Submitted URL: http://apllstateinvestments.com/
Effective URL: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Submission: On March 30 via api from US — Scanned from US

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 24 HTTP transactions. The main IP is 167.127.209.209, located in United States and belongs to ALLSTATE-INSURANCE-CO, US. The main domain is www.allstateinvestments.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on October 7th 2021. Valid for: a year.
This is the only time www.allstateinvestments.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.217.251.129 16509 (AMAZON-02)
17 167.127.209.209 11520 (ALLSTATE-...)
1 2600:1400:d:5... 20940 (AKAMAI-ASN1)
1 3 54.200.101.68 16509 (AMAZON-02)
2 35.155.236.76 16509 (AMAZON-02)
2 52.10.149.115 16509 (AMAZON-02)
24 5
Apex Domain
Subdomains
Transfer
17 allstateinvestments.com
www.allstateinvestments.com
1 MB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
allstate.demdex.net
10 KB
3 allstate.com
www.allstate.com — Cisco Umbrella Rank: 104359
smetrics.allstate.com — Cisco Umbrella Rank: 83500
44 KB
1 apllstateinvestments.com
apllstateinvestments.com
237 B
24 4
Domain Requested by
17 www.allstateinvestments.com www.allstateinvestments.com
3 dpm.demdex.net 1 redirects www.allstate.com
2 smetrics.allstate.com www.allstate.com
2 allstate.demdex.net www.allstate.com
1 www.allstate.com www.allstateinvestments.com
1 apllstateinvestments.com 1 redirects
24 6

This site contains links to these domains. Also see Links.

Domain
allstate.com
www.allstate.com
Subject Issuer Validity Valid
*.allstateinvestments.com
Entrust Certification Authority - L1K
2021-10-07 -
2022-11-06
a year crt.sh
www.allstate.com
Entrust Certification Authority - L1M
2022-01-11 -
2022-05-31
5 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-19 -
2022-11-19
a year crt.sh
smetrics.allstate.com
Entrust Certification Authority - L1K
2021-10-01 -
2022-10-31
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Frame ID: 223044FB96611637759429F95F82EEFE
Requests: 22 HTTP requests in this frame

Frame: https://allstate.demdex.net/dest5.html?d_nsid=0
Frame ID: F5ACA1C3E90278A1498DAB413A97E790
Requests: 1 HTTP requests in this frame

Frame: https://allstate.demdex.net/dest5.html?d_nsid=1
Frame ID: 343A6136602F08125CE1EB746856A94C
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Allstate Investments

Page URL History Show full URLs

  1. http://apllstateinvestments.com/ HTTP 301
    https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments Page URL

Page Statistics

24
Requests

96 %
HTTPS

17 %
IPv6

4
Domains

6
Subdomains

5
IPs

1
Countries

1501 kB
Transfer

2232 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://apllstateinvestments.com/ HTTP 301
    https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://dpm.demdex.net/id?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1648641938485 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1648641938485

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.allstateinvestments.com/
Redirect Chain
  • http://apllstateinvestments.com/
  • https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
13 KB
4 KB
Document
General
Full URL
https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
a2f4f8bc862d8b85f5dd97a2dd0c982678f380566276605caf4b82a19dcd4b1e

Request headers

Accept-Language
en-US,en;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
4060
Content-Type
text/html
Date
Wed, 30 Mar 2022 12:05:38 GMT
ETag
"08767191a1dd81:0"
Last-Modified
Tue, 08 Feb 2022 18:31:34 GMT
Server
Vary
Accept-Encoding
X-Powered-By
ASP.NET

Redirect headers

Connection
close
Content-Length
113
Content-Type
text/html; charset=utf-8
Date
Wed, 30 Mar 2022 12:05:38 GMT
Location
https://www.allstateinvestments.com?CID=OTC-DNSR-GR-120523&att=investments
main.css
www.allstateinvestments.com/styles/
156 KB
20 KB
Stylesheet
General
Full URL
https://www.allstateinvestments.com/styles/main.css
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
a44a8e9df3924a10636a38be169c202988ac1612fd75f7d74d4eec697708f32f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:05:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Feb 2022 18:31:34 GMT
Server
X-Powered-By
ASP.NET
ETag
"08767191a1dd81:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
20073
bundle.js
www.allstateinvestments.com/scripts/
628 KB
157 KB
Script
General
Full URL
https://www.allstateinvestments.com/scripts/bundle.js
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
ab99bec18513637e426cdecc950c6fff28e9fb1904457116859d4960daa47582

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:05:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Feb 2022 18:31:34 GMT
Server
X-Powered-By
ASP.NET
ETag
"08767191a1dd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
160462
tipuesearch_set.js
www.allstateinvestments.com/scripts/tipuesearch/
3 KB
1 KB
Script
General
Full URL
https://www.allstateinvestments.com/scripts/tipuesearch/tipuesearch_set.js
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
30269619f42eef2b2dea0f8497519602049902560a8360cfdc185d30658b2019

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:05:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Feb 2022 18:31:34 GMT
Server
X-Powered-By
ASP.NET
ETag
"08767191a1dd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1006
tipuesearch.js
www.allstateinvestments.com/scripts/tipuesearch/
33 KB
4 KB
Script
General
Full URL
https://www.allstateinvestments.com/scripts/tipuesearch/tipuesearch.js
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e3133a2131c8f501303245b1952faa937510880659c4a274d7ce91a60264ec43

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:05:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Feb 2022 18:31:34 GMT
Server
X-Powered-By
ASP.NET
ETag
"08767191a1dd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
4037
s_code.js
www.allstate.com/resources/scripts/
127 KB
44 KB
Script
General
Full URL
https://www.allstate.com/resources/scripts/s_code.js
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:5aa::2af4 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Allstate Insurance Co. / Electricity - Powering Stuff Since 1879
Resource Hash
f223d45e5b14d24f485821461e85b0ef7fcf088ae52a7f6a9d44369cbe1c33ee
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options *.encompassinsurance.com; *.encompassinsured.com
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.allstateinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:05:38 GMT
content-encoding
br
x-content-type-options
nosniff
x-powered-by
Electricity - Powering Stuff Since 1879
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
last-modified
Fri, 23 Mar 2018 17:56:08 GMT
server
Allstate Insurance Co.
x-frame-options
*.encompassinsurance.com; *.encompassinsured.com
vary
Accept-Encoding
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
application/javascript
cache-control
public, max-age=2592000
access-control-allow-credentials
true
edge_scape
expires
Fri, 29 Apr 2022 12:05:38 GMT
allstate-investments-logo.png
www.allstateinvestments.com/images/
251 KB
251 KB
Image
General
Full URL
https://www.allstateinvestments.com/images/allstate-investments-logo.png
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
6985e9588985356bdd85672cdd741394e7bb37c31127258bf68a5372830317b4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:05:38 GMT
Last-Modified
Tue, 08 Feb 2022 18:31:34 GMT
Server
X-Powered-By
ASP.NET
ETag
"08767191a1dd81:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
256711
home.jpg
www.allstateinvestments.com/images/hero/
322 KB
322 KB
Image
General
Full URL
https://www.allstateinvestments.com/images/hero/home.jpg
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
c8f1c7d53bd262aba5de385563efa48db78f3a5eeef29f32b753a475f3f394b7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:05:38 GMT
Last-Modified
Tue, 08 Feb 2022 18:31:34 GMT
Server
X-Powered-By
ASP.NET
ETag
"08767191a1dd81:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
329477
home2.jpg
www.allstateinvestments.com/images/hero/
463 KB
463 KB
Image
General
Full URL
https://www.allstateinvestments.com/images/hero/home2.jpg
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
fb3c815d3cd1552b52cf3c84ed4c99fc99c911d4a77085672c7bad2e07d2bedb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:05:38 GMT
Last-Modified
Tue, 08 Feb 2022 18:31:34 GMT
Server
X-Powered-By
ASP.NET
ETag
"08767191a1dd81:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
473786
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1648641938485
  • https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1648641938485
217 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1648641938485
Protocol
HTTP/1.1
Server
54.200.101.68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-101-68.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
236ed64abfedcf07b38892783e9f90b3c56093ddb454b7fb1b36c72b3b0deab6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.allstateinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v027-03097fde2.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
19Emqsr4T2o=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.allstateinvestments.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
211
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-2-v027-0838e8666.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://www.allstateinvestments.com
X-TID
/h7kMCCdRmA=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&ts=1648641938485
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
allstatesansw-light.woff
www.allstateinvestments.com/fonts/
38 KB
39 KB
Font
General
Full URL
https://www.allstateinvestments.com/fonts/allstatesansw-light.woff
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/styles/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
9d0eb6f6a9838956f3069aa12026651f036a7e13a8d7172e59ddf7866f3145bb

Request headers

Referer
https://www.allstateinvestments.com/styles/main.css
Origin
https://www.allstateinvestments.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:05:38 GMT
Last-Modified
Tue, 08 Feb 2022 18:31:34 GMT
Server
X-Powered-By
ASP.NET
ETag
"08767191a1dd81:0"
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
39384
white-nav-bg.png
www.allstateinvestments.com/images/
1 KB
1 KB
Image
General
Full URL
https://www.allstateinvestments.com/images/white-nav-bg.png
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/styles/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
84f787aa13b7e11860d581aded506cc48c320f2a29bc405283813de5728a7b52

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.allstateinvestments.com/styles/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:05:38 GMT
Last-Modified
Tue, 08 Feb 2022 18:31:34 GMT
Server
X-Powered-By
ASP.NET
ETag
"08767191a1dd81:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1279
white-nav-notch-bg.png
www.allstateinvestments.com/images/
2 KB
2 KB
Image
General
Full URL
https://www.allstateinvestments.com/images/white-nav-notch-bg.png
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/styles/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
0a4b26e6abb2c8b9744b2ad468c4dcf64e7c941a4fc2bb2c255b124467c24c35

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.allstateinvestments.com/styles/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:05:38 GMT
Last-Modified
Tue, 08 Feb 2022 18:31:34 GMT
Server
X-Powered-By
ASP.NET
ETag
"08767191a1dd81:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2175
allstatesansw-medium.woff
www.allstateinvestments.com/fonts/
38 KB
38 KB
Font
General
Full URL
https://www.allstateinvestments.com/fonts/allstatesansw-medium.woff
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/styles/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
d9d7879499422cc450ecac8eec3e7b02c8c7ae0474937c40b8c1ef221e7f6bdb

Request headers

Referer
https://www.allstateinvestments.com/styles/main.css
Origin
https://www.allstateinvestments.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:05:38 GMT
Last-Modified
Tue, 08 Feb 2022 18:31:34 GMT
Server
X-Powered-By
ASP.NET
ETag
"08767191a1dd81:0"
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
38712
icons.woff
www.allstateinvestments.com/fonts/
3 KB
3 KB
Font
General
Full URL
https://www.allstateinvestments.com/fonts/icons.woff?84881092
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/styles/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
0a0d4a8b8a5e34f10e235bb8a6a383c46e75a1f4bd486ca11eb0a801ca11269f

Request headers

Referer
https://www.allstateinvestments.com/styles/main.css
Origin
https://www.allstateinvestments.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:05:38 GMT
Last-Modified
Tue, 08 Feb 2022 18:31:34 GMT
Server
X-Powered-By
ASP.NET
ETag
"08767191a1dd81:0"
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
2636
allstatesansw-regular.woff
www.allstateinvestments.com/fonts/
38 KB
38 KB
Font
General
Full URL
https://www.allstateinvestments.com/fonts/allstatesansw-regular.woff
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/styles/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
834461ec6350b62b44a6dea9ce12cad25411e0baf62308213384f7055961ccd8

Request headers

Referer
https://www.allstateinvestments.com/styles/main.css
Origin
https://www.allstateinvestments.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:05:38 GMT
Last-Modified
Tue, 08 Feb 2022 18:31:34 GMT
Server
X-Powered-By
ASP.NET
ETag
"08767191a1dd81:0"
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
38464
allstatesansw-bold.woff
www.allstateinvestments.com/fonts/
45 KB
45 KB
Font
General
Full URL
https://www.allstateinvestments.com/fonts/allstatesansw-bold.woff
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/styles/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
8ec28d145fd22007860bcc424814e90b519ae03e1e7d73d550782a9528b1b0ef

Request headers

Referer
https://www.allstateinvestments.com/styles/main.css
Origin
https://www.allstateinvestments.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:05:38 GMT
Last-Modified
Tue, 08 Feb 2022 18:31:34 GMT
Server
X-Powered-By
ASP.NET
ETag
"08767191a1dd81:0"
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
45716
allstatesansw-regularitalic.woff
www.allstateinvestments.com/fonts/
42 KB
42 KB
Font
General
Full URL
https://www.allstateinvestments.com/fonts/allstatesansw-regularitalic.woff
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/styles/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
15eaaddc26214a480500a6488a7e171492f5a516c9b29893c85ff5f36951530d

Request headers

Referer
https://www.allstateinvestments.com/styles/main.css
Origin
https://www.allstateinvestments.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:05:38 GMT
Last-Modified
Tue, 08 Feb 2022 18:31:34 GMT
Server
X-Powered-By
ASP.NET
ETag
"08767191a1dd81:0"
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
43036
bios.json
www.allstateinvestments.com/scripts/data/
17 KB
17 KB
XHR
General
Full URL
https://www.allstateinvestments.com/scripts/data/bios.json
Requested by
Host: www.allstateinvestments.com
URL: https://www.allstateinvestments.com/scripts/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.127.209.209 , United States, ASN11520 (ALLSTATE-INSURANCE-CO, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
61e335a149d37b24b303ad38768b28764e7b08e89387596ebb261b551ef9ad3a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.allstateinvestments.com/?CID=OTC-DNSR-GR-120523&att=investments
X-Requested-With
XMLHttpRequest
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:05:38 GMT
Last-Modified
Tue, 08 Feb 2022 18:31:34 GMT
Server
X-Powered-By
ASP.NET
ETag
"08767191a1dd81:0"
Content-Type
application/json
Accept-Ranges
bytes
Content-Length
16929
dest5.html
allstate.demdex.net/ Frame F5AC
7 KB
3 KB
Document
General
Full URL
https://allstate.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.allstate.com
URL: https://www.allstate.com/resources/scripts/s_code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.236.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-236-76.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.allstateinvestments.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-1-v027-0e0311090.edge-usw2.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
dP7CJzmJRm8=
content-encoding
gzip
date
Wed, 30 Mar 2022 12:05:39 GMT
last-modified
Tue, 15 Mar 2022 12:08:48 GMT
transfer-encoding
chunked
vary
accept-encoding
id
smetrics.allstate.com/
89 B
665 B
XHR
General
Full URL
https://smetrics.allstate.com/id?d_visid_ver=2.0.0&d_fieldgroup=A&mcorgid=97021C8B53295DF30A490D4D%40AdobeOrg&mid=21252599798662138922600538521322152529&ts=1648641939011
Requested by
Host: www.allstate.com
URL: https://www.allstate.com/resources/scripts/s_code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.10.149.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-149-115.us-west-2.compute.amazonaws.com
Software
jag /
Resource Hash
db1c8af5dcaa67d19d90ca17fe08db61d27aa5576635126114a51e6cc2a99d2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.allstateinvestments.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 30 Mar 2022 12:05:39 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-6cb5cc5c9d-4g8ws
vary
Origin
x-c
main-1629.I879dac.M0-556
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.allstateinvestments.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
89
x-xss-protection
1; mode=block
id
dpm.demdex.net/
217 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=2.0.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=97021C8B53295DF30A490D4D%40AdobeOrg&d_nsid=0&d_mid=21252599798662138922600538521322152529&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%01312223C9C66EF091-600019AA620DFFA3&ts=1648641939353
Requested by
Host: www.allstate.com
URL: https://www.allstate.com/resources/scripts/s_code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.200.101.68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-101-68.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
3e7504543c9979c32f2cd01803f25bdd3c9dd063383932c951dbbf0252e18d81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.allstateinvestments.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-1-v027-0e343dac1.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
3BgdH88nRF4=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.allstateinvestments.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
211
Expires
Thu, 01 Jan 1970 00:00:00 UTC
dest5.html
allstate.demdex.net/ Frame 343A
7 KB
3 KB
Document
General
Full URL
https://allstate.demdex.net/dest5.html?d_nsid=1
Requested by
Host: www.allstate.com
URL: https://www.allstate.com/resources/scripts/s_code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.236.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-236-76.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.allstateinvestments.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-1-v027-09dd94756.edge-usw2.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
lE5oHT7uSv4=
content-encoding
gzip
date
Wed, 30 Mar 2022 12:05:39 GMT
last-modified
Tue, 15 Mar 2022 12:08:47 GMT
transfer-encoding
chunked
vary
accept-encoding
s22086038541616
smetrics.allstate.com/b/ss/allstateglobal,allstateinvestments/10/JS-2.0.0/
111 B
272 B
Script
General
Full URL
https://smetrics.allstate.com/b/ss/allstateglobal,allstateinvestments/10/JS-2.0.0/s22086038541616?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=30%2F2%2F2022%2012%3A5%3A39%203%200&d.&nsid=1&jsonv=1&.d&mid=21252599798662138922600538521322152529&aid=312223C9C66EF091-600019AA620DFFA3&aamlh=9&ce=UTF-8&ns=allstate&pageName=%2FInvestments%2FHome&g=https%3A%2F%2Fwww.allstateinvestments.com%2F%3FCID%3DOTC-DNSR-GR-120523%26att%3Dinvestments&c.&vidAPICheck=VisitorAPI%20Present&.c&cc=USD&ch=%2FInvestments%2F&server=www.allstateinvestments.com&v0=OTC-DNSR-GR-120523%3Ainvestments&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v3=%2FInvestments%2FHome&c10=1600%7C1200%7C1920000%7CLandscape&v10=1600%7C1200%7C1920000%7CLandscape&c28=MCID2.0%7CAppMeasurement2.0%7C20170801&c31=%2FInvestments%2FHome%7Chttps%3A%2F%2Fwww.allstateinvestments.com%2F%3Fcid%3Dotc-dnsr-gr-120523%26att%3Dinvestments&c34=D%3DUser-Agent&c36=New&v45=New&v49=D%3DUser-Agent&c50=allstateglobal%2Callstateinvestments&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: www.allstate.com
URL: https://www.allstate.com/resources/scripts/s_code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.10.149.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-149-115.us-west-2.compute.amazonaws.com
Software
jag /
Resource Hash
9050968303ca8491bd1eee684246c1cb5acff5911049a14c527f7336cb83acd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.allstateinvestments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:05:39 GMT
x-content-type-options
nosniff
x-c
main-1629.I879dac.M0-556
p3p
CP="This is not a P3P policy"
vary
*
content-length
111
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 31 Mar 2022 12:05:39 GMT
server
jag
xserver
anedge-6cb5cc5c9d-78zkb
etag
3540431606555410432-4619390803243786455
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 29 Mar 2022 12:05:39 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| jQuery object| tipuesearch_pages object| tipuesearch_stop_words object| tipuesearch_replace object| tipuesearch_weight object| tipuesearch_stem string| tipuesearch_string_1 string| tipuesearch_string_2 string| tipuesearch_string_3 string| tipuesearch_string_4 string| tipuesearch_string_5 string| tipuesearch_string_6 string| tipuesearch_string_7 string| tipuesearch_string_8 string| tipuesearch_string_9 string| tipuesearch_string_10 string| tipuesearch_string_11 string| tipuesearch_string_12 string| tipuesearch_string_13 string| s_account function| Visitor object| visitor object| s function| _scPV string| sc_hitType function| _scLV function| returnLinkDomains function| crossDomainClick function| s_doPlugins function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| c_r function| c_rspers function| c_w object| s_c_il number| s_c_in function| DIL number| s_objectID number| s_giq undefined| s_code function| cycleHeroImage string| j object| s_i_allstateglobal_allstateinvestments

5 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 13878338097871749683038271478660574317
.allstateinvestments.com/ Name: AMCVS_97021C8B53295DF30A490D4D%40AdobeOrg
Value: 1
.allstateinvestments.com/ Name: AMCV_97021C8B53295DF30A490D4D%40AdobeOrg
Value: 2096510701%7CMCIDTS%7C19082%7CMCMID%7C21252599798662138922600538521322152529%7CMCAAMLH-1649246739%7C9%7CMCAAMB-1649246739%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1648649139s%7CNONE%7CMCAID%7C312223C9C66EF091-600019AA620DFFA3%7CvVersion%7C2.0.0
.allstateinvestments.com/ Name: s_pers
Value: %20gpv_pn%3D%252FInvestments%252FHome%7C1648643739774%3B%20s_getNewRepeat%3D1648641939793-New%7C1651233939793%3B
.allstateinvestments.com/ Name: s_sess
Value: %20SC_LINKS%3D%3B%20s_cc%3Dtrue%3B

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

allstate.demdex.net
apllstateinvestments.com
dpm.demdex.net
smetrics.allstate.com
www.allstate.com
www.allstateinvestments.com
167.127.209.209
18.217.251.129
2600:1400:d:5aa::2af4
35.155.236.76
52.10.149.115
54.200.101.68
0a0d4a8b8a5e34f10e235bb8a6a383c46e75a1f4bd486ca11eb0a801ca11269f
0a4b26e6abb2c8b9744b2ad468c4dcf64e7c941a4fc2bb2c255b124467c24c35
15eaaddc26214a480500a6488a7e171492f5a516c9b29893c85ff5f36951530d
236ed64abfedcf07b38892783e9f90b3c56093ddb454b7fb1b36c72b3b0deab6
30269619f42eef2b2dea0f8497519602049902560a8360cfdc185d30658b2019
3e7504543c9979c32f2cd01803f25bdd3c9dd063383932c951dbbf0252e18d81
61e335a149d37b24b303ad38768b28764e7b08e89387596ebb261b551ef9ad3a
6985e9588985356bdd85672cdd741394e7bb37c31127258bf68a5372830317b4
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
834461ec6350b62b44a6dea9ce12cad25411e0baf62308213384f7055961ccd8
84f787aa13b7e11860d581aded506cc48c320f2a29bc405283813de5728a7b52
8ec28d145fd22007860bcc424814e90b519ae03e1e7d73d550782a9528b1b0ef
9050968303ca8491bd1eee684246c1cb5acff5911049a14c527f7336cb83acd2
9d0eb6f6a9838956f3069aa12026651f036a7e13a8d7172e59ddf7866f3145bb
a2f4f8bc862d8b85f5dd97a2dd0c982678f380566276605caf4b82a19dcd4b1e
a44a8e9df3924a10636a38be169c202988ac1612fd75f7d74d4eec697708f32f
ab99bec18513637e426cdecc950c6fff28e9fb1904457116859d4960daa47582
c8f1c7d53bd262aba5de385563efa48db78f3a5eeef29f32b753a475f3f394b7
d9d7879499422cc450ecac8eec3e7b02c8c7ae0474937c40b8c1ef221e7f6bdb
db1c8af5dcaa67d19d90ca17fe08db61d27aa5576635126114a51e6cc2a99d2b
e3133a2131c8f501303245b1952faa937510880659c4a274d7ce91a60264ec43
f223d45e5b14d24f485821461e85b0ef7fcf088ae52a7f6a9d44369cbe1c33ee
fb3c815d3cd1552b52cf3c84ed4c99fc99c911d4a77085672c7bad2e07d2bedb