urlscan.io logo urlscan.io
SecurityTrails logo

myaccounts.allstate.com Open in urlscan Pro
167.127.115.52  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://l.service01.email-allstate.com/rts/go2.aspx?h=618360&tp=i-1NGB-A2-VEs-2SfYdP-1z-6XVSa-1c-21CirB-l7GUSYHECw-5Cwfl&x=myaccounts.a...
Effective URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Submission: On March 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 8 domains to perform 21 HTTP transactions. The main IP is 167.127.115.52, located in United States and belongs to ALLSTATE-INSURANCE-CO, US. The main domain is myaccounts.allstate.com. The Cisco Umbrella rank of the primary domain is 200851.
TLS certificate: Issued by Entrust Certification Authority - L1K on August 2nd 2021. Valid for: a year.
This is the only time myaccounts.allstate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 63.148.46.72 53316 (ASN-CHEET...)
6 167.127.115.52 11520 (ALLSTATE-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:e30... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
4 52.42.118.254 16509 (AMAZON-02)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 3 63.35.20.93 16509 (AMAZON-02)
2 15.236.176.210 16509 (AMAZON-02)
1 2600:9000:231... 16509 (AMAZON-02)
21 11
1    63.148.46.72 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: rts.eccmp.com
l.service01.email-allstate.com
6    167.127.115.52 (United States)

ASN11520 (ALLSTATE-INSURANCE-CO, US)
myaccounts.allstate.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a02:26f0:e300:183::1e80 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    52.42.118.254 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-118-254.us-west-2.compute.amazonaws.com
dispawsusva.inmoment.com
1    2a02:26f0:3100:791::2af4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
resources.allstate.com
3    63.35.20.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-20-93.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
smetrics.allstate.com
1    2600:9000:2315:8e00:1c:3dc0:7500:93a1 (United States)

ASN16509 (AMAZON-02, US)
intercept-client.inmoment.com
Apex Domain
Subdomains		 Transfer
9 allstate.com
myaccounts.allstate.com — Cisco Umbrella Rank: 200851
resources.allstate.com — Cisco Umbrella Rank: 75949
smetrics.allstate.com — Cisco Umbrella Rank: 70001
723 KB
5 inmoment.com
dispawsusva.inmoment.com — Cisco Umbrella Rank: 16664
intercept-client.inmoment.com — Cisco Umbrella Rank: 19084
42 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
3 KB
2 gstatic.com
fonts.gstatic.com
37 KB
1 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 515
23 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
28 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 email-allstate.com
l.service01.email-allstate.com — Cisco Umbrella Rank: 274255
447 B
21 8
Domain Requested by
6 myaccounts.allstate.com myaccounts.allstate.com
4 dispawsusva.inmoment.com myaccounts.allstate.com
intercept-client.inmoment.com
3 dpm.demdex.net 1 redirects myaccounts.allstate.com
resources.allstate.com
2 smetrics.allstate.com resources.allstate.com
2 fonts.gstatic.com fonts.googleapis.com
1 intercept-client.inmoment.com dispawsusva.inmoment.com
1 resources.allstate.com assets.adobedtm.com
1 assets.adobedtm.com myaccounts.allstate.com
1 cdnjs.cloudflare.com myaccounts.allstate.com
1 fonts.googleapis.com myaccounts.allstate.com
1 l.service01.email-allstate.com 1 redirects
21 11

This site contains links to these domains. Also see Links.

Domain
www.allstate.com
info.evidon.com
Subject Issuer Validity Valid
myaccounts.allstate.com
Entrust Certification Authority - L1K		 2021-08-02 -
2022-08-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.inmoment.com
Entrust Certification Authority - L1K		 2021-08-26 -
2022-09-25		 a year crt.sh
www.allstate.com
Entrust Certification Authority - L1M		 2022-01-11 -
2022-05-31		 5 months crt.sh
smetrics.allstate.com
Entrust Certification Authority - L1K		 2021-10-01 -
2022-10-31		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Frame ID: 8AA49E49EAC9B5612D1BB0A02424A067
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Allstate - MyClaim® Allstate Insurance

Page URL History Show full URLs

  1. http://l.service01.email-allstate.com/rts/go2.aspx?h=618360&tp=i-1NGB-A2-VEs-2SfYdP-1z-6XVSa-1c-21CirB-l7GUSYHECw-... HTTP 302
    https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E-- Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

95 %
HTTPS

55 %
IPv6

8
Domains

11
Subdomains

11
IPs

5
Countries

856 kB
Transfer

2378 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://l.service01.email-allstate.com/rts/go2.aspx?h=618360&tp=i-1NGB-A2-VEs-2SfYdP-1z-6XVSa-1c-21CirB-l7GUSYHECw-5Cwfl&x=myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&pl=QUNUSU9OPUNMQUlNfFBBUlRZPTAyMDg3NDU5NDIwMDAxNXxQT0w9MDAwMDAwMDAwMDAwfENMTT0wMDA2NjI0MzY4NjR8UkVGVVJMPVZpZXdDbGFpbVN1bW1hcnk%3D&hh=PjUspR8kp2aAekN05z2nfkq6GTu8EFBnGJfFLjHp%2FKVbvynil1EcF6dV6ep6XXO1j%2FBlS0c9eysbwlap61zdpw%3D%3D&ec=zM%2BDqTbVqstrsjT8cgnibbFEVMUwecW2%2Bh%2BNBFrIwFCd5IklyZjJWwwwShZlSr8x|P_CLAIMS_1969_AUTOSUBMITTED3RD_T|20210108|] HTTP 302
    https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E-- Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1647357209193 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1647357209193

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ThirdPartyLogin
myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/
Redirect Chain
  • http://l.service01.email-allstate.com/rts/go2.aspx?h=618360&tp=i-1NGB-A2-VEs-2SfYdP-1z-6XVSa-1c-21CirB-l7GUSYHECw-5Cwfl&x=myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/Th...
  • https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
115 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.115.52 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
bede84e4a4e1f955e70bc51738f0da5f89788032c41bd83bd1d8aa6e91f1ae77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
date
Tue, 15 Mar 2022 15:13:26 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
server
Microsoft-IIS/8.5
x-old-content-length
117997
x-frame-options
SAMEORIGIN
x-aspnetmvc-version
5.2
cache-control
private,no-cache, no-store, max-age=0
x-powered-by
ASP.NET
x-aspnet-version
4.0.30319
strict-transport-security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Server
X-Powered-By
Date
Tue, 15 Mar 2022 15:13:26 GMT
Connection
close
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
943
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Allstate+Sans:300,300i,400,400i,500,500i,700,700i,800,800i&key=7gw5RZn4zm8X2MRJ
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
79400d3c07e202563065c79b4bd8aaa7fcd9ad25e53e366a83449170bb594208
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 15 Mar 2022 15:13:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Mar 2022 15:13:27 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 15:13:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2232857
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
timing-allow-origin
*
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2bNBIuETUXYuVkVtYkE7drryXoQwWCXpPJHmsq%2FnKcqrw7e7V5%2B%2F6n2c3py2n2qS0UCGuGsH%2BNJt7%2FMUma6OWY9GcyimMIfAW265DtHzzIP%2BjKTMXc6MGyMkt6dgk8JsYe9RiliH%2BJ0SJxDUugS8x6y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ec63174bb9e994a-FRA
expires
Sun, 05 Mar 2023 15:13:27 GMT
status_css
myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/styles/ 		1 MB
383 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/styles/status_css?v=NITdFQg_v7lo3IKDEYyuU4EFoeMUhHdq9PC2Z054neo1
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.115.52 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
98f2a235d530a15fcc1fc20d5b98a8115766cbf00313d24965c02eaf83a32606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 15:13:27 GMT
Content-Encoding
gzip
last-modified
Tue, 15 Mar 2022 15:13:27 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent, Accept-Encoding
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
public,max-age=0
Transfer-Encoding
chunked
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css; charset=utf-8
expires
Wed, 15 Mar 2023 15:13:27 GMT
launch-4a806fda3294.min.js
assets.adobedtm.com/d5ff4550c9ef/da22ea71bc01/ 		75 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/d5ff4550c9ef/da22ea71bc01/launch-4a806fda3294.min.js
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300:183::1e80 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8eae79397703d7d7c54c403f7d88255300acf9c326a7e5dd765929f3ed1ecc73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 15:13:28 GMT
content-encoding
gzip
last-modified
Mon, 14 Mar 2022 04:15:49 GMT
server
AkamaiNetStorage
etag
"51890007d77150ed26e8f49b5e8b7533:1647231349.341113"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
23496
expires
Tue, 15 Mar 2022 16:13:28 GMT
AdChoices.png
myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/images/AdChoices.png
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.115.52 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5939875d7db8dd9d2cb7cc9f0cf55fd36b406199050dc451e418c2f85dd7bf64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 15:13:27 GMT
etag
"0cff8a5535d81:0"
last-modified
Fri, 11 Mar 2022 14:33:58 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=0
Transfer-Encoding
chunked
accept-ranges
bytes
content-type
image/png
status_js
myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/scripts/ 		621 KB
211 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/scripts/status_js?v=dJCtpxkpdbh1iDiMlT73BQe4azKEN_stHXnNToO8BkU1
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.115.52 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ac72740ad9aa9f05724272d373faec9e4af1b1c0d12f8441efb3566f9af148e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 15:13:27 GMT
Content-Encoding
gzip
last-modified
Tue, 15 Mar 2022 15:13:27 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent, Accept-Encoding
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
public,max-age=0
Transfer-Encoding
chunked
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
expires
Wed, 15 Mar 2023 15:13:27 GMT
thirdparty.js
myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/scripts/components/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/scripts/components/thirdparty.js
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.115.52 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e8ad4491eb3bfcd4da6ce7d988dbbfb4bc7b6795d66195942ce4a0def4356843
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 15:13:28 GMT
etag
"0cff8a5535d81:0"
last-modified
Fri, 11 Mar 2022 14:33:58 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=0
Transfer-Encoding
chunked
accept-ranges
bytes
content-type
application/javascript
truncated
/ 		564 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8de0dcfdf17147c2a96776126fb9aa9fbaad8370a2c20d9ca681d68369de2901

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
allstatesansw-regular.woff
myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/fonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/fonts/allstatesansw-regular.woff
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/styles/status_css?v=NITdFQg_v7lo3IKDEYyuU4EFoeMUhHdq9PC2Z054neo1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.115.52 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
834461ec6350b62b44a6dea9ce12cad25411e0baf62308213384f7055961ccd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/Content/assets/styles/status_css?v=NITdFQg_v7lo3IKDEYyuU4EFoeMUhHdq9PC2Z054neo1
Origin
https://myaccounts.allstate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 15:13:27 GMT
etag
"0cff8a5535d81:0"
last-modified
Fri, 11 Mar 2022 14:33:58 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=0
Transfer-Encoding
chunked
accept-ranges
bytes
content-type
application/x-font-woff
font
fonts.gstatic.com/l/LdzLGis59rv8iR-5qHnheg/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/LdzLGis59rv8iR-5qHnheg/font?kit=GFD3WAp_g3SaSendXpV4ytwrKPg6YWQbaf1F&skey=d003ad37c76a3ecf&v=v1
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Allstate+Sans:300,300i,400,400i,500,500i,700,700i,800,800i&key=7gw5RZn4zm8X2MRJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2594290a5808f97dce17736afcd77367097a3810e1ae5d18c8069522214c302b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://myaccounts.allstate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 13:21:55 GMT
x-content-type-options
nosniff
age
6693
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17236
x-xss-protection
0
last-modified
Mon, 25 Apr 2016 15:52:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Tue, 15 Mar 2022 13:21:55 GMT
font
fonts.gstatic.com/l/LdzLGis59rv8iR-5qHnheg/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/LdzLGis59rv8iR-5qHnheg/font?kit=GFD3WAp_g3SaSendXpV4ytwrKLA8YWQbaf1F&skey=2f6a59d00f4d383f&v=v1
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Allstate+Sans:300,300i,400,400i,500,500i,700,700i,800,800i&key=7gw5RZn4zm8X2MRJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2cfad197471b194c8d17aa8324a508228cf363f620ef0f34d02b60efca154a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://myaccounts.allstate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 13:21:55 GMT
x-content-type-options
nosniff
age
6693
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19908
x-xss-protection
0
last-modified
Mon, 25 Apr 2016 15:52:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Tue, 15 Mar 2022 13:21:55 GMT
truncated
/ 		724 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4524a037e69e480b843b0ac6ac60e3d0c6f22bb5aa9cf5ac2f4c55342c29093

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
8olPEUIYbJCrHR3pyrKF1g==
dispawsusva.inmoment.com/intercept/v1/init/2658/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dispawsusva.inmoment.com/intercept/v1/init/2658/8olPEUIYbJCrHR3pyrKF1g==?testing=false
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.118.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-118-254.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
ca2357f05bbb26751da0334d6f8412c3a003632b6a61eedbaca72a084e7eebe4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 15:13:29 GMT
content-encoding
gzip
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=21600
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
897
x-request-id
9ed2d415-d15a-42a7-acaa-c635adc56db6
s_codeplus.js
resources.allstate.com/scripts/ 		125 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.allstate.com/scripts/s_codeplus.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d5ff4550c9ef/da22ea71bc01/launch-4a806fda3294.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:791::2af4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer / ASP.NET
Resource Hash
92a18e54dabc55858aa2cf5207bd8160ea5a844e4320aac6f900c39c85549c3b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 15:13:29 GMT
content-encoding
br
last-modified
Mon, 14 Mar 2022 04:14:28 GMT
server
Akamai Resource Optimizer
x-powered-by
ASP.NET
etag
"0fc46395937d81:0"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
application/javascript
cache-control
max-age=2466030
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
37700
expires
Wed, 13 Apr 2022 04:13:59 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1647357209193
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1647357209193
217 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1647357209193
Requested by
Host: myaccounts.allstate.com
URL: https://myaccounts.allstate.com/AllstateCTSThirdPartyCSWeb/b/AnonPage/ThirdParty/ThirdPartyLogin?&cid=EMC-C-E--
Protocol
HTTP/1.1
Server
63.35.20.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-20-93.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
638fd4ebe63d21968e47882b89825a7582d07f3f1618926ec51771f65236077d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v030-061e64b58.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
GzsE8sxcR/A=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://myaccounts.allstate.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
214
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v030-073504118.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://myaccounts.allstate.com
X-TID
cAYYXdyNTaM=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1647357209193
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
id
smetrics.allstate.com/ 		89 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.allstate.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=97021C8B53295DF30A490D4D%40AdobeOrg&mid=46633127156622002180556376246283011953&ts=1647357209420
Requested by
Host: resources.allstate.com
URL: https://resources.allstate.com/scripts/s_codeplus.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
b879773fad0149ac0ecc90b9d243d79488664f3fcc916aedcbb2b49ae37dc5ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Mar 2022 15:13:29 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-7f6b754cd4-4x49k
vary
Origin
x-c
main-1629.I879dac.M0-556
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://myaccounts.allstate.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
89
x-xss-protection
1; mode=block
id
dpm.demdex.net/ 		217 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&d_mid=46633127156622002180556376246283011953&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%013118568CFAD05FEA-600008C171BEFC9C&ts=1647357209513
Requested by
Host: resources.allstate.com
URL: https://resources.allstate.com/scripts/s_codeplus.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.20.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-20-93.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c258576e0b2bedcdc1b2ab587465be663ae04dcbf8bb648ff4349311f122d4b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v030-0d2b4133c.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
EK2TT9fqQns=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://myaccounts.allstate.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
214
Expires
Thu, 01 Jan 1970 00:00:00 UTC
intercept-client-v1.19.0.js
intercept-client.inmoment.com/ 		112 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intercept-client.inmoment.com/intercept-client-v1.19.0.js
Requested by
Host: dispawsusva.inmoment.com
URL: https://dispawsusva.inmoment.com/intercept/v1/init/2658/8olPEUIYbJCrHR3pyrKF1g==?testing=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8e00:1c:3dc0:7500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d13e3eb3f7da66226e99ab9de6591f865a22626118bd7881974f35cddeb9695

Request headers

Referer
Origin
https://myaccounts.allstate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 21:05:22 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 19:53:50 GMT
server
AmazonS3
age
1015688
etag
W/"5ed14db31965839e447ae49b9995bf29"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
rPOQxHyKhPt85ehgNwHAzVsKUmzeddV1Y-TzkLaJG7ssCOb-ZTynFw==
via
1.1 f47fcc9b2aa47ced36c40c318e6f006a.cloudfront.net (CloudFront)
8olPEUIYbJCrHR3pyrKF1g==
dispawsusva.inmoment.com/intercept/v1/customJS/2658/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dispawsusva.inmoment.com/intercept/v1/customJS/2658/8olPEUIYbJCrHR3pyrKF1g==?loadTestCustomJS=false
Requested by
Host: intercept-client.inmoment.com
URL: https://intercept-client.inmoment.com/intercept-client-v1.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.118.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-118-254.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
36dac023b9d971c9b0c4a7d32ed391597ae1e86bb97f8d43abba74594b806e14

Request headers

Referer
Origin
https://myaccounts.allstate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 15:13:30 GMT
content-encoding
gzip
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=21600
x-envoy-upstream-service-time
2
Connection
keep-alive
Content-Length
7390
x-request-id
790229a2-b2c5-4c9f-b413-c50db1d4cd03
s36794905959796
smetrics.allstate.com/b/ss/allstateglobal/1/JS-2.17.0-LBWB/ 		43 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.allstate.com/b/ss/allstateglobal/1/JS-2.17.0-LBWB/s36794905959796?AQB=1&ndh=1&pf=1&t=15%2F2%2F2022%2015%3A13%3A29%202%200&mid=46633127156622002180556376246283011953&aid=3118568CFAD05FEA-600008C171BEFC9C&aamlh=6&ce=UTF-8&ns=allstate&pageName=claims%2Fstatus%2Fthirdparty%2Fthirdpartylogin&g=https%3A%2F%2Fmyaccounts.allstate.com%2FAllstateCTSThirdPartyCSWeb%2Fb%2FAnonPage%2FThirdParty%2FThirdPartyLogin%3F%26cid%3DEMC-C-E--&c.&vidAPICheck=VisitorAPI%20Present&.c&cc=USD&ch=claims%2Fstatus&server=empty&v0=EMC-C-E--&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v3=claims%2Fstatus%2Fthirdparty%2Fthirdpartylogin&v8=MyC%7C&c10=1600%7C1200%7C1920000%7CLandscape&v10=1600%7C1200%7C1920000%7CLandscape&v15=CSS%7C%7C%7C&c28=VisitorID5.2.0%7CAppMeasurement2.17.0%7C20220302%7CPlus&c31=claims%2Fstatus%2Fthirdparty%2Fthirdpartylogin%7Chttps%3A%2F%2Fmyaccounts.allstate.com%2Fallstatectsthirdpartycsweb%2Fb%2Fanonpage%2Fthirdparty%2Fthirdpartylogin%3F%26cid%3Demc-c-e--&c34=D%3DUser-Agent&c36=New&v40=x2azcphb5erk40t3yc0mpsbz&v45=New&v49=D%3DUser-Agent&c50=allstateglobal&v77=Tue%20Mar%2015%202022%2015%3A13%3A30&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=97021C8B53295DF30A490D4D%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 15:13:29 GMT
x-content-type-options
nosniff
x-c
main-1629.I879dac.M0-556
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 16 Mar 2022 15:13:29 GMT
server
jag
xserver
anedge-7f6b754cd4-wjjxl
etag
3537672668997943296-4619762445953340556
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Mon, 14 Mar 2022 15:13:29 GMT
8olPEUIYbJCrHR3pyrKF1g==
dispawsusva.inmoment.com/intercept/v1/2658/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dispawsusva.inmoment.com/intercept/v1/2658/8olPEUIYbJCrHR3pyrKF1g==?testing=false&cacheKey=mpsz6ciPw0APHeto%2BxGBog
Requested by
Host: intercept-client.inmoment.com
URL: https://intercept-client.inmoment.com/intercept-client-v1.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.118.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-118-254.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
b2053fe399e68daca73aeb8bbcd2f416a9147eeeca31cd36eb041906c950c87b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 15:13:30 GMT
content-encoding
gzip
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=3600
x-envoy-upstream-service-time
6
Connection
keep-alive
transfer-encoding
chunked
x-request-id
700af532-2cb1-46fc-b26e-b8e2f244db00
extra.js
dispawsusva.inmoment.com/intercept/v1/2658/8olPEUIYbJCrHR3pyrKF1g==/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dispawsusva.inmoment.com/intercept/v1/2658/8olPEUIYbJCrHR3pyrKF1g==/extra.js?testing=false
Requested by
Host: intercept-client.inmoment.com
URL: https://intercept-client.inmoment.com/intercept-client-v1.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.118.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-118-254.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
845b92011738f2159aeb4654a08b5ceb087f8b4a4f893926d9b0538c45afa18e

Request headers

Referer
Origin
https://myaccounts.allstate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 15:13:30 GMT
content-encoding
gzip
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
2142
x-request-id
44168ea6-aaea-471f-ad03-91207b4fcaff
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b5247e86f2eb964174b65cd978dbd40075480f31c9ddce22cc3befce45d5682

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery function| ClearSession function| getBaseURL function| ISAMLogout function| _toConsumableArray function| _slice object| fnol number| timerCountdown number| timerModalDelay undefined| timeoutModal string| cssUserType string| cssClaimNumber object| lua object| Modernizr object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley object| $fileUpload object| newEventSource object| newEventAction object| ChatAvailability object| TransactionError object| digitalData function| DataLayerFunction string| pathToAssets string| bar_gif string| float_gif string| loading_gif string| tab_1_gif string| bar_gif_retina string| float_gif_retina string| tab_1_gif_retina object| css string| customVars undefined| ClaimNumber undefined| ClaimID undefined| ClaimOffice undefined| ICSPartyID function| GetAccordianSelection function| Track object| OOo string| cssText object| _satellite boolean| __satelliteLoaded function| e object| visitor object| urls object| s function| _scPV string| sc_hitType function| _scLV function| returnLinkDomains function| crossDomainClick function| setIntegrateModuleForDI function| s_doPlugins function| AppMeasurement_Module_Integrate function| AppMeasurement function| s_gi function| s_pgicq function| c_r function| c_rspers function| c_w object| adobe function| Visitor object| s_c_il number| s_c_in number| s_objectID number| s_giq boolean| imiInterceptClientLoaded function| handleLocalStorageOverrides object| IMI string| j object| s_i_allstateglobal object| im_data

12 Cookies

Domain/Path Name / Value
l.service01.email-allstate.com/ Name: ASP.NET_SessionId
Value: nvbc3pl3ay0rs5b3rtoeqfsk
myaccounts.allstate.com/ Name: ASP.NET_SessionId
Value: x2azcphb5erk40t3yc0mpsbz
myaccounts.allstate.com/ Name: __RequestVerificationToken_L0FsbHN0YXRlQ1RTVGhpcmRQYXJ0eUNTV2Vi0
Value: 28JcKkGhj9XYGAJQD2T9JVIuagZsCQclCQe3TsbF6EueUHR-LeQk7qNjKFYTgeVUlikEmz2Z5AvnlJPyS49dqdNAQHM1
.allstate.com/ Name: CP-PROD-PD-S-SESSION-ID
Value: 1_2_0_jKlnU0ZtIjM2AKKakqEubtkZPapyDa7PvdSkYCie1S2NZnpC
myaccounts.allstate.com/ Name: BIGipServerisam-prod-consumer-443-pool
Value: !SWqibBos7SbWymyNoA1kqAVyS9KOa1Ef+xv6qLh5SlopyOiE3XShYBLBXnpHPUzcLtl6/oajHxqHWQ==
.demdex.net/ Name: demdex
Value: 56597690682782688380685751047218121037
.allstate.com/ Name: AMCVS_97021C8B53295DF30A490D4D%40AdobeOrg
Value: 1
.allstate.com/ Name: s_vi
Value: [CS]v1|3118568CFAD05FEA-600008C171BEFC9C[CE]
.allstate.com/ Name: s_ecid
Value: MCMID%7C46633127156622002180556376246283011953
.allstate.com/ Name: AMCV_97021C8B53295DF30A490D4D%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C19067%7CMCMID%7C46633127156622002180556376246283011953%7CMCAAMLH-1647962009%7C6%7CMCAAMB-1647962009%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1647364409s%7CNONE%7CMCAID%7C3118568CFAD05FEA-600008C171BEFC9C%7CvVersion%7C5.2.0
.allstate.com/ Name: s_pers
Value: %20gpv_pn%3Dclaims%252Fstatus%252Fthirdparty%252Fthirdpartylogin%7C1647359009868%3B%20s_getNewRepeat%3D1647357209870-New%7C1649949209870%3B
.allstate.com/ Name: s_sess
Value: %20SC_LINKS%3D%3B%20s_cc%3Dtrue%3B

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdnjs.cloudflare.com
dispawsusva.inmoment.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
intercept-client.inmoment.com
l.service01.email-allstate.com
myaccounts.allstate.com
resources.allstate.com
smetrics.allstate.com
15.236.176.210
167.127.115.52
2600:9000:2315:8e00:1c:3dc0:7500:93a1
2606:4700::6810:135e
2a00:1450:4001:800::200a
2a00:1450:4001:810::2003
2a02:26f0:3100:791::2af4
2a02:26f0:e300:183::1e80
52.42.118.254
63.148.46.72
63.35.20.93
2594290a5808f97dce17736afcd77367097a3810e1ae5d18c8069522214c302b
36dac023b9d971c9b0c4a7d32ed391597ae1e86bb97f8d43abba74594b806e14
5939875d7db8dd9d2cb7cc9f0cf55fd36b406199050dc451e418c2f85dd7bf64
5b5247e86f2eb964174b65cd978dbd40075480f31c9ddce22cc3befce45d5682
638fd4ebe63d21968e47882b89825a7582d07f3f1618926ec51771f65236077d
79400d3c07e202563065c79b4bd8aaa7fcd9ad25e53e366a83449170bb594208
7d13e3eb3f7da66226e99ab9de6591f865a22626118bd7881974f35cddeb9695
834461ec6350b62b44a6dea9ce12cad25411e0baf62308213384f7055961ccd8
845b92011738f2159aeb4654a08b5ceb087f8b4a4f893926d9b0538c45afa18e
8de0dcfdf17147c2a96776126fb9aa9fbaad8370a2c20d9ca681d68369de2901
8eae79397703d7d7c54c403f7d88255300acf9c326a7e5dd765929f3ed1ecc73
92a18e54dabc55858aa2cf5207bd8160ea5a844e4320aac6f900c39c85549c3b
98f2a235d530a15fcc1fc20d5b98a8115766cbf00313d24965c02eaf83a32606
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ac72740ad9aa9f05724272d373faec9e4af1b1c0d12f8441efb3566f9af148e2
b2053fe399e68daca73aeb8bbcd2f416a9147eeeca31cd36eb041906c950c87b
b879773fad0149ac0ecc90b9d243d79488664f3fcc916aedcbb2b49ae37dc5ae
bede84e4a4e1f955e70bc51738f0da5f89788032c41bd83bd1d8aa6e91f1ae77
c258576e0b2bedcdc1b2ab587465be663ae04dcbf8bb648ff4349311f122d4b9
c2cfad197471b194c8d17aa8324a508228cf363f620ef0f34d02b60efca154a0
ca2357f05bbb26751da0334d6f8412c3a003632b6a61eedbaca72a084e7eebe4
d4524a037e69e480b843b0ac6ac60e3d0c6f22bb5aa9cf5ac2f4c55342c29093
e8ad4491eb3bfcd4da6ce7d988dbbfb4bc7b6795d66195942ce4a0def4356843
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e