www-qa5.allstateprotectionplans.ca Open in urlscan Pro
23.218.216.212 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www-qa5.allstateprotectionplans.ca/
Submission: On June 30 via api (June 30th 2024, 12:19:34 pm UTC) from US — Scanned from CA

Summary HTTP 98 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 98 HTTP transactions. The main IP is 23.218.216.212, located in Ashburn, United States and belongs to AKAMAI-ASN1, NL. The main domain is www-qa5.allstateprotectionplans.ca.
TLS certificate: Issued by DigiCert EV RSA CA G2 on June 11th 2024. Valid for: a year.

This is the only time www-qa5.allstateprotectionplans.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 87	23.218.216.212 23.218.216.212	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:400d:c02::61	15169 (GOOGLE) (GOOGLE)
2	99.86.191.237 99.86.191.237	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:d642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:400d:c0f::be	15169 (GOOGLE) (GOOGLE)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.81.90.104 35.81.90.104	16509 (AMAZON-02) (AMAZON-02)
98	8

87 23.218.216.212 (Ashburn, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-218-216-212.deploy.static.akamaitechnologies.com

www-qa5.allstateprotectionplans.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c02::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.191.237 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-191-237.iad79.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:d642 (United States)

ASN13335 (CLOUDFLARENET, US)

appreports.report-uri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0f::be (Morganton, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.90.104 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-90-104.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
87	allstateprotectionplans.ca 1 redirects www-qa5.allstateprotectionplans.ca	7 MB
3	report-uri.com appreports.report-uri.com — Cisco Umbrella Rank: 484616	2 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	12 KB
2	segment.com cdn.segment.com — Cisco Umbrella Rank: 1789	29 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1325	187 B
1	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 2181	12 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	107 KB
0	squaretrade.com Failed www.squaretrade.com Failed
98	8

	Domain	Requested by
87	www-qa5.allstateprotectionplans.ca	1 redirects www-qa5.allstateprotectionplans.ca
3	appreports.report-uri.com	www-qa5.allstateprotectionplans.ca cdn.segment.com www.youtube.com
2	www.youtube.com	www-qa5.allstateprotectionplans.ca www.youtube.com
2	cdn.segment.com	www-qa5.allstateprotectionplans.ca cdn.segment.com
1	api.segment.io	cdn.segment.com
1	player.vimeo.com	www-qa5.allstateprotectionplans.ca
1	www.googletagmanager.com	www-qa5.allstateprotectionplans.ca
0	www.squaretrade.com Failed	www-qa5.allstateprotectionplans.ca
98	8

This site contains links to these domains. Also see Links.

Domain
help.squaretrade.com
blog.squaretrade.com

Subject Issuer	Validity	Valid
qa5.squaretrade.com DigiCert EV RSA CA G2	`2024-06-11` - `2025-07-12`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
report-uri.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
player.vimeo.com E1	`2024-05-27` - `2024-08-25`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www-qa5.allstateprotectionplans.ca/
Frame ID: 7DBBD1E7E6DA385F3271B9695DFAC7B2
Requests: 98 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Allstate Protection Plans

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

98
Requests

97 %
HTTPS

43 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

7375 kB
Transfer

9034 kB
Size

7
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://help.squaretrade.com/help
Title: FAQs page

Search URL Search Domain Scan URL

URL: https://blog.squaretrade.com/
Title: Visit blog

Search URL Search Domain Scan URL

URL: https://blog.squaretrade.com/our-most-expensive-breakability-test-ever/

Search URL Search Domain Scan URL

URL: https://blog.squaretrade.com/8-pieces-of-sustainable-technology-to-add-to-your-home/

Search URL Search Domain Scan URL

URL: https://blog.squaretrade.com/5-home-appliance-energy-saving-tips-tricks/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://www-qa5.allstateprotectionplans.ca/sitewide_alert/load HTTP 301
https://www-qa5.allstateprotectionplans.ca/sitewide_alert/load/

98 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www-qa5.allstateprotectionplans.ca/ 153 KB
19 KB 1173ms
701ms Document
text/html 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5a3fbda1db50a5a1bb8f606ca138eb4bfb70a99862482ae3ecbd9316e50a48d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 16940
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: text/html
date: Sun, 30 Jun 2024 12:19:27 GMT
etag: "25e8e-60f9b99585852-gzip"
last-modified: Tue, 23 Jan 2024 11:53:47 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

GET BogleWeb-Regular.eot
www.squaretrade.com/img/walmart/ 0
0

GET BogleWeb-Bold.eot
www.squaretrade.com/img/walmart/ 0
0

GET
H2 200 css_VMaW74Iy7DLWI92lqJFcHRqn71_62B3NPT7HviNh04I.css
www-qa5.allstateprotectionplans.ca/sites/default/files/css/ 691 KB
67 KB 102ms
102ms Stylesheet
text/css 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/css/css_VMaW74Iy7DLWI92lqJFcHRqn71_62B3NPT7HviNh04I.css

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

54c696ef8232ec32d623dda5a8915c1d1aa7ef5ffad81dcd3d3ec7be2361d382

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 30 Jun 2024 12:19:27 GMT
last-modified: Tue, 23 Jan 2024 11:53:34 GMT
server: nginx
akamai-cache-status: Miss from child, Hit from parent
etag: "aca11-60f9b988faaa3-gzip"
vary: Accept-Encoding
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: text/css
accept-ranges: bytes
content-length: 66538

GET
H2 200 css_fn8lL-x66BxrfzEl2SG-oiPN53rgBR_vHv2YOO0AJOE.css
www-qa5.allstateprotectionplans.ca/sites/default/files/css/ 216 KB
25 KB 175ms
174ms Stylesheet
text/css 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/css/css_fn8lL-x66BxrfzEl2SG-oiPN53rgBR_vHv2YOO0AJOE.css

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7e7f252fec7ae81c6b7f3125d921bea223cde77ae0051fef1efd9838ed0024e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 30 Jun 2024 12:19:27 GMT
last-modified: Tue, 23 Jan 2024 11:53:50 GMT
server: nginx
akamai-cache-status: Miss from child, Miss from parent
etag: "35e0a-60f9b99817c03-gzip"
vary: Accept-Encoding
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: text/css
accept-ranges: bytes
content-length: 24055

GET
H2 200 APP_ServicedST_Logo_Lockup_Blue.svg
www-qa5.allstateprotectionplans.ca/sites/default/files/ 18 KB
20 KB 450ms
449ms Image
image/svg+xml 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/APP_ServicedST_Logo_Lockup_Blue.svg

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

63c2dcc48695efc436c090ef3975d36611e64a9330d500c3a77c522f0317018b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 11:53:31 GMT
server: nginx
etag: "4671-60f9b986703e5"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/svg+xml
accept-ranges: bytes
content-length: 18033

GET
H2 200 APP_ServicedST_Logo_Lockup_White.svg
www-qa5.allstateprotectionplans.ca/sites/default/files/ 18 KB
20 KB 508ms
507ms Image
image/svg+xml 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/APP_ServicedST_Logo_Lockup_White.svg

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

031be6ef2d07b7e77cd2c0d2da8731fa3ba25713e74167c14a220047c237d9fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 11:53:47 GMT
server: nginx
etag: "466e-60f9b995b947b"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/svg+xml
accept-ranges: bytes
content-length: 18030

GET
H2 200 homepage-hero-2-two-girls-yellow-couch.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-03/ 36 KB
38 KB 153ms
152ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-03/homepage-hero-2-two-girls-yellow-couch.jpg?itok=IvUgLnCA

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

10afe719b526400a20da4b381115b1392524975e74dfbd75d7a3ed18e661864d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Miss from parent
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "8ee6-60f9b99924510"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 36582

GET
H2 200 homepage-hero-3-asian-woman-phone-garden-patio_1.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-03/ 29 KB
31 KB 144ms
130ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-03/homepage-hero-3-asian-woman-phone-garden-patio_1.jpg?itok=e2QNSgNj

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

be17ab2cf61c3e20c1c7f6c327c3892ae83ebc46a09056b37d406f8c62bb8920

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Miss from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "7540-60f9b98a0e118"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 30016

GET
H2 200 mobile-homepage-hero-4-man-table-red-phone-laptop.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/ 26 KB
28 KB 194ms
180ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/mobile-homepage-hero-4-man-table-red-phone-laptop.jpg?itok=cnNH00J2

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

fbbd330c650e5976acb7e3a76e13621baa138a697793155d8f8d954079e97ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "6704-60f9b98a12f39"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 26372

GET
H2 200 mobile-homepage-hero-5-family-mom-selfie-three-kids.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/ 39 KB
41 KB 163ms
149ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/mobile-homepage-hero-5-family-mom-selfie-three-kids.jpg?itok=wTFcgQJ-

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b2db547289cfe297b0d9000c8812729dfd2e6448765e8a74549d48be51a20164

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Miss from parent
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "9be1-60f9b9992a2d1"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 39905

GET
H2 200 D-4_0.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/ 27 KB
29 KB 227ms
213ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/D-4_0.jpg?itok=Rst9DA5E

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

61c831554d9839618fa2e0ba2a9a5c771fde1685e8be1f06d1ef8218f794e8d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Miss from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "6b17-60f9b98a12f39"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 27415

GET
H2 200 mobile-homepage-hero-1-two-girls-bikes.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/ 61 KB
63 KB 227ms
213ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/mobile-homepage-hero-1-two-girls-bikes.jpg?itok=qiHrEOg9

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

9b21c32ae961a9c0e3832b2a18031d36a5a45361c0e37577240d7bde003729a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Miss from parent
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "f2aa-60f9b99929331"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 62122

GET
H2 200 homepage-hero-1-two-girls-bikes_1.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-03/ 61 KB
63 KB 174ms
160ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-03/homepage-hero-1-two-girls-bikes_1.jpg?itok=CwPN0WSE

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a6c9222b4daf9905b6af12f0ba118de6f129bac4dae7483188f9efbf75e5573f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "f2ab-60f9b99924510"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 62123

GET
H2 200 homepage-hero-5-family-mom-selfie-three-kids_0.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-03/ 35 KB
37 KB 167ms
152ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-03/homepage-hero-5-family-mom-selfie-three-kids_0.jpg?itok=-mR0MhJ0

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3dba5b2a0381da1740f72b7a9a5582f4a3ab0d711c68d6002b04b97f13c0b87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "8c66-60f9b99924510"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 35942

GET
H2 200 homepage-woman-office-chair.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-05/ 55 KB
57 KB 155ms
141ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-05/homepage-woman-office-chair.jpg?itok=gp7BUFPh

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b22318428ed62b70d02c554537ff25e45746467278b41727d4b64c4f17fad455

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "da17-60f9b9992b272"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 55831

GET
H2 200 homepage-father-daughter-laundry-2x.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-05/ 44 KB
46 KB 174ms
159ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-05/homepage-father-daughter-laundry-2x.jpg?itok=CFO02o0n

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

349961136fe2d79fe38245fa54679778c733b1459d7ac4ddde69b8fc8709acc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "b0a2-60f9b9992a2d1"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 45218

GET
H2 200 1A-Test.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/ 52 KB
54 KB 215ms
201ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/1A-Test.jpg?itok=vtPPHB0A

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

fc1546183f22d572e0e3348a2cdb3eafd84d43bd9a090cc043a2fe5f4d2f0688

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Miss from parent
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "cfb4-60f9b999254b1"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 53172

GET
H2 200 1B-Test.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/ 52 KB
54 KB 193ms
179ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/1B-Test.jpg?itok=FQwJlbl-

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

c8eda7e630f5a7378b2d15a5e8a144b5995df4aed3800e75d9b9f79e07b046dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "d01e-60f9b98a0f0b8"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 53278

GET
H2 200 666x592%20-%20couch.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-03/ 45 KB
47 KB 174ms
160ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-03/666x592%20-%20couch.jpg?itok=jABjHPpt

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

bb323f4c9f2974dc470c62ea4a5fd862083f25565a338145cced8530b4f97610

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "b249-60f9b999225d0"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 45641

GET
H2 200 B-2.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/ 58 KB
60 KB 164ms
150ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/B-2.jpg?itok=oI6ymEPi

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1a687512b606e1787ee6b13ad230e084497b8735f65bb5b29410b5f422ab9c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "e659-60f9b98a10ff8"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 58969

GET
H2 200 2A-Test.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/ 55 KB
57 KB 166ms
153ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/2A-Test.jpg?itok=_JtdxtRi

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3d27d1766aa9c1629c58bc22128e3373e614e21219815757bc840808fbfed498

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "ddb3-60f9b99926451"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 56755

GET
H2 200 2B-Test.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/ 28 KB
30 KB 169ms
156ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/2B-Test.jpg?itok=wtOXB_oi

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

48db9a03a7fc6e2a6f969af6b64b5805d0e1b459aafb75100e93518ce8baf877

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "7113-60f9b98a10058"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 28947

GET
H2 200 C-2.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/ 34 KB
36 KB 206ms
193ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/C-2.jpg?itok=yKEu5Vwc

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

822d227c2e4ea45ebb8bcfb1ebbb312b5f3964b144aec5989d06d2ef5256a52d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "8843-60f9b99928391"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 34883

GET
H2 200 man-sitting-at-desk-with-laptop.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-05/ 36 KB
38 KB 229ms
217ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-05/man-sitting-at-desk-with-laptop.jpg?itok=Tx3Tep0K

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b1c3741fdb8ae39b557ed672e71e6c739ae3a8696262d6eedb187e25b2ab8cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Miss from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "90ef-60f9b98a14e79"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 37103

GET
H2 200 3B-Test.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/ 51 KB
53 KB 238ms
226ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/3B-Test.jpg?itok=YtLhMhZE

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b96e9c5fa8039790cc463f21fb08804628a16016080f37ef7938aa82975c5650

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Miss from parent
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "cb4b-60f9b999273f1"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 52043

GET
H2 200 3C-Test.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/ 33 KB
35 KB 206ms
194ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/3C-Test.jpg?itok=128ykk18

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

8ec091e770421d55badef1e8334eb26eccd42d0bc38d2fdaf8ec1adb5d1183b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "84b5-60f9b98a10058"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 33973

GET
H2 200 D-1_0.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/ 34 KB
36 KB 176ms
164ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/D-1_0.jpg?itok=VrEKTc2Z

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e60aef2f8fec2c6016dda314fd8882726baad301eb148d931c4d9e275ebe73c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "87a9-60f9b99928391"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 34729

GET
H2 200 homepage-woman-lying-on-floor-listening-to-music-with-cat%20%281%29.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-05/ 47 KB
49 KB 219ms
207ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-05/homepage-woman-lying-on-floor-listening-to-music-with-cat%20%281%29.jpg?itok=3I0V9hVr

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b438d244ae8cec8f4b0db4824647fcc6ebe44848e33e853911581fe3be0ec3f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "bb2e-60f9b98a13ed9"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 47918

GET
H2 200 D-3.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/ 60 KB
62 KB 209ms
197ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/D-3.jpg?itok=ZHG_FjqA

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

889933adc6c21cd42324a07940e5e52190f5958758f721452e33fc169f5dd45e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Miss from parent
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "f159-60f9b99929331"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 61785

GET
H2 200 D-4.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/ 27 KB
29 KB 208ms
197ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/D-4.jpg?itok=fQ0O0wn0

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

61c831554d9839618fa2e0ba2a9a5c771fde1685e8be1f06d1ef8218f794e8d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "6b17-60f9b98a11f99"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 27415

GET
H2 200 man-patio-table.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-05/ 47 KB
49 KB 219ms
208ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-05/man-patio-table.jpg?itok=NJ7UnN56

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

967147c45f7fbf1bcf00073a52a06619de646f9acb26b0e222746a196fe92904

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "bd6f-60f9b9992b272"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 48495

GET
H2 200 4B-Test.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/ 56 KB
58 KB 167ms
157ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/666xauto/public/2022-04/4B-Test.jpg?itok=KD0rCn5S

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a256a737b4653ca573fff42227a0870c329daa3f1e7506414f24ff7e4e3ab710

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "dedf-60f9b98a10ff8"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 57055

GET
H2 200 Icon-Plan_Holders_LightBlue_LeftAlign.svg
www-qa5.allstateprotectionplans.ca/sites/default/files/2022-03/ 793 B
3 KB 465ms
455ms Image
image/svg+xml 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/2022-03/Icon-Plan_Holders_LightBlue_LeftAlign.svg

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

46677f03659cbe68d03478f04efb474253c451aa5576183ac63404f08823e2d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 11:53:47 GMT
server: nginx
etag: "319-60f9b995df5e2"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/svg+xml
accept-ranges: bytes
content-length: 793

GET
H2 200 Icon-Partnerships_LightBlue.svg
www-qa5.allstateprotectionplans.ca/sites/default/files/2022-03/ 2 KB
4 KB 471ms
461ms Image
image/svg+xml 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/2022-03/Icon-Partnerships_LightBlue.svg

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a354b80e2cbeb24dbd521e9dc0ec0a33c2ad9e05046d32181c87246d17e11a36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 11:53:31 GMT
server: nginx
etag: "753-60f9b9869942d"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1875

GET
H2 200 Icon-Suppliers_LightBlue_0.svg
www-qa5.allstateprotectionplans.ca/sites/default/files/2022-03/ 860 B
3 KB 329ms
320ms Image
image/svg+xml 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/2022-03/Icon-Suppliers_LightBlue_0.svg

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b111a780858b79cc57be408c1c9d7e9e2e6c47955065e897bfd97211af933924

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 11:53:47 GMT
server: nginx
etag: "35c-60f9b995df5e2"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/svg+xml
accept-ranges: bytes
content-length: 860

GET
H2 200 Icon-Buy_Protection_LightBlue_LeftAlign_0.svg
www-qa5.allstateprotectionplans.ca/sites/default/files/2022-03/ 626 B
3 KB 451ms
442ms Image
image/svg+xml 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/2022-03/Icon-Buy_Protection_LightBlue_LeftAlign_0.svg

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

2a93f7d21a6d59c03a9035a0682cf085dfc975c3d643b46c4d379cd0c3bdd9cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 11:53:31 GMT
server: nginx
etag: "272-60f9b9869848c"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/svg+xml
accept-ranges: bytes
content-length: 626

GET
H2 200 10-years-A.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/783xauto/public/2022-04/ 31 KB
33 KB 192ms
183ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/783xauto/public/2022-04/10-years-A.jpg?itok=DB4Az5ef

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e5b34426f3415182535d02de0014560b688201c99997a761b51bcf4132302090

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "7c2f-60f9b98a4c924"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 31791

GET
H2 200 10-years-B.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/783xauto/public/2022-04/ 68 KB
70 KB 203ms
194ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/783xauto/public/2022-04/10-years-B.jpg?itok=ixZ8S3eM

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

243c88805580eeb633641990c8469243047cc052c77a7a3721b6a8e40dd99e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Miss from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "111e2-60f9b98a4c924"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 70114

GET
H2 200 10-years-C.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/783xauto/public/2022-04/ 27 KB
29 KB 243ms
234ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/783xauto/public/2022-04/10-years-C.jpg?itok=LA1YWezD

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

8c178b8fef2affd84e342b91aa45d1fa0bd72e233dfe748f7610cd58df8db0d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "6d99-60f9b99960ddb"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 28057

GET
H2 200 1-award-winning.png
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/1410xauto/public/2022-05/ 1001 KB
1003 KB 192ms
184ms Image
image/png 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/1410xauto/public/2022-05/1-award-winning.png?itok=ElkhCLci

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3b226abbc78367241818f3cc8e203d9d9b26163204cbbdf05a551d47cb0deb85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:34 GMT
server: nginx
etag: "fa370-60f9b9897c8dc"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/png
accept-ranges: bytes
content-length: 1024880

GET
H2 200 2-fav-place-to-shop.png
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/1410xauto/public/2022-05/ 1 MB
1 MB 249ms
241ms Image
image/png 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/1410xauto/public/2022-05/2-fav-place-to-shop.png?itok=Y5JzBIeb

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

4899f398b2284ddb9df58d61d6274b3ec8b481cc707b40e636bec9e125c243bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Miss from parent
last-modified: Tue, 23 Jan 2024 11:53:34 GMT
server: nginx
etag: "158c2c-60f9b9898845e"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/png
accept-ranges: bytes
content-length: 1412140

GET
H2 200 3-in-good-hands.png
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/1410xauto/public/2022-05/ 747 KB
749 KB 193ms
186ms Image
image/png 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/1410xauto/public/2022-05/3-in-good-hands.png?itok=nvHopu-G

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

da0976769219baa66d630fb8853933abf3d24aaedcb7d21fcb18daa51dfbbfae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:34 GMT
server: nginx
etag: "bac5e-60f9b9898f1bf"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/png
accept-ranges: bytes
content-length: 765022

GET
H2 200 homepage-rtb-4-laptop-woman-with-rings-typing.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/752xauto/public/2022-03/ 73 KB
75 KB 251ms
243ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/752xauto/public/2022-03/homepage-rtb-4-laptop-woman-with-rings-typing.jpg?itok=1pdn5T2o

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

81c43faac4852a5ce07c8e6bd0fb65b1f649b4adb623fd94c479fa1de7467ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Miss from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "123b1-60f9b98a4b984"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 74673

GET
H2 200 homepage-rtb-5-kitchen-microwave-shelves_1.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/752xauto/public/2022-03/ 72 KB
74 KB 365ms
358ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/752xauto/public/2022-03/homepage-rtb-5-kitchen-microwave-shelves_1.jpg?itok=oix9oFRR

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f63e3985878b7fb6b5d4a78e2bb342119bfc8fba86a9c93bafb40b3b83b39876

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "11ee9-60f9b9995fe3b"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 73449

GET
H2 200 Breakability%20V2.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/824xauto/public/2023-10/ 31 KB
33 KB 193ms
186ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/824xauto/public/2023-10/Breakability%20V2.jpg?itok=netXqb70

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

489b85cccc7e0f99702bc13dd1307a1c59b39c9b9cd1078d4a5d7024730b61c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "7d3f-60f9b9996b9bd"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 32063

GET
H2 200 Sustainable%20Tech.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/824xauto/public/2023-10/ 44 KB
46 KB 367ms
361ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/824xauto/public/2023-10/Sustainable%20Tech.jpg?itok=G0eviQTq

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

24c60184357ec540e8f4aa91987fe44da3276dfc16f4eb4872b781511b254ba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "afe5-60f9b98a59446"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 45029

GET
H2 200 Home%20Appliance%20Saving.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/824xauto/public/2023-10/ 41 KB
43 KB 368ms
361ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/824xauto/public/2023-10/Home%20Appliance%20Saving.jpg?itok=VXziAzrg

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7b8147d79a6afe689660725efec3df9445397f66b843142690e7048ca7ca8352

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "a367-60f9b9996c95d"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 41831

GET
H2 200 js_jyeIV6UmzXusHL1vtgJLxI9JbL-fRlEYhj5xHOS7N24.js Show response
www-qa5.allstateprotectionplans.ca/sites/default/files/js/ 432 KB
136 KB 140ms
140ms Script
application/javascript 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/js/js_jyeIV6UmzXusHL1vtgJLxI9JbL-fRlEYhj5xHOS7N24.js

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

8f278857a526cd7bac1cbd6fb6024bc48f496cbf9f465118863e711ce4bb376e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 30 Jun 2024 12:19:28 GMT
last-modified: Tue, 23 Jan 2024 11:53:34 GMT
server: nginx
akamai-cache-status: Miss from child, Hit from parent
etag: "6c00b-60f9b9890b446-gzip"
vary: Accept-Encoding
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: application/javascript
accept-ranges: bytes
content-length: 137375

GET
H2 200 gtag.js Show response
www-qa5.allstateprotectionplans.ca/modules/contrib/google_tag/js/ 944 B
2 KB 124ms
109ms Script
application/javascript 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www-qa5.allstateprotectionplans.ca/modules/contrib/google_tag/js/gtag.js?s7b41k

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

315ca72ab48ac5d6ce2a22a316e0f872c3791e53af658f250d9f3dcca9badaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 30 Jun 2024 12:19:28 GMT
last-modified: Tue, 23 Jan 2024 11:53:47 GMT
server: nginx
akamai-cache-status: Miss from child, Hit from parent
etag: "3b0-60f9b9959cf56-gzip"
vary: Accept-Encoding
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: application/javascript
accept-ranges: bytes
content-length: 455

GET
H2 200 js_pbt8IiB-poqESRlED5COB0J81iretL3oAvdD_F01Rvk.js Show response
www-qa5.allstateprotectionplans.ca/sites/default/files/js/ 187 KB
47 KB 125ms
110ms Script
application/javascript 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/js/js_pbt8IiB-poqESRlED5COB0J81iretL3oAvdD_F01Rvk.js

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a5bb7c22207ea68a844919440f908e07427cd62adeb4bde802f743fc5d3546f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 30 Jun 2024 12:19:28 GMT
last-modified: Tue, 23 Jan 2024 11:53:34 GMT
server: nginx
akamai-cache-status: Miss from child, Hit from parent
etag: "2ec58-60f9b989140e7-gzip"
vary: Accept-Encoding
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: application/javascript
accept-ranges: bytes
content-length: 45680

GET
H2 404 st_tag_components.js
www-qa5.allstateprotectionplans.ca/javascript/common/st/components/ 0
0 225ms
210ms Script
text/html 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www-qa5.allstateprotectionplans.ca/javascript/common/st/components/st_tag_components.js

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Miss from parent
server: nginx
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: text/html; charset=iso-8859-1
content-length: 196

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 423 KB
107 KB 594ms
174ms Script
application/javascript 2607:f8b0:400d:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWGS739

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf6ca537e25ac5babf82854ad90aa91597a4c4878e05471e0407b7010e100d67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 12:19:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109668
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 30 Jun 2024 12:19:28 GMT

GET
H2 200 0e3b98936d98e4ad6ca3.svg
www-qa5.allstateprotectionplans.ca/themes/custom/squaretrade/dist/ 56 KB
58 KB 517ms
517ms Image
image/svg+xml 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/themes/custom/squaretrade/dist/0e3b98936d98e4ad6ca3.svg

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/sites/default/files/css/css_fn8lL-x66BxrfzEl2SG-oiPN53rgBR_vHv2YOO0AJOE.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

0cc99b650731cad969104011dd3ec9216725933db3bc2604ab2b12bf1965f6f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/sites/default/files/css/css_fn8lL-x66BxrfzEl2SG-oiPN53rgBR_vHv2YOO0AJOE.css
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "e00f-60f9b9999b765"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/svg+xml
accept-ranges: bytes
content-length: 57359

GET
H2 200 cb75c2aa3d62de26cc1e.woff2
www-qa5.allstateprotectionplans.ca/themes/custom/squaretrade/dist/ 22 KB
24 KB 517ms
516ms Font
font/woff2 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www-qa5.allstateprotectionplans.ca/themes/custom/squaretrade/dist/cb75c2aa3d62de26cc1e.woff2

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/sites/default/files/css/css_fn8lL-x66BxrfzEl2SG-oiPN53rgBR_vHv2YOO0AJOE.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

78b69993f72e63f38a46bf6317dd2e266e62d01f6c0a1ddb7b52a74bedc2fe9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/sites/default/files/css/css_fn8lL-x66BxrfzEl2SG-oiPN53rgBR_vHv2YOO0AJOE.css
Origin: https://www-qa5.allstateprotectionplans.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "58e4-60f9b98a94d72"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: font/woff2
accept-ranges: bytes
content-length: 22756

GET
H2 200 5e99ffef112d89c9cacf.woff2
www-qa5.allstateprotectionplans.ca/themes/custom/squaretrade/dist/ 23 KB
25 KB 486ms
485ms Font
font/woff2 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www-qa5.allstateprotectionplans.ca/themes/custom/squaretrade/dist/5e99ffef112d89c9cacf.woff2

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/sites/default/files/css/css_fn8lL-x66BxrfzEl2SG-oiPN53rgBR_vHv2YOO0AJOE.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ba988c07bdd8034f558a97713c0f9b0910387cfb6d9fa68a8525768721384265

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/sites/default/files/css/css_fn8lL-x66BxrfzEl2SG-oiPN53rgBR_vHv2YOO0AJOE.css
Origin: https://www-qa5.allstateprotectionplans.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "5ac4-60f9b999a1526"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: font/woff2
accept-ranges: bytes
content-length: 23236

GET
H2 200 icomoon_0.woff
www-qa5.allstateprotectionplans.ca/sites/default/files/cohesion/ 10 KB
12 KB 423ms
422ms Font
font/woff 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/cohesion/icomoon_0.woff

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/sites/default/files/css/css_VMaW74Iy7DLWI92lqJFcHRqn71_62B3NPT7HviNh04I.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7c708a7805d7830c48720a320e6921bea66b97ad6366e5c14a618fb7ff1edb0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/sites/default/files/css/css_VMaW74Iy7DLWI92lqJFcHRqn71_62B3NPT7HviNh04I.css
Origin: https://www-qa5.allstateprotectionplans.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 11:53:49 GMT
server: nginx
etag: "2800-60f9b99811e42"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: font/woff
accept-ranges: bytes
content-length: 10240

GET
H2 200 bb6f9880646408f22516.woff2
www-qa5.allstateprotectionplans.ca/themes/custom/squaretrade/dist/ 24 KB
26 KB 497ms
497ms Font
font/woff2 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www-qa5.allstateprotectionplans.ca/themes/custom/squaretrade/dist/bb6f9880646408f22516.woff2

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/sites/default/files/css/css_fn8lL-x66BxrfzEl2SG-oiPN53rgBR_vHv2YOO0AJOE.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

df19c535191fb16a90dffd1f5b1576c0b1689b5de6c33f78c92bfe6513be12d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/sites/default/files/css/css_fn8lL-x66BxrfzEl2SG-oiPN53rgBR_vHv2YOO0AJOE.css
Origin: https://www-qa5.allstateprotectionplans.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "6088-60f9b98a94d72"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: font/woff2
accept-ranges: bytes
content-length: 24712

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/1xPBHMzQ7ugO9dw0iLMH7TkJQA4yhb71/ 103 KB
28 KB 470ms
122ms Script
text/javascript 99.86.191.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/1xPBHMzQ7ugO9dw0iLMH7TkJQA4yhb71/analytics.min.js
Requested by: Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/sites/default/files/js/js_jyeIV6UmzXusHL1vtgJLxI9JbL-fRlEYhj5xHOS7N24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-191-237.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1593a850fcc7233fcc99c25144023a58b4888eb627cd460354ee1fbde3bc1486

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 12:18:53 GMT
x-amz-version-id: fMR3NNjJGRX69gOZSKwj8MbnSHSOnxCW
content-encoding: br
via: 1.1 75bba5dfd2aa92cc6ca63ecca3b5248c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C3
age: 36
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 29 May 2024 00:41:02 GMT
server: AmazonS3
etag: W/"4bb94cb46848b769909185a437f336ef"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: 0cj3vvupqfYPW8S1Pd-kNKEir-lZrCvc27CdvEGTkjaBpwCkikXzKw==

POST
H3 429 wizard
appreports.report-uri.com/r/t/csp/ 11 B
586 B 422ms
105ms Other
text/plain 2606:4700::6811:d642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://appreports.report-uri.com/r/t/csp/wizard

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/sites/default/files/js/js_jyeIV6UmzXusHL1vtgJLxI9JbL-fRlEYhj5xHOS7N24.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 30 Jun 2024 12:19:29 GMT
strict-transport-security: max-age=63113904; includeSubDomains; preload
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain
cf-ray: 89be1ada4bf5a240-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 11

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 729ms
165ms Script
text/javascript 2607:f8b0:400d:c0f::be
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/sites/default/files/js/js_jyeIV6UmzXusHL1vtgJLxI9JbL-fRlEYhj5xHOS7N24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::be Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c65557eff0e987d48ba6d7716ff7f24f79885fbfaaadb0f2a5425eb76a1afe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 12:19:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 30 Jun 2024 12:19:29 GMT

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 37 KB
12 KB 400ms
112ms Script
application/javascript 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/sites/default/files/js/js_jyeIV6UmzXusHL1vtgJLxI9JbL-fRlEYhj5xHOS7N24.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b26ea722a2121ee02d8ca9c23460c5ff6cb75f840ff9e0c1ee79ecaedc7ad8f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sun, 30 Jun 2024 08:20:29 GMT
Date: Sun, 30 Jun 2024 12:19:29 GMT
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
via: 1.1 varnish
Age: 1740
x-cache: HIT
Connection: keep-alive
x-backend-server: player-backend-edge-entry
Content-Length: 11390
x-served-by: cache-yyz4555-YYZ
x-player-backend: g
Server: cloudflare
x-timer: S1719749969.018455,VS0,VE0
vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
access-control-allow-origin: *
Cache-Control: max-age=1800
x-bapp-server
accept-ranges: bytes
CF-RAY: 89be1ada4f0f39c6-YYZ
x-cache-hits: 137

GET
H2

200

/ Show response
www-qa5.allstateprotectionplans.ca/sitewide_alert/load/
Redirect Chain

https://www-qa5.allstateprotectionplans.ca/sitewide_alert/load
https://www-qa5.allstateprotectionplans.ca/sitewide_alert/load/

21 B
2 KB

292ms
291ms

Fetch
text/html

23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www-qa5.allstateprotectionplans.ca/sitewide_alert/load/

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

884be02526ba926246005e45c6fd619fb4e0b53265d5d82db187a35a98690d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www-qa5.allstateprotectionplans.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
etag: "15-60f9b9997f240"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: text/html
accept-ranges: bytes
content-length: 21

Redirect headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
server: nginx
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: text/html; charset=iso-8859-1
location: https://www-qa5.allstateprotectionplans.ca/sitewide_alert/load/
content-length: 271

GET
H2 200 homepage-hero-2-two-girls-yellow-couch.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-03/ 6 KB
8 KB 136ms
126ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-03/homepage-hero-2-two-girls-yellow-couch.jpg?itok=d-AGajw-

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

593352afbe7017e193a89cc1af37ea0cc1fc34476cb8c71f2a3900c47986a1d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Miss from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "1991-60f9b989d184c"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 6545

GET
H2 200 homepage-hero-3-asian-woman-phone-garden-patio_1.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-03/ 6 KB
8 KB 125ms
116ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-03/homepage-hero-3-asian-woman-phone-garden-patio_1.jpg?itok=xXDIU58K

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

952c955d7ffa26b17ca424f29b89a2ef9f5df06135b679a031b578994b7fedaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "16fe-60f9b989d27ec"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 5886

GET
H2 200 mobile-homepage-hero-4-man-table-red-phone-laptop.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/ 6 KB
8 KB 115ms
105ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/mobile-homepage-hero-4-man-table-red-phone-laptop.jpg?itok=De6Z5EGD

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

39770659b4ed3e1db5d4dd931d9c3b7437eafaccb6640ae937a679b14f3ad51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "16a6-60f9b989d378c"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 5798

GET
H2 200 mobile-homepage-hero-5-family-mom-selfie-three-kids.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/ 8 KB
10 KB 127ms
118ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/mobile-homepage-hero-5-family-mom-selfie-three-kids.jpg?itok=PDBOr6BM

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1575c4eae3d15dd53ea8f59e5e8697212f9359065e2952658b1c1b2cb6635552

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Miss from parent
last-modified: Tue, 23 Jan 2024 11:53:50 GMT
server: nginx
etag: "1f7a-60f9b998eca67"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 8058

GET
H2 200 D-4_0.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/ 5 KB
7 KB 113ms
104ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/D-4_0.jpg?itok=iTlY1oIC

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

fe8c07160383565dc686caf8e44ff5a535e7a2d5e6f7cf10272700ad87e40167

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "15e0-60f9b989d27ec"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 5600

GET
H2 200 mobile-homepage-hero-1-two-girls-bikes.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/ 11 KB
13 KB 131ms
122ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/mobile-homepage-hero-1-two-girls-bikes.jpg?itok=u9tn1lAu

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

fa748349ae3e5de690c2df4d069c0ce43b41416e522c2f29cd7ecde99e126320

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:50 GMT
server: nginx
etag: "2b29-60f9b998ebac7"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 11049

GET
H2 200 homepage-hero-1-two-girls-bikes_1.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-03/ 11 KB
13 KB 120ms
111ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-03/homepage-hero-1-two-girls-bikes_1.jpg?itok=bkwq2BbC

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b37714c4a34f0ced9f3dc04e1916236e67fe7ae18075f9363152b612dfc568e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:50 GMT
server: nginx
etag: "2b29-60f9b998eab27"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 11049

GET
H2 200 homepage-hero-5-family-mom-selfie-three-kids_0.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-03/ 7 KB
9 KB 219ms
210ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-03/homepage-hero-5-family-mom-selfie-three-kids_0.jpg?itok=CfFcoTjU

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5c2ebb2b187936e949da1f2b631f7181a3dd6f34b12f4851f7e65fe2d42f611e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Miss from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "1be9-60f9b989d27ec"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 7145

GET
H2 200 homepage-woman-office-chair.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-05/ 9 KB
11 KB 138ms
130ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-05/homepage-woman-office-chair.jpg?itok=fj-To8wa

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

9eff8d497e26d486fc9b56a9f19ef64676cd8986dc3173c13f4bef3de47a6df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "2457-60f9b989d378c"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 9303

GET
H2 200 homepage-father-daughter-laundry-2x.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-05/ 9 KB
11 KB 120ms
112ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-05/homepage-father-daughter-laundry-2x.jpg?itok=O_v_hcpy

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

0b21d1f4a0ed343496ef516200a20b4f65e791db0ed19df89a00e04c80bab6d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:50 GMT
server: nginx
etag: "234f-60f9b998eca67"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 9039

GET
H2 200 1A-Test.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/ 10 KB
12 KB 126ms
118ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/1A-Test.jpg?itok=CEbmsTXO

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b76957def02b7709983c05da36e74fa8f1b7f7abc026dd918da5691d2851737b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:50 GMT
server: nginx
etag: "27a7-60f9b998ebac7"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 10151

GET
H2 200 1B-Test.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/ 10 KB
12 KB 209ms
202ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/1B-Test.jpg?itok=GFdxnoab

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ac697b70a388403d2a47a46d7c13aa7e1141e555e4894d6a9760353121bddae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "2733-60f9b989d27ec"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 10035

GET
H2 200 666x592%20-%20couch.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-03/ 8 KB
9 KB 197ms
189ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-03/666x592%20-%20couch.jpg?itok=mhHsSymS

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

be4848d7d4af5cd1359922f6a0940d482da79f55d747beb3245e67f6eb1c75d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:50 GMT
server: nginx
etag: "1e2a-60f9b998eab27"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 7722

GET
H2 200 B-2.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/ 11 KB
13 KB 117ms
109ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/B-2.jpg?itok=lnZ3g6gu

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

aa7d40b3e0a6c410959f0f4c7fbfc5da3bfa0022ef5d2beed4d7b87116435445

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:50 GMT
server: nginx
etag: "2b2f-60f9b998ebac7"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 11055

GET
H2 200 2A-Test.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/ 9 KB
11 KB 149ms
142ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/2A-Test.jpg?itok=XWSqb7XY

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a9e27d135618be8ed245607a3568202b5daac955c7120fb8c5d7676d24b18ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Miss from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "2552-60f9b989d27ec"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 9554

GET
H2 200 2B-Test.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/ 6 KB
8 KB 138ms
131ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/2B-Test.jpg?itok=5BVZ7nA5

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

330d589936cee2159aa34a0672694d369fefeecb06e8c986bb1c87d42dd34f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:50 GMT
server: nginx
etag: "182c-60f9b998ebac7"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 6188

GET
H2 200 C-2.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/ 6 KB
8 KB 140ms
133ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/C-2.jpg?itok=2Htub2RH

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

8e4588cd7646c6de1238096069c37e665130a1674f17667b14ce91b79ad7787f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Miss from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "1964-60f9b989d27ec"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 6500

GET
H2 200 man-sitting-at-desk-with-laptop.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-05/ 7 KB
9 KB 135ms
129ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-05/man-sitting-at-desk-with-laptop.jpg?itok=6JCgiBYy

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

89f9c9b7d86b31338863289db4a374c541815ea202541ee52f5259fb2163e818

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "1d43-60f9b989d378c"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 7491

GET
H2 200 3B-Test.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/ 8 KB
10 KB 138ms
132ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/3B-Test.jpg?itok=hWjoq4F6

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ffb8596a4ad98f9898b697fb1fdd36996add02bffa98475b78fbe42d4361c2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:50 GMT
server: nginx
etag: "2119-60f9b998ebac7"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 8473

GET
H2 200 3C-Test.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/ 6 KB
8 KB 112ms
106ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/3C-Test.jpg?itok=5hFFmByn

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

da1dd12274d0896a8ddf1e0fff4a8a4912eb2ee85e1fe8893a804ce0a69a66c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:50 GMT
server: nginx
etag: "1937-60f9b998ebac7"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 6455

GET
H2 200 D-1_0.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/ 7 KB
9 KB 145ms
140ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/D-1_0.jpg?itok=cWEKZTVT

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

35fbe30bdfa501461b3a256ad032166f2eea26f07f6ea69dd28c13c69257f31a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "1cea-60f9b989d27ec"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 7402

GET
H2 200 homepage-woman-lying-on-floor-listening-to-music-with-cat%20%281%29.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-05/ 8 KB
10 KB 113ms
107ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-05/homepage-woman-lying-on-floor-listening-to-music-with-cat%20%281%29.jpg?itok=WBh6UB99

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

654e15aeb144ef22330d986a3a3b718cb8046fab7eb73116a7af43eb34023ed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:50 GMT
server: nginx
etag: "1f0b-60f9b998eca67"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 7947

GET
H2 200 D-3.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/ 12 KB
14 KB 118ms
113ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/D-3.jpg?itok=xxM-wdTF

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

c53a9606da2e8ea96ca96040c5a2245aa1156b7a4cd6a40ca796df7a63ccd44d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "2edd-60f9b989d27ec"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 11997

GET
H2 200 D-4.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/ 5 KB
7 KB 113ms
108ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/D-4.jpg?itok=grfqSj3-

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

fe8c07160383565dc686caf8e44ff5a535e7a2d5e6f7cf10272700ad87e40167

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:50 GMT
server: nginx
etag: "15e0-60f9b998ebac7"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 5600

GET
H2 200 man-patio-table.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-05/ 8 KB
10 KB 119ms
114ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-05/man-patio-table.jpg?itok=VFFeYhX5

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

792858e6c5929f29717e40d25e64edbd91ce7bde540b9c2240635cdcd951e53c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:50 GMT
server: nginx
etag: "2193-60f9b998eca67"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 8595

GET
H2 200 4B-Test.jpg
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/ 10 KB
12 KB 123ms
119ms Image
image/jpeg 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/222xauto/public/2022-04/4B-Test.jpg?itok=XfJi5hcF

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

bc897734743500283cbd6e0a90540b0eba20193c959dd1e27bec8db0d2d0fc33

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:50 GMT
server: nginx
etag: "29fc-60f9b998ebac7"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/jpeg
accept-ranges: bytes
content-length: 10748

GET
H2 200 1-award-winning.png
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/750xauto/public/2022-05/ 611 KB
614 KB 121ms
117ms Image
image/png 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/750xauto/public/2022-05/1-award-winning.png?itok=kAnX0lEy

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3816571619a1ad6e63e8e779b3a40115bde54107129264df85bb37fbb32f0aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "98d9d-60f9b98a3233f"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/png
accept-ranges: bytes
content-length: 626077

GET
H2 200 2-fav-place-to-shop.png
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/750xauto/public/2022-05/ 788 KB
791 KB 160ms
156ms Image
image/png 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/750xauto/public/2022-05/2-fav-place-to-shop.png?itok=DllssKPe

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b602e899aa8f23d60c402acc1d3fd03af7937b1d91ae15d44ae902a4ed9c087b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "c50b0-60f9b98a3a040"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/png
accept-ranges: bytes
content-length: 807088

GET
H2 200 3-in-good-hands.png
www-qa5.allstateprotectionplans.ca/sites/default/files/styles/750xauto/public/2022-05/ 332 KB
334 KB 154ms
151ms Image
image/png 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-qa5.allstateprotectionplans.ca/sites/default/files/styles/750xauto/public/2022-05/3-in-good-hands.png?itok=zBdRe5F_

Requested by

Host: www-qa5.allstateprotectionplans.ca
URL: https://www-qa5.allstateprotectionplans.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

933ab1825bf5113e3bd461bfa46a1f3414ed3be92ef1c498e048e8a52ed787c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
date: Sun, 30 Jun 2024 12:19:28 GMT
x-content-type-options: nosniff
akamai-cache-status: Miss from child, Hit from parent
last-modified: Tue, 23 Jan 2024 11:53:35 GMT
server: nginx
etag: "530d7-60f9b98a3cf21"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
content-type: image/png
accept-ranges: bytes
content-length: 340183

POST
H3 429 wizard
appreports.report-uri.com/r/t/csp/ 11 B
549 B 98ms
98ms Other
text/plain 2606:4700::6811:d642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://appreports.report-uri.com/r/t/csp/wizard

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/1xPBHMzQ7ugO9dw0iLMH7TkJQA4yhb71/analytics.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 30 Jun 2024 12:19:29 GMT
strict-transport-security: max-age=63113904; includeSubDomains; preload
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain
cf-ray: 89be1ada9c26a240-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 11

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/1xPBHMzQ7ugO9dw0iLMH7TkJQA4yhb71/ 604 B
1 KB 471ms
170ms Fetch
application/json 99.86.191.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/1xPBHMzQ7ugO9dw0iLMH7TkJQA4yhb71/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/1xPBHMzQ7ugO9dw0iLMH7TkJQA4yhb71/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.191.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-191-237.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 02032f71a160593e44cc9352d83fa50b38f3296b330e66c9a44c49a0f473f6af

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 12:18:53 GMT
x-amz-version-id: b6fpDFG19LYeT8h84ReqrDEgPHIN.jgK
via: 1.1 c93cdf0926e57254c4cc150bcbedb97c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C3
age: 37
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 604
last-modified: Thu, 07 Jul 2022 02:15:20 GMT
server: AmazonS3
etag: "f947521d3362546a5b39e6530a41b79e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
x-amz-cf-id: NihnmUuga3WFRPYF6eeZ-_bPyNzzoVtWYybfhIeWe57mTBYx_8jL_Q==

POST
H3 429 wizard
appreports.report-uri.com/r/t/csp/ 11 B
549 B 97ms
96ms Other
text/plain 2606:4700::6811:d642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://appreports.report-uri.com/r/t/csp/wizard

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 30 Jun 2024 12:19:29 GMT
strict-transport-security: max-age=63113904; includeSubDomains; preload
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain
cf-ray: 89be1add2d66a240-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 11

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/5b22937f/www-widgetapi.vflset/ 31 KB
10 KB 151ms
150ms Script
text/javascript 2607:f8b0:400d:c0f::be
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5b22937f/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::be Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e793c5b1e2ed307b5926c677f1f29296a810d950201d0a8bd50df5886928883e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:46:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120771
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10431
x-xss-protection: 0
last-modified: Wed, 26 Jun 2024 04:16:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 29 Jun 2025 02:46:38 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
187 B 708ms
215ms Fetch
application/json 35.81.90.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/1xPBHMzQ7ugO9dw0iLMH7TkJQA4yhb71/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.81.90.104 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-81-90-104.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www-qa5.allstateprotectionplans.ca
date: Sun, 30 Jun 2024 12:19:30 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 favicon.ico
www-qa5.allstateprotectionplans.ca/themes/custom/squaretrade/ 1 KB
2 KB 325ms
325ms Other
image/vnd.microsoft.icon 23.218.216.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www-qa5.allstateprotectionplans.ca/themes/custom/squaretrade/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.216.212 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-216-212.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

301eed8063c74e6daf5b4fa810f2f21ab5caef59004a4467c9ab421a273c3064

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www-qa5.allstateprotectionplans.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 30 Jun 2024 12:19:29 GMT
last-modified: Tue, 23 Jan 2024 11:53:51 GMT
server: nginx
akamai-cache-status: Miss from child, Miss from parent
etag: "47e-60f9b99999824"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' data: *.squaretrade.com *.facebook.com *.outbound.io *.auth0.com *.launchdarkly.com *.pndsn.com *.googleapis.com *.google.com *.googletagmanager.com *.google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com; form-action 'self' data: *.squaretrade.com *.force.com *.salesforce.com *.auth0.com; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' data: *.squaretrade.com *.auth0.com https://cdn.segment.com *.bootstrapcdn.com *.force.com *.salesforce.com *.qualtrics.com https://platform.twitter.com; font-src 'self' data: *.squaretrade.com https://fonts.gstatic.com https://use.typekit.net; img-src 'self' data: *.squaretrade.com *.auth0.com *.facebook.com https://p.typekit.net *.google.com *.twitter.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com; style-src-elem 'self' 'unsafe-inline' *.squaretrade.com https://hello.myfonts.net https://service.force.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://static.smartrecruiters.com https://cdn.jsdelivr.net *.bootstrapcdn.com; script-src-elem 'self' *.squaretrade.com 'unsafe-inline' *.salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com *.bootstrapcdn.com https://cdn.jsdelivr.net *.smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com; frame-src https://service.force.com https://squaretrade.az1.qualtrics.com/ https://www.google.com https://www.facebook.com https://platform.twitter.com *.doubleclick.net; report-uri https://appreports.report-uri.com/r/t/csp/wizard
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
content-length: 415

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.squaretrade.com
URL: https://www.squaretrade.com/img/walmart/BogleWeb-Regular.eot

Domain: www.squaretrade.com
URL: https://www.squaretrade.com/img/walmart/BogleWeb-Bold.eot

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vimeo.com/	1970-01-20 21:42:31	Name: __cf_bm Value: t1jBZQ6Ik.YGCOF98QVvpZf83O1IrBullRqFdnBi5QY-1719749969-1.0.1.1-lWHT1AN2rvbTwinfYC.SpEXm5vusoK6p2c_Z13ojbC6ansHWTgC_Jep7Ay9.FrgRGtsSmlTUv7_.o1m1Z30CYQ
.vimeo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: uXUZb_2fX.O8JnGrqZ8DMEzlYiBgO5CMBHf_JTfWmvQ-1719749969017-0.0.1.1-604800000
.allstateprotectionplans.ca/	1970-01-20 23:52:05	Name: _gcl_au Value: 1.1.1958399392.1719749969
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: jPpXpNtOr_M
.youtube.com/	1970-01-21 02:01:41	Name: VISITOR_INFO1_LIVE Value: LTAm_snAjPs
.youtube.com/	1970-01-21 02:01:41	Name: VISITOR_PRIVACY_METADATA Value: CgJDQRIEGgAgKw%3D%3D
.allstateprotectionplans.ca/	1970-01-21 06:28:05	Name: ajs_anonymous_id Value: 8dfc1b64-79ff-4354-a457-ced1c25a0638

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www-qa5.allstateprotectionplans.ca/ Message: The source list for the Content Security Policy directive 'script-src-elem' contains an invalid source: ''https://www.youtube.com'. It will be ignored.
security	error	URL: https://www-qa5.allstateprotectionplans.ca/ Message: Refused to apply style from 'https://www.squaretrade.com/img/walmart/BogleWeb-Bold.eot' because its MIME type ('application/vnd.ms-fontobject') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://www-qa5.allstateprotectionplans.ca/ Message: Refused to apply style from 'https://www.squaretrade.com/img/walmart/BogleWeb-Regular.eot' because its MIME type ('application/vnd.ms-fontobject') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://www-qa5.allstateprotectionplans.ca/javascript/common/st/components/st_tag_components.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www-qa5.allstateprotectionplans.ca/ Message: Refused to execute script from 'https://www-qa5.allstateprotectionplans.ca/javascript/common/st/components/st_tag_components.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://www-qa5.allstateprotectionplans.ca/sites/default/files/js/js_jyeIV6UmzXusHL1vtgJLxI9JbL-fRlEYhj5xHOS7N24.js(Line 400) Message: [Report Only] Refused to load the script 'https://www.youtube.com/iframe_api' because it violates the following Content Security Policy directive: "script-src-elem 'self' .squaretrade.com 'unsafe-inline' .salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com .bootstrapcdn.com https://cdn.jsdelivr.net .smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com".
security	error	URL: https://cdn.segment.com/analytics.js/v1/1xPBHMzQ7ugO9dw0iLMH7TkJQA4yhb71/analytics.min.js Message: [Report Only] Refused to connect to 'https://cdn.segment.com/v1/projects/1xPBHMzQ7ugO9dw0iLMH7TkJQA4yhb71/settings' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' data: .squaretrade.com .facebook.com .outbound.io .auth0.com .launchdarkly.com .pndsn.com .googleapis.com .google.com .googletagmanager.com .google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://cdn.segment.com/analytics.js/v1/1xPBHMzQ7ugO9dw0iLMH7TkJQA4yhb71/analytics.min.js Message: [Report Only] Refused to connect to 'https://cdn.segment.com/v1/projects/1xPBHMzQ7ugO9dw0iLMH7TkJQA4yhb71/settings' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' data: .squaretrade.com .facebook.com .outbound.io .auth0.com .launchdarkly.com .pndsn.com .googleapis.com .google.com .googletagmanager.com .google-analytics.com https://api.segment.io https://api.amplitude.com https://privacyportal-eu.onetrust.com https://secure.shippingapis.com https://st-prod-enc-ship-usw-ca.s3.us-west-1.amazonaws.com https://st-prod-enc-ship-use-oh.s3.us-east-2.amazonaws.com https://st-stage-enc-cust-docs-use-oh-1.s3.us-east-2.amazonaws.com https://callback.vhtcx.com https://callback.virtualhold.com https://siteintercept.qualtrics.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
network	error	URL: https://appreports.report-uri.com/r/t/csp/wizard Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://appreports.report-uri.com/r/t/csp/wizard Message: Failed to load resource: the server responded with a status of 429 ()
security	error	URL: https://www.youtube.com/iframe_api(Line 2) Message: [Report Only] Refused to load the script 'https://www.youtube.com/s/player/5b22937f/www-widgetapi.vflset/www-widgetapi.js' because it violates the following Content Security Policy directive: "script-src-elem 'self' .squaretrade.com 'unsafe-inline' .salesforceliveagent.com https://cdn.segment.com https://cdn.amplitude.com https://cdn.outbound.io https://connect.facebook.net https://www.googletagmanager.com https://service.force.com https://use.typekit.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://code.jquery.com https://ajax.googleapis.com https://platform.twitter.com .bootstrapcdn.com https://cdn.jsdelivr.net .smartrecruiters.com https://polyfill.io 'https://www.youtube.com https://player.vimeo.com https://zn8jglatqcy5dkma1-squaretrade.siteintercept.qualtrics.com https://siteintercept.qualtrics.com".
network	error	URL: https://appreports.report-uri.com/r/t/csp/wizard Message: Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
appreports.report-uri.com
cdn.segment.com
player.vimeo.com
www-qa5.allstateprotectionplans.ca
www.googletagmanager.com
www.squaretrade.com
www.youtube.com
www.squaretrade.com
162.159.138.60
23.218.216.212
2606:4700::6811:d642
2607:f8b0:400d:c02::61
2607:f8b0:400d:c0f::be
35.81.90.104
99.86.191.237
02032f71a160593e44cc9352d83fa50b38f3296b330e66c9a44c49a0f473f6af
031be6ef2d07b7e77cd2c0d2da8731fa3ba25713e74167c14a220047c237d9fa
0b21d1f4a0ed343496ef516200a20b4f65e791db0ed19df89a00e04c80bab6d8
0cc99b650731cad969104011dd3ec9216725933db3bc2604ab2b12bf1965f6f9
10afe719b526400a20da4b381115b1392524975e74dfbd75d7a3ed18e661864d
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1575c4eae3d15dd53ea8f59e5e8697212f9359065e2952658b1c1b2cb6635552
1593a850fcc7233fcc99c25144023a58b4888eb627cd460354ee1fbde3bc1486
1a687512b606e1787ee6b13ad230e084497b8735f65bb5b29410b5f422ab9c67
1b26ea722a2121ee02d8ca9c23460c5ff6cb75f840ff9e0c1ee79ecaedc7ad8f
1c65557eff0e987d48ba6d7716ff7f24f79885fbfaaadb0f2a5425eb76a1afe9
243c88805580eeb633641990c8469243047cc052c77a7a3721b6a8e40dd99e3f
24c60184357ec540e8f4aa91987fe44da3276dfc16f4eb4872b781511b254ba1
2a93f7d21a6d59c03a9035a0682cf085dfc975c3d643b46c4d379cd0c3bdd9cc
301eed8063c74e6daf5b4fa810f2f21ab5caef59004a4467c9ab421a273c3064
315ca72ab48ac5d6ce2a22a316e0f872c3791e53af658f250d9f3dcca9badaed
330d589936cee2159aa34a0672694d369fefeecb06e8c986bb1c87d42dd34f7e
349961136fe2d79fe38245fa54679778c733b1459d7ac4ddde69b8fc8709acc9
35fbe30bdfa501461b3a256ad032166f2eea26f07f6ea69dd28c13c69257f31a
3816571619a1ad6e63e8e779b3a40115bde54107129264df85bb37fbb32f0aad
39770659b4ed3e1db5d4dd931d9c3b7437eafaccb6640ae937a679b14f3ad51d
3b226abbc78367241818f3cc8e203d9d9b26163204cbbdf05a551d47cb0deb85
3d27d1766aa9c1629c58bc22128e3373e614e21219815757bc840808fbfed498
3dba5b2a0381da1740f72b7a9a5582f4a3ab0d711c68d6002b04b97f13c0b87c
46677f03659cbe68d03478f04efb474253c451aa5576183ac63404f08823e2d4
4899f398b2284ddb9df58d61d6274b3ec8b481cc707b40e636bec9e125c243bd
489b85cccc7e0f99702bc13dd1307a1c59b39c9b9cd1078d4a5d7024730b61c1
48db9a03a7fc6e2a6f969af6b64b5805d0e1b459aafb75100e93518ce8baf877
54c696ef8232ec32d623dda5a8915c1d1aa7ef5ffad81dcd3d3ec7be2361d382
593352afbe7017e193a89cc1af37ea0cc1fc34476cb8c71f2a3900c47986a1d7
5a3fbda1db50a5a1bb8f606ca138eb4bfb70a99862482ae3ecbd9316e50a48d2
5c2ebb2b187936e949da1f2b631f7181a3dd6f34b12f4851f7e65fe2d42f611e
61c831554d9839618fa2e0ba2a9a5c771fde1685e8be1f06d1ef8218f794e8d9
63c2dcc48695efc436c090ef3975d36611e64a9330d500c3a77c522f0317018b
654e15aeb144ef22330d986a3a3b718cb8046fab7eb73116a7af43eb34023ed9
78b69993f72e63f38a46bf6317dd2e266e62d01f6c0a1ddb7b52a74bedc2fe9f
792858e6c5929f29717e40d25e64edbd91ce7bde540b9c2240635cdcd951e53c
7b8147d79a6afe689660725efec3df9445397f66b843142690e7048ca7ca8352
7c708a7805d7830c48720a320e6921bea66b97ad6366e5c14a618fb7ff1edb0a
7e0d16bf5e01d2ff730972fa1fe313ada0ee57d21f79add57d2d70d7fe47a2aa
7e7f252fec7ae81c6b7f3125d921bea223cde77ae0051fef1efd9838ed0024e1
81c43faac4852a5ce07c8e6bd0fb65b1f649b4adb623fd94c479fa1de7467ee8
822d227c2e4ea45ebb8bcfb1ebbb312b5f3964b144aec5989d06d2ef5256a52d
884be02526ba926246005e45c6fd619fb4e0b53265d5d82db187a35a98690d55
889933adc6c21cd42324a07940e5e52190f5958758f721452e33fc169f5dd45e
89f9c9b7d86b31338863289db4a374c541815ea202541ee52f5259fb2163e818
8c178b8fef2affd84e342b91aa45d1fa0bd72e233dfe748f7610cd58df8db0d9
8e4588cd7646c6de1238096069c37e665130a1674f17667b14ce91b79ad7787f
8ec091e770421d55badef1e8334eb26eccd42d0bc38d2fdaf8ec1adb5d1183b4
8f278857a526cd7bac1cbd6fb6024bc48f496cbf9f465118863e711ce4bb376e
933ab1825bf5113e3bd461bfa46a1f3414ed3be92ef1c498e048e8a52ed787c5
952c955d7ffa26b17ca424f29b89a2ef9f5df06135b679a031b578994b7fedaf
967147c45f7fbf1bcf00073a52a06619de646f9acb26b0e222746a196fe92904
9b21c32ae961a9c0e3832b2a18031d36a5a45361c0e37577240d7bde003729a0
9eff8d497e26d486fc9b56a9f19ef64676cd8986dc3173c13f4bef3de47a6df7
a256a737b4653ca573fff42227a0870c329daa3f1e7506414f24ff7e4e3ab710
a354b80e2cbeb24dbd521e9dc0ec0a33c2ad9e05046d32181c87246d17e11a36
a5bb7c22207ea68a844919440f908e07427cd62adeb4bde802f743fc5d3546f9
a6c9222b4daf9905b6af12f0ba118de6f129bac4dae7483188f9efbf75e5573f
a9e27d135618be8ed245607a3568202b5daac955c7120fb8c5d7676d24b18ca4
aa7d40b3e0a6c410959f0f4c7fbfc5da3bfa0022ef5d2beed4d7b87116435445
ac697b70a388403d2a47a46d7c13aa7e1141e555e4894d6a9760353121bddae8
b111a780858b79cc57be408c1c9d7e9e2e6c47955065e897bfd97211af933924
b1c3741fdb8ae39b557ed672e71e6c739ae3a8696262d6eedb187e25b2ab8cb8
b22318428ed62b70d02c554537ff25e45746467278b41727d4b64c4f17fad455
b2db547289cfe297b0d9000c8812729dfd2e6448765e8a74549d48be51a20164
b37714c4a34f0ced9f3dc04e1916236e67fe7ae18075f9363152b612dfc568e7
b438d244ae8cec8f4b0db4824647fcc6ebe44848e33e853911581fe3be0ec3f1
b602e899aa8f23d60c402acc1d3fd03af7937b1d91ae15d44ae902a4ed9c087b
b76957def02b7709983c05da36e74fa8f1b7f7abc026dd918da5691d2851737b
b96e9c5fa8039790cc463f21fb08804628a16016080f37ef7938aa82975c5650
ba988c07bdd8034f558a97713c0f9b0910387cfb6d9fa68a8525768721384265
bb323f4c9f2974dc470c62ea4a5fd862083f25565a338145cced8530b4f97610
bc897734743500283cbd6e0a90540b0eba20193c959dd1e27bec8db0d2d0fc33
be17ab2cf61c3e20c1c7f6c327c3892ae83ebc46a09056b37d406f8c62bb8920
be4848d7d4af5cd1359922f6a0940d482da79f55d747beb3245e67f6eb1c75d2
c53a9606da2e8ea96ca96040c5a2245aa1156b7a4cd6a40ca796df7a63ccd44d
c8eda7e630f5a7378b2d15a5e8a144b5995df4aed3800e75d9b9f79e07b046dd
cf6ca537e25ac5babf82854ad90aa91597a4c4878e05471e0407b7010e100d67
da0976769219baa66d630fb8853933abf3d24aaedcb7d21fcb18daa51dfbbfae
da1dd12274d0896a8ddf1e0fff4a8a4912eb2ee85e1fe8893a804ce0a69a66c8
df19c535191fb16a90dffd1f5b1576c0b1689b5de6c33f78c92bfe6513be12d1
e5b34426f3415182535d02de0014560b688201c99997a761b51bcf4132302090
e60aef2f8fec2c6016dda314fd8882726baad301eb148d931c4d9e275ebe73c9
e793c5b1e2ed307b5926c677f1f29296a810d950201d0a8bd50df5886928883e
f63e3985878b7fb6b5d4a78e2bb342119bfc8fba86a9c93bafb40b3b83b39876
fa748349ae3e5de690c2df4d069c0ce43b41416e522c2f29cd7ecde99e126320
fbbd330c650e5976acb7e3a76e13621baa138a697793155d8f8d954079e97ec1
fc1546183f22d572e0e3348a2cdb3eafd84d43bd9a090cc043a2fe5f4d2f0688
fe8c07160383565dc686caf8e44ff5a535e7a2d5e6f7cf10272700ad87e40167
ffb8596a4ad98f9898b697fb1fdd36996add02bffa98475b78fbe42d4361c2ab

www-qa5.allstateprotectionplans.ca Open in urlscan Pro 23.218.216.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

98 Requests

97 %HTTPS

43 %IPv6

8 Domains

8 Subdomains

8 IPs

2 Countries

7375 kBTransfer

9034 kBSize

7 Cookies

5 Outgoing links

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www-qa5.allstateprotectionplans.ca Open in urlscan Pro
23.218.216.212 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

97 %
HTTPS

43 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

7375 kB
Transfer

9034 kB
Size

7
Cookies

98 HTTP transactions
0 data transactions