200179147173038&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=97021C8B53295DF30A490D4D%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-37-25-97.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 09:55:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 13 Jan 2023 09:55:04 GMT
server
jag
etag
3593851046768050176-4619714518484107682
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 11 Jan 2023 09:55:04 GMT

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery function| ClearSession function| getBaseURL function| ISAMLogout function| _toConsumableArray function| _slice object| fnol number| timerCountdown number| timerModalDelay undefined| timeoutModal string| cssUserType string| cssClaimNumber object| $closeButton function| handleClick_rdoInsuredHaveLoanorLease function| handleClick_rdoInsuredDontHaveLoanorlease function| handleClick_rdoClaimantloanorleaseask function| handlechange_txt_lendersaccountsamebank function| handlechange_txt_lendersaccountsamebankKeyup function| handlechange_txt_lendersname function| handlechange_txt_lendersaccountdiffbank function| handlechange_txt_lendersaccountdiffbankKeyup function| TotalLossCompletedBackToMain function| TriggerAccordion function| SwitchTabFromToDO object| lua object| Modernizr object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley object| $fileUpload string| $themeColorCls object| newEventSource object| newEventAction object| ChatAvailability object| TransactionError object| digitalData object| action function| DataLayerFunction string| pathToAssets string| bar_gif string| float_gif string| loading_gif string| tab_1_gif string| bar_gif_retina string| float_gif_retina string| tab_1_gif_retina object| css string| customVars undefined| ClaimNumber undefined| ClaimID undefined| ClaimOffice undefined| ICSPartyID function| GetAccordianSelection function| Track object| OOo string| cssText object| _satellite boolean| __satelliteLoaded function| e object| visitor object| urls object| s function| _scPV string| sc_hitType function| _scLV function| returnLinkDomains function| crossDomainClick function| setIntegrateModuleForDI function| s_doPlugins function| AppMeasurement_Module_Integrate function| AppMeasurement function| s_gi function| s_pgicq function| c_r function| c_rspers function| c_w object| adobe function| Visitor object| s_c_il number| s_c_in number| s_objectID number| s_giq string| j object| s_i_allstateglobal

11 Cookies

Domain/Path Name / Value
myaccounts.allstate.com/ Name: ASP.NET_SessionId
Value: 2dmjmlf00sufoudda3jrn3d3
myaccounts.allstate.com/ Name: __RequestVerificationToken_L0FsbHN0YXRlQ1RTQ3VzdG9tZXJDU1dlYg2
Value: Z7Oz9cl6r7RdLX9o-qU49BeMSkM_JwfAmxeJoyJjaLbz2tICi-NeZypjwkuLCZIOVhO8WaW_teQiVNWPQncZnHHTQ6o1
.allstate.com/ Name: CP-PROD-PD-S-SESSION-ID
Value: 1_2_0_DLqnO7T5kNQ6sVJzdXvOQE+NnjqTBMgarZ617jORSqIosJ9n
myaccounts.allstate.com/ Name: BIGipServerisam-prod-consumer-443-pool
Value: !RuLv7fDhqQu7qfPCCztOAvQkHXWRP29keh2B/zIQV4B0TQ93Iyiy40WPYECGpkwE3WpgakCwGL2QAR0=
.demdex.net/ Name: demdex
Value: 76427512367931252123909303360841294482
.allstate.com/ Name: AMCVS_97021C8B53295DF30A490D4D%40AdobeOrg
Value: 1
.allstate.com/ Name: s_ecid
Value: MCMID%7C72182521215357110724070200179147173038
.allstate.com/ Name: AMCV_97021C8B53295DF30A490D4D%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C19370%7CMCMID%7C72182521215357110724070200179147173038%7CMCAAMLH-1674122104%7C6%7CMCAAMB-1674122104%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1673524504s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
.allstate.com/ Name: s_pers
Value: %20gpv_pn%3Dclaims%252Fstatus%252Fclaimdocument%252Fdocslogin%7C1673519104345%3B%20s_getNewRepeat%3D1673517304353-New%7C1676109304353%3B
.allstate.com/ Name: last_touch_mc
Value: other
.allstate.com/ Name: s_sess
Value: %20SC_LINKS%3D%3B%20s_cc%3Dtrue%3B

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdnjs.cloudflare.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
myaccounts.allstate.com
resources.allstate.com
smetrics.allstate.com
13.37.25.97
167.127.115.52
2606:4700::6811:190e
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::200a
2a02:26f0:11a:384::1e80
2a02:26f0:11a:491::2af4
34.241.134.251
0694e3ae26599f22a2414b99277db2074d825e83db6b9218c8fe8f00f8a4d863
11bb2b9049b72f77ce187dbae9f50520ce4e8d84fc679fdee21ad638487edf08
2594290a5808f97dce17736afcd77367097a3810e1ae5d18c8069522214c302b
4e7c248b024a73fbfdded5fbed86fb29b96ebaaba097367d8ba270c568dc1c36
5ab14646a8ee5692afe66e96070b5bf43306b74ff0e2141134072d9940d9cd96
666d81a682097c52d6a9d43ba754d9cd22955361c0613ee77cae7cf352cc6015
69071c0ae4e2dc9841b899b1b63adc6bd002df78ddec6d3918a2b6b7801d315a
70219ddae4b27c75f7415df198152d22e9ab91b0b6d240904a8f555e9f2ebc20
7e2245d49ea703dbea99666984ad2b5f1cdae7faf7c6707d5c075ff1bc6e0215
834461ec6350b62b44a6dea9ce12cad25411e0baf62308213384f7055961ccd8
8ec28d145fd22007860bcc424814e90b519ae03e1e7d73d550782a9528b1b0ef
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a89c107eb1e4e1b4171bf8f5c439b6493a1d07fe56dcb4c52b048dcb57b32ded
e4e711fe9dc1668e3f205872a01d1df3683f30b1921092bad771738b1c1c3f1e
e7e91788a4c8834c6a72587c860c428be176736bf4cd59886113ffd05d2cf144
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e