urlscan.io logo urlscan.io
SecurityTrails logo

www.consumeraffairs.com Open in urlscan Pro
44.229.88.248  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mailing.birdeye.com/ls/click?upn=u001.aakefH-2Bl0f3i6bWqZ94RwNAy-2BHDEpzrvQQ4BlsY8OgjqdL4RJiqUo-2Bbs-2BlT5Q2p-2Bj6jX...
Effective URL: https://www.consumeraffairs.com/brands/22134/submit_review/
Submission: On April 09 via manual from IN — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 43 HTTP transactions. The main IP is 44.229.88.248, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.consumeraffairs.com. The Cisco Umbrella rank of the primary domain is 470968.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 26th 2024. Valid for: a year.
This is the only time www.consumeraffairs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 50.18.123.174 16509 (AMAZON-02)
2 3.101.5.48 16509 (AMAZON-02)
1 1 18.65.243.60 16509 (AMAZON-02)
1 138.199.24.219 60068 (CDN77 _)
2 104.18.11.207 13335 (CLOUDFLAR...)
1 142.250.70.228 15169 (GOOGLE)
1 108.158.16.148 16509 (AMAZON-02)
6 18.65.243.159 16509 (AMAZON-02)
1 142.250.70.238 15169 (GOOGLE)
4 157.240.8.23 32934 (FACEBOOK)
4 34.96.102.137 396982 (GOOGLE-CL...)
5 142.250.70.170 15169 (GOOGLE)
1 44.229.88.248 16509 (AMAZON-02)
5 142.250.70.131 15169 (GOOGLE)
9 192.229.144.177 15133 (EDGECAST)
1 157.240.8.35 32934 (FACEBOOK)
43 14
1    50.18.123.174 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-18-123-174.us-west-1.compute.amazonaws.com
mailing.birdeye.com
2    3.101.5.48 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-101-5-48.us-west-1.compute.amazonaws.com
birdeye.com
1    18.65.243.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-243-60.syd3.r.cloudfront.net
d1azc1qln24ryf.cloudfront.net
1    138.199.24.219 (Singapore, Singapore)

ASN60068 (CDN77 _, GB)
PTR: 138-199-24-219.bunnyinfra.net
cdn.icomoon.io
2    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    142.250.70.228 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: mel05s02-in-f4.1e100.net
www.google.com
1    108.158.16.148 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-16-148.syd62.r.cloudfront.net
d1py4eyp5hehj0.cloudfront.net
6    18.65.243.159 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-243-159.syd3.r.cloudfront.net
d3cnqzq0ivprch.cloudfront.net
1    142.250.70.238 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: mel05s02-in-f14.1e100.net
apis.google.com
4    157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net
connect.facebook.net
4    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
5    142.250.70.170 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: mel04s02-in-f10.1e100.net
fonts.googleapis.com
ajax.googleapis.com
1    44.229.88.248 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-88-248.us-west-2.compute.amazonaws.com
www.consumeraffairs.com
5    142.250.70.131 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: mel04s01-in-f3.1e100.net
fonts.gstatic.com
9    192.229.144.177 (United States)

ASN15133 (EDGECAST, US)
media.consumeraffairs.com
1    157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
10 consumeraffairs.com
www.consumeraffairs.com — Cisco Umbrella Rank: 470968
media.consumeraffairs.com — Cisco Umbrella Rank: 320604
214 KB
8 cloudfront.net
d1azc1qln24ryf.cloudfront.net
d1py4eyp5hehj0.cloudfront.net
d3cnqzq0ivprch.cloudfront.net
29 KB
5 gstatic.com
fonts.gstatic.com
76 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 116
ajax.googleapis.com — Cisco Umbrella Rank: 746
87 KB
4 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4326
57 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 248
163 KB
3 birdeye.com
mailing.birdeye.com — Cisco Umbrella Rank: 816529
birdeye.com — Cisco Umbrella Rank: 66145
59 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 5
apis.google.com — Cisco Umbrella Rank: 279
45 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1847
72 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
273 B
1 icomoon.io
cdn.icomoon.io — Cisco Umbrella Rank: 19777
4 KB
43 11
Domain Requested by
9 media.consumeraffairs.com www.consumeraffairs.com
media.consumeraffairs.com
6 d3cnqzq0ivprch.cloudfront.net birdeye.com
5 fonts.gstatic.com fonts.googleapis.com
4 dev.visualwebsiteoptimizer.com birdeye.com
dev.visualwebsiteoptimizer.com
4 connect.facebook.net birdeye.com
connect.facebook.net
www.consumeraffairs.com
3 fonts.googleapis.com client
2 ajax.googleapis.com www.consumeraffairs.com
2 maxcdn.bootstrapcdn.com birdeye.com
maxcdn.bootstrapcdn.com
2 birdeye.com birdeye.com
1 www.facebook.com www.consumeraffairs.com
1 www.consumeraffairs.com birdeye.com
1 apis.google.com birdeye.com
1 d1py4eyp5hehj0.cloudfront.net birdeye.com
1 www.google.com birdeye.com
1 cdn.icomoon.io birdeye.com
1 d1azc1qln24ryf.cloudfront.net 1 redirects
1 mailing.birdeye.com 1 redirects
43 17

This site contains no links.

Subject Issuer Validity Valid
*.birdeye.com
Go Daddy Secure Certificate Authority - G2		 2023-09-17 -
2024-10-18		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-17 -
2024-04-16		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2023-07-06 -
2024-07-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.consumeraffairs.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-26 -
2025-04-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
media.consumeraffairs.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-24 -
2024-06-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.consumeraffairs.com/brands/22134/submit_review/
Frame ID: 0874B0A6F4D008DBDA6957D0A46014DD
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Consumer Review Form

Page URL History Show full URLs

  1. https://mailing.birdeye.com/ls/click?upn=u001.aakefH-2Bl0f3i6bWqZ94RwNAy-2BHDEpzrvQQ4BlsY8OgjqdL4RJiqUo-... HTTP 302
    https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505... Page URL
  2. https://www.consumeraffairs.com/brands/22134/submit_review/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)
Overall confidence: 100%
Detected patterns
  • birdeye\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

43
Requests

98 %
HTTPS

0 %
IPv6

11
Domains

17
Subdomains

14
IPs

4
Countries

806 kB
Transfer

2347 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mailing.birdeye.com/ls/click?upn=u001.aakefH-2Bl0f3i6bWqZ94RwNAy-2BHDEpzrvQQ4BlsY8OgjqdL4RJiqUo-2Bbs-2BlT5Q2p-2Bj6jXQSlXpgq4P6qVaBWwPuX-2FX4mBi94gQ0FIJQmtuiOr-2BmQ38X4IJzIHvqTm2TawEGiSBqkbUVjbAGIt2S-2BBiWthuFD2o61Ird93kndW6Sd4l91ldMEnElXXHDI0t8MrO3MaXOhQbthCknyqkEqR-2BE6hCHCrfCIUTlrwmlcJM7J01LikrfYICi7zfrtN5xaFvkfPChX2c2epPKHyzhFA20pe8byiuJH7Bj1MxY0TYKqJhZO2qTRZ87itLQCYMqt8nG4q0AuF-2FhXjXyyvEiM6ATs7-2BPakqHh4tGotufaFPoXG9JVamAzPc-2FKTqi5vv5DsZlMP0OFfGz1137AKOvDUjw-3D-3DbZS0_PMCC1mmTJm-2BJGPtnIZvd-2Fd8IOET7feqW-2FzY3oBugGh7PI-2Bkj4m6rxHjgUIFZJkDDtiQeKtWnEnGfTRwCkREv1nmL0CgXxqvNiUVFIWv-2Fru9GZi0EmmhquQUsNNsN2oEjpY-2F9fCQ5Lu3RKEz4p0-2FUdU-2Bp8OqLbYM5cGGNHcay-2BAC-2By5Ca72uM-2FmF-2Fa12n4BjPgpnigpy5x0OSk7kz4PL1kd-2BHyMmc2P0MyYfkef7shYMQBgiCoKuHry3Gk4j1-2F47-2F63A56FVSiozMEVu7K1SplYE8FAuKPU1ZIU-2B8iEWYbyVyLNMhFTlZx7zyNAwJGR4QRkeKhI0ehEcpIC8SB1PgU1m4o8P-2B5SbFXVAAknyPpcWFvBuUnB06YM-2FHVdJDoybampnVHv6d8wX941AVzODUSJ81VZMF-2BYKtFfDWbx84pFgoN7I5zUsdUKkXFozUShlYzh5GXk8GnYfeTXupnLEekJwtMRThQmnOC-2Bv6C7zuckbWl8uOX-2Ff6-2FF-2B71thn-2FCxOZ7QwQhn3-2F90Bgt0LBq6eZ8bM2ttK9XhF076BpMjI1z8hzeHQ54alBhalBag5R1E4PC7U6xo8ZzKQE3XFsY1EB2JT7QzaBcDjaTmM7-2F1nfGgdIwHm41ZWC33UKEXBtjur HTTP 302
    https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1 Page URL
  2. https://www.consumeraffairs.com/brands/22134/submit_review/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://mailing.birdeye.com/ls/click?upn=u001.aakefH-2Bl0f3i6bWqZ94RwNAy-2BHDEpzrvQQ4BlsY8OgjqdL4RJiqUo-2Bbs-2BlT5Q2p-2Bj6jXQSlXpgq4P6qVaBWwPuX-2FX4mBi94gQ0FIJQmtuiOr-2BmQ38X4IJzIHvqTm2TawEGiSBqkbUVjbAGIt2S-2BBiWthuFD2o61Ird93kndW6Sd4l91ldMEnElXXHDI0t8MrO3MaXOhQbthCknyqkEqR-2BE6hCHCrfCIUTlrwmlcJM7J01LikrfYICi7zfrtN5xaFvkfPChX2c2epPKHyzhFA20pe8byiuJH7Bj1MxY0TYKqJhZO2qTRZ87itLQCYMqt8nG4q0AuF-2FhXjXyyvEiM6ATs7-2BPakqHh4tGotufaFPoXG9JVamAzPc-2FKTqi5vv5DsZlMP0OFfGz1137AKOvDUjw-3D-3DbZS0_PMCC1mmTJm-2BJGPtnIZvd-2Fd8IOET7feqW-2FzY3oBugGh7PI-2Bkj4m6rxHjgUIFZJkDDtiQeKtWnEnGfTRwCkREv1nmL0CgXxqvNiUVFIWv-2Fru9GZi0EmmhquQUsNNsN2oEjpY-2F9fCQ5Lu3RKEz4p0-2FUdU-2Bp8OqLbYM5cGGNHcay-2BAC-2By5Ca72uM-2FmF-2Fa12n4BjPgpnigpy5x0OSk7kz4PL1kd-2BHyMmc2P0MyYfkef7shYMQBgiCoKuHry3Gk4j1-2F47-2F63A56FVSiozMEVu7K1SplYE8FAuKPU1ZIU-2B8iEWYbyVyLNMhFTlZx7zyNAwJGR4QRkeKhI0ehEcpIC8SB1PgU1m4o8P-2B5SbFXVAAknyPpcWFvBuUnB06YM-2FHVdJDoybampnVHv6d8wX941AVzODUSJ81VZMF-2BYKtFfDWbx84pFgoN7I5zUsdUKkXFozUShlYzh5GXk8GnYfeTXupnLEekJwtMRThQmnOC-2Bv6C7zuckbWl8uOX-2Ff6-2FF-2B71thn-2FCxOZ7QwQhn3-2F90Bgt0LBq6eZ8bM2ttK9XhF076BpMjI1z8hzeHQ54alBhalBag5R1E4PC7U6xo8ZzKQE3XFsY1EB2JT7QzaBcDjaTmM7-2F1nfGgdIwHm41ZWC33UKEXBtjur HTTP 302
  • https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Request Chain 1
  • https://d1azc1qln24ryf.cloudfront.net/101518/birdeye-fonts/style-cf.css?yyna79 HTTP 302
  • https://cdn.icomoon.io/101518/birdeye-fonts/style-cf.css

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
review-us
birdeye.com/allstate-protection-plans-squaretrade-149634609159323/
Redirect Chain
  • https://mailing.birdeye.com/ls/click?upn=u001.aakefH-2Bl0f3i6bWqZ94RwNAy-2BHDEpzrvQQ4BlsY8OgjqdL4RJiqUo-2Bbs-2BlT5Q2p-2Bj6jXQSlXpgq4P6qVaBWwPuX-2FX4mBi94gQ0FIJQmtuiOr-2BmQ38X4IJzIHvqTm2TawEGiSBqkbU...
  • https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=htt...
273 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.101.5.48 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-101-5-48.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
347264cf29b9768f52ddb813207c5c159691ff85ea7070a9701aebbcde251545
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-AU,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 09 Apr 2024 11:33:58 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
Apache
strict-transport-security
max-age=63072000; includeSubDomains
timing-allow-origin
*
vary
Host,Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-ua-compatible
IE=Edge,chrome=1
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
332
Content-Type
text/html; charset=utf-8
Date
Tue, 09 Apr 2024 11:33:57 GMT
Location
https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
style-cf.css
cdn.icomoon.io/101518/birdeye-fonts/
Redirect Chain
  • https://d1azc1qln24ryf.cloudfront.net/101518/birdeye-fonts/style-cf.css?yyna79
  • https://cdn.icomoon.io/101518/birdeye-fonts/style-cf.css
19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.icomoon.io/101518/birdeye-fonts/style-cf.css
Requested by
Host: birdeye.com
URL: https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Protocol
H2
Server
138.199.24.219 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
138-199-24-219.bunnyinfra.net
Software
BunnyCDN-SG1-783 /
Resource Hash
fb3084b6aafbd57352e66ecf56e47b8ed9fc8eb669e5a8679d7e75e9b153dba3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Apr 2024 11:33:59 GMT
content-encoding
br
cdn-edgestorageid
747
cdn-cachedat
03/30/2024 19:26:57
cdn-pullzone
1460617
last-modified
Fri, 10 Nov 2023 22:09:05 GMT
server
BunnyCDN-SG1-783
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"9f7603551d1bb5afe75e2407bb83946c"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
dd4aa74a-23b0-4a02-a963-0a23a001f729
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
6d309c5de9a2411519487f9212f3763c
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True

Redirect headers

date
Tue, 09 Apr 2024 11:33:58 GMT
via
1.1 03b68196a4924b2e14289edfecca0cae.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD3-P1
vary
Origin
x-cache
FunctionGeneratedResponse from cloudfront
location
https://cdn.icomoon.io/101518/birdeye-fonts/style-cf.css
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
_XDErKCHcEEv_hWk8XMD8p_6mbRy7uu7o8HNTLmlRM7wD325pkqGtA==
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: birdeye.com
URL: https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://birdeye.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:33:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
900
age
4618593
cdn-cachedat
06/23/2022 03:30:59
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
c22cef91a61ba421c21c5adec89b9a2c
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
871a2f6efea0a835-SYD
cdn-requestpullsuccess
True
reviews
www.google.com/maps/api/js/ 		65 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/api/js/reviews?key=AIzaSyCCP5KKXzBpqOIx1F08Ii0poIt5kLSdYxA
Requested by
Host: birdeye.com
URL: https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.70.228 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel05s02-in-f4.1e100.net
Software
ESF /
Resource Hash
986542de7aaff9e6404a9ec9eb2d637102c230649d9362eada45d5ac0dee902a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fEWcm0A8nXByP8wBCvSPEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ReviewsWidgetUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www-onepick-opensocial.googleusercontent.com;report-uri /_/ReviewsWidgetUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ReviewsWidgetUi/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://birdeye.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:33:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-fEWcm0A8nXByP8wBCvSPEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ReviewsWidgetUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www-onepick-opensocial.googleusercontent.com;report-uri /_/ReviewsWidgetUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ReviewsWidgetUi/cspreport
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=177
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ReviewsWidgetUi/web-reports?context=eJwNzV1Ik3EYBfB_67wiWlPUpJnelAwnVMRCIYLIorp4de_zDLK6MaVZRsZIrCSjD7BCTAsvFIOIIhHClEqiCxVCL4Ryi9ISLQxMWYEYzb4XnYsfnJtzTsoLFKbkGLsgx9QUec2aYq_JO-s3zfM7TX18j2nx7DWV2_eZCp9tLm6zTfYO27SOvnQtxmOu5OWYay15qfR4GU58LsPPmQB-U-VCAB-_B9Cb7eCJx8HyaQenGh0kBhyYUQcl0w7KUwUZ6YIhsjOZcwUNWwTnKMsvaDooyA8JNlJzjaCFMk8KeusEtxsEsxS-JKhoExym4ZuC-13s3hV09dGIYInc44LSiCBAPfRtQvBgUvB1RpD6XjA9JxiICZ5S_xdBUlyw-Ycg9EdQmBAU0XWv4rlP8bZIEaNgtaKc4scULbWKv9QeVjyqV_jPKLZSK7VRjLobFT20dF4xe1lRe1WRfk0xeEsxckex_57iALkeK1ZSKq2mNMqi6gGFZ1CxjnJpPYWGFWHKG-HPmOIGJaIK9yvFLlqcVHya4sYHRfGcYtO8YmxBEaUJekf1y4rdaUEMeYI4UhBEiNwPO6x88vV1WEK_nnVYJUc7LYfsC53WIWqaGrfaqepfxArThqqoZddFrYxVyd2RN_1J6UtX-l6v-A-wjNhY"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin-allow-popups
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
2654091603646792175SquareTrade081820001LinkedInProfile.png
d1py4eyp5hehj0.cloudfront.net/upload/254401/1709668602857/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1py4eyp5hehj0.cloudfront.net/upload/254401/1709668602857/2654091603646792175SquareTrade081820001LinkedInProfile.png
Requested by
Host: birdeye.com
URL: https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.16.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-16-148.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1e3c848d1868d9c79f0b5b52d0f21aa87662c1e8e8e0c435bbd2821d55a241d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://birdeye.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:34:00 GMT
via
1.1 8ccca629f0b1ca48e2e69a056f61f9a6.cloudfront.net (CloudFront)
last-modified
Tue, 05 Mar 2024 19:56:43 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P3
etag
"ec64dc06ab12b9b347f1520ce3350bbf"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-length
13217
x-amz-cf-id
KOZMuJIt4wicvyRhvBvSF0OpL_kjQutAiXUdKhoKYzBJ1yg6X7w3Sw==
checkmark-large.png
d3cnqzq0ivprch.cloudfront.net/prod/css/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3cnqzq0ivprch.cloudfront.net/prod/css/images/checkmark-large.png
Requested by
Host: birdeye.com
URL: https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.243.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-243-159.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0dc2d657946cb2d47ef3af65f22aad2218ad027b85b2d43832847800c99c17f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://birdeye.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 23:33:58 GMT
via
1.1 e3f515cf2b40cd90e36f3532dbd8a5ae.cloudfront.net (CloudFront)
last-modified
Mon, 12 Jun 2023 23:01:34 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
age
43201
x-amz-server-side-encryption
AES256
etag
"bcdd0f96615c793043149dabe85c0a9c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
2103
x-amz-cf-id
RVPZiCkr3kjjd6vD0wguLROfqUVfp0xcsKE5Qw37Kjm72UPAQ3tDrw==
google.svg
d3cnqzq0ivprch.cloudfront.net/public-site/production/assets/images/components/login-modal/ 		886 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3cnqzq0ivprch.cloudfront.net/public-site/production/assets/images/components/login-modal/google.svg
Requested by
Host: birdeye.com
URL: https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.243.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-243-159.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3b9c1edaebcdf6cfc62190f337b47900f5a1ce1371c954c78d8565abfb4a437

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://birdeye.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 00:35:31 GMT
via
1.1 e3f515cf2b40cd90e36f3532dbd8a5ae.cloudfront.net (CloudFront)
last-modified
Wed, 24 Jan 2024 08:57:11 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
age
39508
x-amz-server-side-encryption
AES256
etag
"2262ff1a97fc8c96a80f0ba2d75fe472"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
886
x-amz-cf-id
GojGuIle5luFzlB8nASBd1iyqzejosPC6bPHS-Pw17Q4jTG-6jKsfQ==
fb.svg
d3cnqzq0ivprch.cloudfront.net/public-site/production/assets/images/components/login-modal/ 		527 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3cnqzq0ivprch.cloudfront.net/public-site/production/assets/images/components/login-modal/fb.svg
Requested by
Host: birdeye.com
URL: https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.243.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-243-159.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a3e2616fc3460144ea9efbe9f4f0dbd04066827779f7ad06a85e595499fc426

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://birdeye.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 00:44:38 GMT
via
1.1 e3f515cf2b40cd90e36f3532dbd8a5ae.cloudfront.net (CloudFront)
last-modified
Wed, 24 Jan 2024 08:57:11 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
age
38961
etag
"b97a1d1e9bf25656a5de1ffb010497f4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
527
x-amz-cf-id
S53boqcebDgvpaF-0VBnzOWOMMEZfuO1QbcxJIt64sdEy9A2xm-LqQ==
platform.js
apis.google.com/js/ 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: birdeye.com
URL: https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.70.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel05s02-in-f14.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://birdeye.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 Apr 2024 11:33:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21304
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"5c70e8c05e1ae263"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Apr 2024 11:33:59 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: birdeye.com
URL: https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://birdeye.com/
Origin
https://birdeye.com
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 Apr 2024 11:33:59 GMT
content-md5
DgCRKLMJp6WffRUZ6FJrnA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1683
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=12, mss=1314, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
PBp/7UlZXidrerUppgJErCR1IwvHgVIF98G1ldIjiiqq95E7lNEni8Hp6faDuHYffNmoKHVm2MRlIw+zlpAcyg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
6b88ab36e1a04717fb8ca21ec1828d19
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"7f8ed4975e8d58646ad81ff4a3600156"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 09 Apr 2024 11:34:26 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=574690&u=https%3A%2F%2Fbirdeye.com%2Fallstate-protection-plans-squaretrade-149634609159323%2Freview-us%3Frid%3D23257505145%26source%3Demail%26rtype%3Dreview_request%26templateId%3D594816%26custId%3DY50nTJbZGO%252FCp%252FHNaEYULw%253D%253D%26r%3Dhttps%253A%252F%252Fwww.consumeraffairs.com%252Fbrands%252F22134%252Fsubmit_review%252F%26sid%3D107%26enc%3D1&f=1&r=0.17511744925818773
Requested by
Host: birdeye.com
URL: https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gsyd1 /
Resource Hash
7ecf67eb69fa6a3e1cca667a1c125d6098015cfc219c0f0de25226198aeacfa6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://birdeye.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:33:59 GMT
content-encoding
gzip
via
1.1 google
server
gsyd1
etag
W/"1712654940"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
css
fonts.googleapis.com/ 		9 KB
864 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.70.170 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel04s02-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://birdeye.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 Apr 2024 11:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 Apr 2024 09:45:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Apr 2024 11:33:59 GMT
css
fonts.googleapis.com/ 		2 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.70.170 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel04s02-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://birdeye.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 Apr 2024 11:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 Apr 2024 11:09:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Apr 2024 11:33:59 GMT
css
fonts.googleapis.com/ 		5 KB
918 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,800,900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.70.170 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel04s02-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://birdeye.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 Apr 2024 11:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 Apr 2024 10:44:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Apr 2024 11:33:59 GMT
loading-indicator.gif
d3cnqzq0ivprch.cloudfront.net/prod/css/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3cnqzq0ivprch.cloudfront.net/prod/css/images/loading-indicator.gif
Requested by
Host: birdeye.com
URL: https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.243.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-243-159.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
721e251c7670dbd1a2e5168505897fe549ae97aafa0eb92a533b592613e46309

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://birdeye.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 11 Mar 2024 10:30:36 GMT
via
1.1 e3f515cf2b40cd90e36f3532dbd8a5ae.cloudfront.net (CloudFront)
last-modified
Mon, 12 Jun 2023 23:01:37 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
age
2509404
etag
"8b749a6e81c367dce7a85b6d1b8f826b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=94608000
accept-ranges
bytes
content-length
2608
x-amz-cf-id
cCLI3Mfk_IvB5DYtAMp3vA_Tgb2jSDbNxVUjOa76X6ovbCdT3SBKIQ==
expires
Sat, 09 May 2015 09:45:03 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin
https://birdeye.com
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:33:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
987
age
701025
cdn-cachedat
10/31/2023 18:56:52
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
66624
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"db812d8a70a4e88e888744c1c9a27e89"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
c148d038336f961b6d775d727fa6be52
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
871a2f74dcb5a819-SYD
cdn-requestpullsuccess
True
birdEye-logo-text.svg
d3cnqzq0ivprch.cloudfront.net/public-forms/prod/assets/139/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3cnqzq0ivprch.cloudfront.net/public-forms/prod/assets/139/birdEye-logo-text.svg
Requested by
Host: birdeye.com
URL: https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.243.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-243-159.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e0aeb969ea49e1702b5057f3d3bad5ff4d242d2e8e874f1cf572fd382fca9059

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://birdeye.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 21:12:55 GMT
content-encoding
gzip
via
1.1 e3f515cf2b40cd90e36f3532dbd8a5ae.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2024 02:20:24 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
age
51665
x-amz-server-side-encryption
AES256
etag
W/"a5f2425c61c9e1ae7977615f63d0f305"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
jHzlHf9jdE7SmOvMHVsf1q7hRrBKTgP1igrjOVVVWabdFUFwtUPECg==
powered-by-birdeye-grey-new.png
d3cnqzq0ivprch.cloudfront.net/public-forms/prod/assets/139/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3cnqzq0ivprch.cloudfront.net/public-forms/prod/assets/139/powered-by-birdeye-grey-new.png
Requested by
Host: birdeye.com
URL: https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.243.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-243-159.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e7eb09f3d9f8b9823b3868407bb3a43f5610dc41a604817c554be70be30a09e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://birdeye.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 21:12:53 GMT
via
1.1 e3f515cf2b40cd90e36f3532dbd8a5ae.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2024 02:20:28 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P1
age
51667
x-amz-server-side-encryption
AES256
etag
"1c46b0db1bfca24867f5e7e464643beb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/&
accept-ranges
bytes
content-length
5545
x-amz-cf-id
CTW_pKhyE6lf3BLcuWeBnlXyiCBt9RIUQcOBaPSY41DXvEpGm67hZQ==
emailclick
birdeye.com/papi/customer/ 		411 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://birdeye.com/papi/customer/emailclick?rid=23257505145&source=web&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1&becid=&click_type=2&bId=149634609159323&event_id=d41d8cd98f00b204e9800998ecf8427e&os=null
Requested by
Host: birdeye.com
URL: https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.101.5.48 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-101-5-48.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/json; charset=utf-8
Accept
application/json
Referer
https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:33:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
p3p
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length
333
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
pragma
no-cache
server
Apache
vary
Host,Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
timing-allow-origin
*
expires
Thu, 19 Nov 1981 08:52:00 GMT
tag-d3c9f8ff0ea6b56e245c431dd39ad7a7.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 		184 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-d3c9f8ff0ea6b56e245c431dd39ad7a7.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=574690&u=https%3A%2F%2Fbirdeye.com%2Fallstate-protection-plans-squaretrade-149634609159323%2Freview-us%3Frid%3D23257505145%26source%3Demail%26rtype%3Dreview_request%26templateId%3D594816%26custId%3DY50nTJbZGO%252FCp%252FHNaEYULw%253D%253D%26r%3Dhttps%253A%252F%252Fwww.consumeraffairs.com%252Fbrands%252F22134%252Fsubmit_review%252F%26sid%3D107%26enc%3D1&f=1&r=0.17511744925818773
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gsyd1 /
Resource Hash
298f4b002e6b8c46332281da8cf55b417324beb8e411f59f95218a4cc509c0a6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://birdeye.com/
Origin
https://birdeye.com
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:33:59 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 09 Apr 2024 09:28:46 GMT
server
gsyd1
etag
"66150a4e-cdca"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52682
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=574690&d=birdeye.com&u=DC8B62C20F2C6006A3CA9B144FDB69CD0&h=d094bcd5efb8bb1d098025020ea22d4b&t=false
Requested by
Host: birdeye.com
URL: https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://birdeye.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:33:58 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
settings.js
dev.visualwebsiteoptimizer.com/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=574690&settings_type=1&vn=7.0
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-d3c9f8ff0ea6b56e245c431dd39ad7a7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gsyd1 /
Resource Hash
62758af72a946a0ca65e9b9bd53a0275e6a44c28b0ca4b0f2688ed98dd558119

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://birdeye.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:33:59 GMT
content-encoding
gzip
via
1.1 google
server
gsyd1
etag
W/"1712654940"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Primary Request /
www.consumeraffairs.com/brands/22134/submit_review/ 		28 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.consumeraffairs.com/brands/22134/submit_review/
Requested by
Host: birdeye.com
URL: https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.88.248 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-88-248.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
fe9db618f3431a87b09a10d89d2e26a159415f5f0cae79383885118846cb02e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://birdeye.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-AU,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: chrome: eval: https: http:;report-uri https://stderr.consumeraffairs.com/api/40/security/?sentry_key=7cf6b3564e4343f68a310b937a3d823e;
content-type
text/html; charset=utf-8
date
Tue, 09 Apr 2024 11:34:00 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Cookie, origin
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sdk.js
connect.facebook.net/en_US/ 		303 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=cefd8753e0cdeb5061b643ab41c8b8ec
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://birdeye.com/
Origin
https://birdeye.com
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 Apr 2024 11:33:59 GMT
content-md5
nwj+wNAmpUxlPuSD5xUHcw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88692
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=20, mss=1314, tbw=6386, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
HBzFOnFaEXA9unDdInsgjh8NTWjN55ZIvtQzd8BdhJkWi089Ugc/YhTSf7qOWIr6rqBHr6YMhqVGdwG8Gkq/Lw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
ad9ef531e2ddc9051ed79586acdde232
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"8a4de83c71492a55bc36c2da0e9681e7"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 09 Apr 2025 09:38:27 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.70.131 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel04s01-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://birdeye.com
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 14:43:11 GMT
x-content-type-options
nosniff
age
247849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 14:43:11 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.70.131 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel04s01-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://birdeye.com
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 07:55:11 GMT
x-content-type-options
nosniff
age
272329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 07:55:11 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.70.131 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel04s01-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://birdeye.com
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 10:37:39 GMT
x-content-type-options
nosniff
age
262581
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 10:37:39 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.70.131 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel04s01-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://birdeye.com
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 14:03:34 GMT
x-content-type-options
nosniff
age
336626
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Apr 2025 14:03:34 GMT
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v34/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v34/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.70.131 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel04s01-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://birdeye.com
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:55:24 GMT
x-content-type-options
nosniff
age
337116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13992
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:50:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Apr 2025 13:55:24 GMT
html5.c5776ab90665.js
media.consumeraffairs.com/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.consumeraffairs.com/static/js/html5.c5776ab90665.js
Requested by
Host: www.consumeraffairs.com
URL: https://www.consumeraffairs.com/brands/22134/submit_review/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.144.177 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nwa/E792) /
Resource Hash
3217cc8b501b86b92da66d9e9d2b3f598adbf7c3e16087c0c69e2102a82ae8fe

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.consumeraffairs.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:34:00 GMT
content-encoding
gzip
last-modified
Mon, 08 Aug 2022 20:46:52 GMT
server
ECS (nwa/E792)
age
1218498
etag
W/"62f1763c-985"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
content-length
1257
expires
Wed, 09 Apr 2025 11:34:00 GMT
forms.d5f5f08ddb09.css
media.consumeraffairs.com/static/css/ 		77 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.consumeraffairs.com/static/css/forms.d5f5f08ddb09.css
Requested by
Host: www.consumeraffairs.com
URL: https://www.consumeraffairs.com/brands/22134/submit_review/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.144.177 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nwa/E78A) /
Resource Hash
7ac38c088565d2a3cf9dc4d6df7212a149619dd879a133ba3e6e54b3aad0cdac

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.consumeraffairs.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:34:00 GMT
content-encoding
gzip
last-modified
Mon, 08 Aug 2022 20:46:53 GMT
server
ECS (nwa/E78A)
age
1110771
etag
W/"62f1763d-13538"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
content-length
13260
expires
Wed, 09 Apr 2025 11:34:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: www.consumeraffairs.com
URL: https://www.consumeraffairs.com/brands/22134/submit_review/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.70.170 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel04s02-in-f10.1e100.net
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.consumeraffairs.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 23:30:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33845
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Apr 2025 23:30:42 GMT
APP_Logo.png
media.consumeraffairs.com/files/review_form_logos/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.consumeraffairs.com/files/review_form_logos/APP_Logo.png
Requested by
Host: www.consumeraffairs.com
URL: https://www.consumeraffairs.com/brands/22134/submit_review/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.144.177 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
ed4222314c8502797093b34cbc0129fa730a5a9785a983128d49c47a8b20a4e0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.consumeraffairs.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:34:00 GMT
last-modified
Tue, 08 Jun 2021 18:50:26 GMT
server
nginx
etag
"60bfbbf2-6df0"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
28144
expires
Thu, 09 May 2024 11:34:00 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/ 		197 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/jquery-ui.min.js
Requested by
Host: www.consumeraffairs.com
URL: https://www.consumeraffairs.com/brands/22134/submit_review/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.70.170 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel04s02-in-f10.1e100.net
Software
sffe /
Resource Hash
72d9830a52597d534ae8f47eabb35eef20d343180a2e06417b7aa9784fc8e40c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.consumeraffairs.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 15:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246522
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52222
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 15:05:18 GMT
main-vendor.0dcacfa92a5e.js
media.consumeraffairs.com/static/js/ 		298 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.consumeraffairs.com/static/js/main-vendor.0dcacfa92a5e.js
Requested by
Host: www.consumeraffairs.com
URL: https://www.consumeraffairs.com/brands/22134/submit_review/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.144.177 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nwa/E790) /
Resource Hash
0f207bb00d4d8391aaac2fdb83d722eb6ae8da7dd7e6cc8edf5de76e56c5997d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.consumeraffairs.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:34:00 GMT
content-encoding
gzip
last-modified
Mon, 08 Aug 2022 20:46:52 GMT
server
ECS (nwa/E790)
age
1110771
etag
W/"62f1763c-4a7b3"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
content-length
100869
expires
Wed, 09 Apr 2025 11:34:00 GMT
forms-vendor.4a7a7ed14cc8.js
media.consumeraffairs.com/static/js/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.consumeraffairs.com/static/js/forms-vendor.4a7a7ed14cc8.js
Requested by
Host: www.consumeraffairs.com
URL: https://www.consumeraffairs.com/brands/22134/submit_review/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.144.177 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nwa/E78D) /
Resource Hash
fe5edeaa84d0ff1dad950d884650664d4f36b474ac82e498f6bb2d9ec2de1e56

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.consumeraffairs.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:34:00 GMT
content-encoding
gzip
last-modified
Mon, 08 Aug 2022 20:46:52 GMT
server
ECS (nwa/E78D)
age
1110770
etag
W/"62f1763c-e66d"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
content-length
18449
expires
Wed, 09 Apr 2025 11:34:00 GMT
main.fcd74a9dd73e.js
media.consumeraffairs.com/static/js/ 		135 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.consumeraffairs.com/static/js/main.fcd74a9dd73e.js
Requested by
Host: www.consumeraffairs.com
URL: https://www.consumeraffairs.com/brands/22134/submit_review/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.144.177 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nwa/E78B) /
Resource Hash
5cd4c0a6871360abe2b8c7ada41a926811fc0d68d13bf2b068afa1e361f246a0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.consumeraffairs.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:34:00 GMT
content-encoding
gzip
last-modified
Mon, 08 Aug 2022 20:46:52 GMT
server
ECS (nwa/E78B)
age
1110770
etag
W/"62f1763c-21b45"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
content-length
39365
expires
Wed, 09 Apr 2025 11:34:00 GMT
forms.2055b15e1ee0.js
media.consumeraffairs.com/static/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.consumeraffairs.com/static/js/forms.2055b15e1ee0.js
Requested by
Host: www.consumeraffairs.com
URL: https://www.consumeraffairs.com/brands/22134/submit_review/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.144.177 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nwa/E792) /
Resource Hash
bb4f267285712843736becd6b9f6e1c9ad15d9383dff8f3d5e7e4243e536acc7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.consumeraffairs.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:34:00 GMT
content-encoding
gzip
last-modified
Mon, 08 Aug 2022 20:46:52 GMT
server
ECS (nwa/E792)
age
1110770
etag
W/"62f1763c-20da"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
content-length
3207
expires
Wed, 09 Apr 2025 11:34:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.consumeraffairs.com
URL: https://www.consumeraffairs.com/brands/22134/submit_review/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
ebcc80bf5e0568d173b31bee579c02a725832f916de3656f7a36f94df865d168
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.consumeraffairs.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 09 Apr 2024 11:34:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57928
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
UNKNOWN; q=-1, rtt=-1, rtx=0, c=14, mss=1314, tbw=2772, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
6dxjWposoTDv7Ur9ucbHIsR1tBzKSkCIvXdS+PRkAMGcd/6P2Gl9CAtvQkNkzj7vdXdspniWgCyGomWOdiFDXQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
stars-flat-sprites-small.0fb6a757a07e.png
media.consumeraffairs.com/static/img/common/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.consumeraffairs.com/static/img/common/stars-flat-sprites-small.0fb6a757a07e.png
Requested by
Host: media.consumeraffairs.com
URL: https://media.consumeraffairs.com/static/css/forms.d5f5f08ddb09.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.144.177 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nwa/E78F) /
Resource Hash
d3d80b547b3917083c2de8c75a476939ff04a8afc3d3878a4a8db0c8fc6c222d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://media.consumeraffairs.com/static/css/forms.d5f5f08ddb09.css
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:34:00 GMT
last-modified
Mon, 08 Aug 2022 20:46:52 GMT
server
ECS (nwa/E78F)
age
1110769
etag
"62f1763c-f03"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3843
expires
Wed, 09 Apr 2025 11:34:00 GMT
1036069066452108
connect.facebook.net/signals/config/ 		65 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1036069066452108?v=2.9.152&r=stable&domain=www.consumeraffairs.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
fb50dd652d881a42d8ca75e1884c48135682ff0976d391d7fd9d8ba46281baa7
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.consumeraffairs.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 09 Apr 2024 11:34:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=64, mss=1314, tbw=63131, tp=-1, tpl=-1, uplat=294, ullat=0
pragma
public
x-fb-debug
KuDlfwkzDU4NvJhUoPkgMukNnBekwtiM95i4Xtr1qI+7ayaiXXI3B5npbDcr9UKLbDhuGgqT4ti0vIg3F6/O9w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1036069066452108&ev=PageView&dl=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&rl=https%3A%2F%2Fbirdeye.com%2F&if=false&ts=1712662441250&sw=800&sh=600&v=2.9.152&r=stable&ec=0&o=4126&fbp=fb.1.1712662441248.1184164907&cs_est=true&ler=other&cdl=API_unavailable&it=1712662440937&coo=false&rqm=GET
Requested by
Host: www.consumeraffairs.com
URL: https://www.consumeraffairs.com/brands/22134/submit_review/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.consumeraffairs.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1314, tbw=2763, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 09 Apr 2024 11:34:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.d4734e09624b.ico
media.consumeraffairs.com/static/img/ 		5 KB
797 B 		Other
General
Check archive.org
Download Go to
Full URL
https://media.consumeraffairs.com/static/img/favicon.d4734e09624b.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.144.177 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
cfb6dbffd0e02e9f530fc90f505d7636b4388acba9cf2508caf40872aff70efa

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.consumeraffairs.com/
accept-language
en-AU,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:34:01 GMT
content-encoding
br
last-modified
Mon, 08 Aug 2022 20:46:52 GMT
server
nginx
etag
W/"62f1763c-1536"
content-type
image/x-icon
access-control-allow-origin
*
cache-control
max-age=31536000, public
expires
Wed, 09 Apr 2025 11:34:01 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| html5 object| CAContent function| $ function| jQuery object| style function| fbq function| _fbq function| DP_jQuery_1712662440636 function| modalBouncer function| Kenburns object| JSized function| require object| Modernizr function| yepnope function| _ object| Backbone function| loadImage function| dataURLtoBlob object| respond function| Sortable object| jQuery17206515416267350294 function| Hammer function| ouibounce object| Handlebars function| openZendeskChat boolean| exclude_user object| dataLayer

15 Cookies

Domain/Path Name / Value
birdeye.com/ Name: sid
Value: kp379btjqt6basgm6g1op11k93
.google.com/ Name: NID
Value: 513=A3BSVe8FzrHHv2HsNPiPpgRLCE2Ut-1CdalAsGAwiT5p6pR_R_EzmZgK46KErQh80xWkr0hk3fE04tb7Kn-j0ew8-0Bqi9DYxpQDJzQRBxSJJqIj4mgHIJnDxuEbyF_Pd2qaDGXyfwRjjcHZ-oxutAjBRlYSYxeDfjfSNpf-nEk
.birdeye.com/ Name: _vwo_uuid_v2
Value: DC8B62C20F2C6006A3CA9B144FDB69CD0|d094bcd5efb8bb1d098025020ea22d4b
.birdeye.com/ Name: _vis_opt_s
Value: 1%7C
.birdeye.com/ Name: _vis_opt_test_cookie
Value: 1
.birdeye.com/ Name: _vwo_uuid
Value: DC8B62C20F2C6006A3CA9B144FDB69CD0
.birdeye.com/ Name: _vwo_ds
Value: 3%241712662439%3A43.66456536%3A%3A
.birdeye.com/ Name: _vwo_sn
Value: 0%3A1
.consumeraffairs.com/ Name: CA_LAND_PAGE
Value: "eyJjb25hZmZpZCI6IHsibSI6ICJyZSIsICJhZiI6ICJjYSIsICJhIjogImNhIiwgInMiOiAiY2EiLCAic2UiOiAib3RoZXJzIiwgInNkIjogIm4vYSJ9fQ=="
.consumeraffairs.com/ Name: CA_TARGET
Value: "eyJpcF9hZGRyZXNzIjogIjY2LjIwMy4xMTIuMTYyIiwgInVzZXJfYWdlbnQiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMy4wLjAuMCBTYWZhcmkvNTM3LjM2In0="
.consumeraffairs.com/ Name: _ga
Value: GA1.2.1217071223.1712662439
.consumeraffairs.com/ Name: CA_SESSION_ID
Value: "ZDRlZjk2NGRkZDEyNDQ4ZTg0NjY3NmI5N2VmNTYxN2Y="
www.consumeraffairs.com/ Name: csrftoken
Value: 3DZQt3tsfFLcRr0j79UJLpy9OF7SLr7FcI43rmVomC4sp3lBRlBLdSGvCDfss54g
.www.consumeraffairs.com/ Name: sessionid
Value: i23p1z2gb8427sxz9hgsxoin0eqwmvjx
.consumeraffairs.com/ Name: _fbp
Value: fb.1.1712662441248.1184164907

3 Console Messages

Source Level URL
Text
other warning URL: https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://birdeye.com/allstate-protection-plans-squaretrade-149634609159323/review-us?rid=23257505145&source=email&rtype=review_request&templateId=594816&custId=Y50nTJbZGO%2FCp%2FHNaEYULw%3D%3D&r=https%3A%2F%2Fwww.consumeraffairs.com%2Fbrands%2F22134%2Fsubmit_review%2F&sid=107&enc=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/1036069066452108?v=2.9.152&r=stable&domain=www.consumeraffairs.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apis.google.com
birdeye.com
cdn.icomoon.io
connect.facebook.net
d1azc1qln24ryf.cloudfront.net
d1py4eyp5hehj0.cloudfront.net
d3cnqzq0ivprch.cloudfront.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
mailing.birdeye.com
maxcdn.bootstrapcdn.com
media.consumeraffairs.com
www.consumeraffairs.com
www.facebook.com
www.google.com
104.18.11.207
108.158.16.148
138.199.24.219
142.250.70.131
142.250.70.170
142.250.70.228
142.250.70.238
157.240.8.23
157.240.8.35
18.65.243.159
18.65.243.60
192.229.144.177
3.101.5.48
34.96.102.137
44.229.88.248
50.18.123.174
0a3e2616fc3460144ea9efbe9f4f0dbd04066827779f7ad06a85e595499fc426
0f207bb00d4d8391aaac2fdb83d722eb6ae8da7dd7e6cc8edf5de76e56c5997d
298f4b002e6b8c46332281da8cf55b417324beb8e411f59f95218a4cc509c0a6
3217cc8b501b86b92da66d9e9d2b3f598adbf7c3e16087c0c69e2102a82ae8fe
347264cf29b9768f52ddb813207c5c159691ff85ea7070a9701aebbcde251545
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
5cd4c0a6871360abe2b8c7ada41a926811fc0d68d13bf2b068afa1e361f246a0
62758af72a946a0ca65e9b9bd53a0275e6a44c28b0ca4b0f2688ed98dd558119
721e251c7670dbd1a2e5168505897fe549ae97aafa0eb92a533b592613e46309
72d9830a52597d534ae8f47eabb35eef20d343180a2e06417b7aa9784fc8e40c
7ac38c088565d2a3cf9dc4d6df7212a149619dd879a133ba3e6e54b3aad0cdac
7ecf67eb69fa6a3e1cca667a1c125d6098015cfc219c0f0de25226198aeacfa6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e7eb09f3d9f8b9823b3868407bb3a43f5610dc41a604817c554be70be30a09e
986542de7aaff9e6404a9ec9eb2d637102c230649d9362eada45d5ac0dee902a
a3b9c1edaebcdf6cfc62190f337b47900f5a1ce1371c954c78d8565abfb4a437
b0dc2d657946cb2d47ef3af65f22aad2218ad027b85b2d43832847800c99c17f
bb4f267285712843736becd6b9f6e1c9ad15d9383dff8f3d5e7e4243e536acc7
cfb6dbffd0e02e9f530fc90f505d7636b4388acba9cf2508caf40872aff70efa
d1e3c848d1868d9c79f0b5b52d0f21aa87662c1e8e8e0c435bbd2821d55a241d
d3d80b547b3917083c2de8c75a476939ff04a8afc3d3878a4a8db0c8fc6c222d
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e0aeb969ea49e1702b5057f3d3bad5ff4d242d2e8e874f1cf572fd382fca9059
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebcc80bf5e0568d173b31bee579c02a725832f916de3656f7a36f94df865d168
ed4222314c8502797093b34cbc0129fa730a5a9785a983128d49c47a8b20a4e0
fb3084b6aafbd57352e66ecf56e47b8ed9fc8eb669e5a8679d7e75e9b153dba3
fb50dd652d881a42d8ca75e1884c48135682ff0976d391d7fd9d8ba46281baa7
fe5edeaa84d0ff1dad950d884650664d4f36b474ac82e498f6bb2d9ec2de1e56
fe9db618f3431a87b09a10d89d2e26a159415f5f0cae79383885118846cb02e1
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995