urlscan.io logo urlscan.io
SecurityTrails logo

feedback.tu.sainsburys.co.uk Open in urlscan Pro
54.192.137.118  Public Scan

Go To Rescan Add Verdict Report
URL: https://feedback.tu.sainsburys.co.uk/
Submission: On July 03 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 18 HTTP transactions. The main IP is 54.192.137.118, located in United States and belongs to AMAZON-02, US. The main domain is feedback.tu.sainsburys.co.uk.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 3rd 2024. Valid for: a year.
This is the only time feedback.tu.sainsburys.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 54.192.137.118 16509 (AMAZON-02)
10 2606:4700:440... 13335 (CLOUDFLAR...)
1 2602:816:5001... 54113 (FASTLY)
2 162.247.243.29 54113 (FASTLY)
18 4
Apex Domain
Subdomains		 Transfer
10 onetrust.com
cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 6654
geolocation.onetrust.com — Cisco Umbrella Rank: 653
166 KB
5 sainsburys.co.uk
feedback.tu.sainsburys.co.uk
199 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 311
979 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 900
29 KB
18 4
Domain Requested by
9 cdn-ukwest.onetrust.com feedback.tu.sainsburys.co.uk
5 feedback.tu.sainsburys.co.uk feedback.tu.sainsburys.co.uk
2 bam.nr-data.net feedback.tu.sainsburys.co.uk
1 geolocation.onetrust.com feedback.tu.sainsburys.co.uk
1 js-agent.newrelic.com feedback.tu.sainsburys.co.uk
18 5

This site contains links to these domains. Also see Links.

Domain
privacy-hub.sainsburys.co.uk
www.onetrust.com
Subject Issuer Validity Valid
feedback.tu.sainsburys.co.uk
Amazon RSA 2048 M02		 2024-07-03 -
2025-07-30		 a year crt.sh
onetrust.com
WE1		 2024-06-27 -
2024-09-25		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-21 -
2025-04-22		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://feedback.tu.sainsburys.co.uk/
Frame ID: 4EC97AACD0C1F325EA652676B21BD8E7
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tu Feedback

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • otSDKStub\.js

Page Statistics

18
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

395 kB
Transfer

1569 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
feedback.tu.sainsburys.co.uk/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://feedback.tu.sainsburys.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.137.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-137-118.lhr62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43f9f2dec0c7d7ec2ed0164e09ba6d4d071cd4f3f4afdb21c5e34bd37e7f13de
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src 'self' *.onetrust.com *.newrelic.com *.nr-data.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; default-src 'self' jsainsbury.fra1.qualtrics.com *.onetrust.com *.newrelic.com *.nr-data.net; connect-src *.onetrust.com *.nr-data.net; frame-src jsainsbury.fra1.qualtrics.com; img-src 'self' *.onetrust.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-security-policy
base-uri 'self'; object-src 'none'; script-src 'self' *.onetrust.com *.newrelic.com *.nr-data.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; default-src 'self' jsainsbury.fra1.qualtrics.com *.onetrust.com *.newrelic.com *.nr-data.net; connect-src *.onetrust.com *.nr-data.net; frame-src jsainsbury.fra1.qualtrics.com; img-src 'self' *.onetrust.com
content-type
text/html
date
Wed, 03 Jul 2024 22:51:59 GMT
etag
W/"b6cd6053e1ae4b350b5ccbb841ddc396"
last-modified
Thu, 18 Jan 2024 13:18:03 GMT
permissions-policy
camera=(), geolocation=(), microphone=()
referrer-policy
same-origin
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 98e10af2ccdf5261bf103646169a4112.cloudfront.net (CloudFront)
x-amz-cf-id
R5hQoirHsJ3Zir9z1u93Jit4hwyJjYZYFaqY93w77P7ElhSNLEieag==
x-amz-cf-pop
LHR62-C5
x-amz-server-side-encryption
AES256
x-amz-version-id
13ZFmUXgSToUlLCBMpp8pkpwuTuuZtGo
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
newrelic.js
feedback.tu.sainsburys.co.uk/scripts/ 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://feedback.tu.sainsburys.co.uk/scripts/newrelic.js
Requested by
Host: feedback.tu.sainsburys.co.uk
URL: https://feedback.tu.sainsburys.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.137.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-137-118.lhr62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8a45bca019af4f22685edecf67a18720a8e04b965b97041fca668275eb77c56
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src 'self' *.onetrust.com *.newrelic.com *.nr-data.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; default-src 'self' jsainsbury.fra1.qualtrics.com *.onetrust.com *.newrelic.com *.nr-data.net; connect-src *.onetrust.com *.nr-data.net; frame-src jsainsbury.fra1.qualtrics.com; img-src 'self' *.onetrust.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://feedback.tu.sainsburys.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 22:51:59 GMT
x-amz-version-id
zBJR6jLsYUV.iDJ03QvxHnV6.c2oyR93
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
base-uri 'self'; object-src 'none'; script-src 'self' *.onetrust.com *.newrelic.com *.nr-data.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; default-src 'self' jsainsbury.fra1.qualtrics.com *.onetrust.com *.newrelic.com *.nr-data.net; connect-src *.onetrust.com *.nr-data.net; frame-src jsainsbury.fra1.qualtrics.com; img-src 'self' *.onetrust.com
via
1.1 98e10af2ccdf5261bf103646169a4112.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C5
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
referrer-policy
same-origin
last-modified
Thu, 18 Jan 2024 13:18:03 GMT
server
AmazonS3
etag
W/"6417ada40982f5cf011543f87e7325e6"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
5HXcuKIUsgHB5o-VXfr-MKnfQ3mJY8-YZfFMrVosuY4TKyEo22wJsg==
main.b225a3da.js
feedback.tu.sainsburys.co.uk/static/js/ 		282 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://feedback.tu.sainsburys.co.uk/static/js/main.b225a3da.js
Requested by
Host: feedback.tu.sainsburys.co.uk
URL: https://feedback.tu.sainsburys.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.137.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-137-118.lhr62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18dedaecf34f554de883d56053f5366c068cfb15a858de8a3d31e95d1bb7c251
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src 'self' *.onetrust.com *.newrelic.com *.nr-data.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; default-src 'self' jsainsbury.fra1.qualtrics.com *.onetrust.com *.newrelic.com *.nr-data.net; connect-src *.onetrust.com *.nr-data.net; frame-src jsainsbury.fra1.qualtrics.com; img-src 'self' *.onetrust.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://feedback.tu.sainsburys.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 22:51:59 GMT
x-amz-version-id
uRDafLR.v8mdjf2LbyY9RqqkEGlopQ9T
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
base-uri 'self'; object-src 'none'; script-src 'self' *.onetrust.com *.newrelic.com *.nr-data.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; default-src 'self' jsainsbury.fra1.qualtrics.com *.onetrust.com *.newrelic.com *.nr-data.net; connect-src *.onetrust.com *.nr-data.net; frame-src jsainsbury.fra1.qualtrics.com; img-src 'self' *.onetrust.com
via
1.1 98e10af2ccdf5261bf103646169a4112.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C5
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
referrer-policy
same-origin
last-modified
Thu, 18 Jan 2024 13:18:03 GMT
server
AmazonS3
etag
W/"38df21bbad646871c61a6a841d5b9493"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
Vz-aDf3dpZIZxIv-0age5RBRJ3_jAUAqPbb0bzZ6d47HTd5BOhuzbA==
main.bebd92fd.css
feedback.tu.sainsburys.co.uk/static/css/ 		523 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://feedback.tu.sainsburys.co.uk/static/css/main.bebd92fd.css
Requested by
Host: feedback.tu.sainsburys.co.uk
URL: https://feedback.tu.sainsburys.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.137.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-137-118.lhr62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5893a9144d72794de761c61c1ed74fb96e7d5738dc83120cd8705ed6ca2d8c8d
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src 'self' *.onetrust.com *.newrelic.com *.nr-data.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; default-src 'self' jsainsbury.fra1.qualtrics.com *.onetrust.com *.newrelic.com *.nr-data.net; connect-src *.onetrust.com *.nr-data.net; frame-src jsainsbury.fra1.qualtrics.com; img-src 'self' *.onetrust.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://feedback.tu.sainsburys.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 22:51:59 GMT
x-amz-version-id
fx.QYUSqFPany7X.OnwdeFMnEabCji6O
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
base-uri 'self'; object-src 'none'; script-src 'self' *.onetrust.com *.newrelic.com *.nr-data.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; default-src 'self' jsainsbury.fra1.qualtrics.com *.onetrust.com *.newrelic.com *.nr-data.net; connect-src *.onetrust.com *.nr-data.net; frame-src jsainsbury.fra1.qualtrics.com; img-src 'self' *.onetrust.com
via
1.1 98e10af2ccdf5261bf103646169a4112.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C5
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
referrer-policy
same-origin
last-modified
Thu, 18 Jan 2024 13:18:03 GMT
server
AmazonS3
etag
W/"462342db3cd96f99d5e310fc4d9c7074"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
jqQlz-c72mSFdS47FH1zQzebxX_0AzX_0lE1t4nCNrdXpjMqkl15cw==
otSDKStub.js
cdn-ukwest.onetrust.com/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Requested by
Host: feedback.tu.sainsburys.co.uk
URL: https://feedback.tu.sainsburys.co.uk/scripts/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 22:51:58 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
ceCldLDyZN6bSQL6yyKLMg==
age
29395
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Tue, 25 Jun 2024 16:13:51 GMT
server
cloudflare
etag
0x8DC9531CDC4E653
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5ec51b51-a01e-008a-4d20-c70c42000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89da717b2e986901-FRA
expires
Thu, 04 Jul 2024 22:51:58 GMT
184ebe95-785b-448f-b0ad-cf0111c54adf.json
cdn-ukwest.onetrust.com/consent/184ebe95-785b-448f-b0ad-cf0111c54adf/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/184ebe95-785b-448f-b0ad-cf0111c54adf/184ebe95-785b-448f-b0ad-cf0111c54adf.json
Requested by
Host: feedback.tu.sainsburys.co.uk
URL: https://feedback.tu.sainsburys.co.uk/scripts/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7cc5b844888bd9fc0d2817fdfe6142fa70d17e7ffcb1f7314d9c44e13c1f903
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 22:51:58 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
al7S8rigiLG7q6TFW71ycA==
content-length
1449
x-ms-lease-status
unlocked
last-modified
Wed, 19 Apr 2023 11:32:39 GMT
server
cloudflare
etag
0x8DB40C9C8431AD4
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8759569f-f01e-0001-2908-7c082f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89da717b8d932c4f-FRA
nr-spa-1.248.0.min.js
js-agent.newrelic.com/ 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1.248.0.min.js
Requested by
Host: feedback.tu.sainsburys.co.uk
URL: https://feedback.tu.sainsburys.co.uk/scripts/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://feedback.tu.sainsburys.co.uk
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
WdicPIzDGJD8og5dR8sXZo1iUf3RkEzi
content-encoding
br
via
1.1 varnish
date
Wed, 03 Jul 2024 22:51:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
G6WQ3KNS7VFW49GN
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
29446
x-amz-id-2
DglMbEVtM/sFkd7+aoBgZWiVdJHaYM+KQHT7J8k3MbjgbTOi0MtlT3QI7XJgK7rQHllUS7bSPGk=
x-served-by
cache-fra-eddf8230036-FRA
last-modified
Thu, 16 Nov 2023 17:54:54 GMT
server
AmazonS3
etag
"9aea0ff91a800a354637269e96e31dac"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
52966
tu.favicon.ico
feedback.tu.sainsburys.co.uk/images/ 		33 KB
33 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://feedback.tu.sainsburys.co.uk/images/tu.favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.137.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-137-118.lhr62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6ec5adfcf97b2d7aef0687394d0481cc7cd7cafea55eed5d5eaa760167ad926
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src 'self' *.onetrust.com *.newrelic.com *.nr-data.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; default-src 'self' jsainsbury.fra1.qualtrics.com *.onetrust.com *.newrelic.com *.nr-data.net; connect-src *.onetrust.com *.nr-data.net; frame-src jsainsbury.fra1.qualtrics.com; img-src 'self' *.onetrust.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://feedback.tu.sainsburys.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 22:51:59 GMT
x-amz-version-id
KbbzqndFe_boCaCFWGnUtc1.NAOHgyRu
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 98e10af2ccdf5261bf103646169a4112.cloudfront.net (CloudFront)
content-security-policy
base-uri 'self'; object-src 'none'; script-src 'self' *.onetrust.com *.newrelic.com *.nr-data.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; default-src 'self' jsainsbury.fra1.qualtrics.com *.onetrust.com *.newrelic.com *.nr-data.net; connect-src *.onetrust.com *.nr-data.net; frame-src jsainsbury.fra1.qualtrics.com; img-src 'self' *.onetrust.com
x-amz-cf-pop
LHR62-C5
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
33310
referrer-policy
same-origin
last-modified
Thu, 18 Jan 2024 13:18:03 GMT
server
AmazonS3
etag
"aa1fc61063a4e945091e0c46c519cbfa"
x-frame-options
DENY
content-type
image/vnd.microsoft.icon
permissions-policy
camera=(), geolocation=(), microphone=()
accept-ranges
bytes
x-amz-cf-id
ZO6xp5em59sA8btf61OFHULLnvKwrBeJdjuqjFA3IavDk_Hj1vD2Tw==
d471046ff6
bam.nr-data.net/1/ 		151 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/d471046ff6?a=1014583695&sa=1&v=1.248.0&t=Unnamed%20Transaction&rst=544&ck=0&s=cc3ecdbfc29aa17e&ref=https://feedback.tu.sainsburys.co.uk/&af=err,xhr,stn,ins,spa&be=140&fe=357&dc=286&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1720047118125,%22n%22:0,%22f%22:0,%22dn%22:38,%22dne%22:38,%22c%22:38,%22s%22:54,%22ce%22:74,%22rq%22:74,%22rp%22:141,%22rpe%22:142,%22di%22:244,%22ds%22:426,%22de%22:426,%22dc%22:496,%22l%22:496,%22le%22:497%7D,%22navigation%22:%7B%7D%7D&fp=374&fcp=439
Requested by
Host: feedback.tu.sainsburys.co.uk
URL: https://feedback.tu.sainsburys.co.uk/scripts/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e6c69d912e0aaa45cd46067a930738bfe04e32bb3e7afffffd12e714bd89a668

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 03 Jul 2024 22:51:59 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://feedback.tu.sainsburys.co.uk
access-control-expose-headers
Date
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
timing-allow-origin
https://feedback.tu.sainsburys.co.uk
Content-Length
151
x-served-by
cache-fra-eddf8230111-FRA
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		66 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: feedback.tu.sainsburys.co.uk
URL: https://feedback.tu.sainsburys.co.uk/scripts/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept
application/json
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 22:51:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
89da717c3e022c4f-FRA
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn-ukwest.onetrust.com/scripttemplates/202303.1.0/ 		407 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/202303.1.0/otBannerSdk.js
Requested by
Host: feedback.tu.sainsburys.co.uk
URL: https://feedback.tu.sainsburys.co.uk/scripts/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
099d33a1d679bcfa3722a172d91742af80d45166f760db1512e4944a9d95bc23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 22:51:58 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
12zQcT/rVMicuxojEvnp3g==
age
28992
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
100389
x-ms-lease-status
unlocked
last-modified
Tue, 21 Mar 2023 19:31:46 GMT
server
cloudflare
etag
0x8DB2A42E908DD2A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
97c4cda9-a01e-0009-539d-7b3e15000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89da717c6f4b6901-FRA
expires
Thu, 04 Jul 2024 22:51:58 GMT
en.json
cdn-ukwest.onetrust.com/consent/184ebe95-785b-448f-b0ad-cf0111c54adf/09a5d572-1d7e-4685-a962-88e88221192f/ 		31 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/184ebe95-785b-448f-b0ad-cf0111c54adf/09a5d572-1d7e-4685-a962-88e88221192f/en.json
Requested by
Host: feedback.tu.sainsburys.co.uk
URL: https://feedback.tu.sainsburys.co.uk/scripts/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8a162379bdedd3e6ff904dee693b8134d084dba0c4a1328b76f6f92f32dd392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 22:51:58 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
56023
content-md5
hRTvTkvu7JOf+3dq0QkI1w==
content-length
9435
x-ms-lease-status
unlocked
last-modified
Wed, 19 Apr 2023 11:32:42 GMT
server
cloudflare
etag
0x8DB40C9C9C63F18
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4721184f-401e-0008-76d4-7a3fe8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89da717cce722c4f-FRA
otFlat.json
cdn-ukwest.onetrust.com/scripttemplates/202303.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/202303.1.0/assets/otFlat.json
Requested by
Host: feedback.tu.sainsburys.co.uk
URL: https://feedback.tu.sainsburys.co.uk/scripts/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 22:51:58 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
QSeDXFW8Ey6Sps1UWSFoNg==
age
56023
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3020
x-ms-lease-status
unlocked
last-modified
Tue, 21 Mar 2023 19:31:35 GMT
server
cloudflare
etag
0x8DB2A42E1F44250
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6efd084b-901e-0028-5bd4-7a5324000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89da717d1ed62c4f-FRA
expires
Thu, 04 Jul 2024 22:51:58 GMT
otPcCenter.json
cdn-ukwest.onetrust.com/scripttemplates/202303.1.0/assets/ 		62 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/202303.1.0/assets/otPcCenter.json
Requested by
Host: feedback.tu.sainsburys.co.uk
URL: https://feedback.tu.sainsburys.co.uk/scripts/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 22:51:58 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
GPerFTZpbt+NNOvywiCYCA==
age
56023
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14749
x-ms-lease-status
unlocked
last-modified
Tue, 21 Mar 2023 19:31:35 GMT
server
cloudflare
etag
0x8DB2A42E2604178
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
2075d982-f01e-0038-1fd4-7a65c2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89da717d1ed72c4f-FRA
expires
Thu, 04 Jul 2024 22:51:58 GMT
otCommonStyles.css
cdn-ukwest.onetrust.com/scripttemplates/202303.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/202303.1.0/assets/otCommonStyles.css
Requested by
Host: feedback.tu.sainsburys.co.uk
URL: https://feedback.tu.sainsburys.co.uk/scripts/newrelic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 22:51:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
content-md5
XcxlleAcPGO2n5kTZrHH2Q==
x-ms-lease-status
unlocked
last-modified
Tue, 21 Mar 2023 19:31:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
778ff945-a01e-0020-3bd4-7a4857000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
89da717d2ed82c4f-FRA
expires
Thu, 04 Jul 2024 22:51:58 GMT
sainsburys.png
cdn-ukwest.onetrust.com/logos/e1fd2f29-c8cd-4679-82e1-451d39f5ae8a/184ebe95-785b-448f-b0ad-cf0111c54adf/f9890fd2-e906-4e43-932c-73bfb5e23149/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ukwest.onetrust.com/logos/e1fd2f29-c8cd-4679-82e1-451d39f5ae8a/184ebe95-785b-448f-b0ad-cf0111c54adf/f9890fd2-e906-4e43-932c-73bfb5e23149/sainsburys.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9600bb733958bb3f1b0c4e5ae99223bee6999c6c68c491746216bd250fb5dd6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 22:51:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
content-md5
q1HfEDQCfH3wvtEIaMDZ4w==
age
55617
content-length
25651
x-ms-lease-status
unlocked
last-modified
Fri, 13 Nov 2020 10:28:43 GMT
server
cloudflare
etag
0x8D887BEE577C94D
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
90e4e7b6-a01e-006f-30d4-7a8c4f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89da717da8076901-FRA
expires
Thu, 04 Jul 2024 22:51:59 GMT
powered_by_logo.svg
cdn-ukwest.onetrust.com/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ukwest.onetrust.com/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jul 2024 22:51:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
29395
x-ms-lease-status
unlocked
last-modified
Tue, 25 Jun 2024 16:13:55 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0be0ac5f-701e-000f-11b5-c7219f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
89da717da8096901-FRA
expires
Thu, 04 Jul 2024 22:51:59 GMT
d471046ff6
bam.nr-data.net/events/1/ 		24 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/d471046ff6?a=1014583695&sa=1&v=1.248.0&t=Unnamed%20Transaction&rst=996&ck=0&s=cc3ecdbfc29aa17e&ref=https://feedback.tu.sainsburys.co.uk/
Requested by
Host: feedback.tu.sainsburys.co.uk
URL: https://feedback.tu.sainsburys.co.uk/scripts/newrelic.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 03 Jul 2024 22:51:59 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://feedback.tu.sainsburys.co.uk
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-fra-eddf8230057-FRA

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| NREUM object| webpackChunk:NRBA-1.248.0.PROD object| newrelic function| setImmediate function| clearImmediate object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| Optanon object| OneTrust

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src 'self' *.onetrust.com *.newrelic.com *.nr-data.net 'unsafe-inline'; style-src 'self' 'unsafe-inline'; default-src 'self' jsainsbury.fra1.qualtrics.com *.onetrust.com *.newrelic.com *.nr-data.net; connect-src *.onetrust.com *.nr-data.net; frame-src jsainsbury.fra1.qualtrics.com; img-src 'self' *.onetrust.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn-ukwest.onetrust.com
feedback.tu.sainsburys.co.uk
geolocation.onetrust.com
js-agent.newrelic.com
162.247.243.29
2602:816:5001::39
2606:4700:4400::6812:2089
54.192.137.118
022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5
099d33a1d679bcfa3722a172d91742af80d45166f760db1512e4944a9d95bc23
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
18dedaecf34f554de883d56053f5366c068cfb15a858de8a3d31e95d1bb7c251
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
43f9f2dec0c7d7ec2ed0164e09ba6d4d071cd4f3f4afdb21c5e34bd37e7f13de
5893a9144d72794de761c61c1ed74fb96e7d5738dc83120cd8705ed6ca2d8c8d
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
9600bb733958bb3f1b0c4e5ae99223bee6999c6c68c491746216bd250fb5dd6d
b7cc5b844888bd9fc0d2817fdfe6142fa70d17e7ffcb1f7314d9c44e13c1f903
b8a162379bdedd3e6ff904dee693b8134d084dba0c4a1328b76f6f92f32dd392
b8a45bca019af4f22685edecf67a18720a8e04b965b97041fca668275eb77c56
cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4
e6c69d912e0aaa45cd46067a930738bfe04e32bb3e7afffffd12e714bd89a668
e6ec5adfcf97b2d7aef0687394d0481cc7cd7cafea55eed5d5eaa760167ad926
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b