www.theheadrestsafe.com Open in urlscan Pro
2620:127:f00f:e:: Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.carheadrestsafe.com/
Effective URL:
https://www.theheadrestsafe.com/
Submission: On July 14 via automatic, source certstream-suspicious (July 14th 2024, 6:11:51 am UTC) — Scanned from US

Summary HTTP 191 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 61 IPs in 5 countries across 41 domains to perform 191 HTTP transactions. The main IP is 2620:127:f00f:e::, located in Canada and belongs to CLOUDFLARENET, US. The main domain is www.theheadrestsafe.com.
TLS certificate: Issued by R10 on July 9th 2024. Valid for: 3 months.

This is the only time www.theheadrestsafe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.251.168 3.33.251.168	16509 (AMAZON-02) (AMAZON-02)
1 1	23.227.38.65 23.227.38.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2620:127:f00f... 2620:127:f00f:e::	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:400d:c0b::61	15169 (GOOGLE) (GOOGLE)
38	23.227.38.74 23.227.38.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:127:f00f... 2620:127:f00f:ff00::	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
3	52.85.151.65 52.85.151.65	16509 (AMAZON-02) (AMAZON-02)
6	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:127:f00f... 2620:127:f00f:ff01::	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c07::5f	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:89d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.162.112.127 3.162.112.127	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:247... 2600:9000:2479:c800:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:25c... 2600:9000:25c8:c000:2:6431:e200:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:6efe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:afc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4004:c09::66	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.83.196.164 35.83.196.164	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:400d:c04::5f	15169 (GOOGLE) (GOOGLE)
4	142.251.163.97 142.251.163.97	15169 (GOOGLE) (GOOGLE)
1	18.160.41.53 18.160.41.53	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:400d:c02::be	15169 (GOOGLE) (GOOGLE)
2	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	23.22.104.4 23.22.104.4	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:400d:c0c::9b	15169 (GOOGLE) (GOOGLE)
3	172.64.152.29 172.64.152.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:25c... 2600:9000:25c8:8e00:2:6431:e200:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	172.217.197.103 172.217.197.103	15169 (GOOGLE) (GOOGLE)
3	173.194.68.154 173.194.68.154	15169 (GOOGLE) (GOOGLE)
3	18.157.122.248 18.157.122.248	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:400d:c09::8a	15169 (GOOGLE) (GOOGLE)
3	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
1	99.84.191.41 99.84.191.41	16509 (AMAZON-02) (AMAZON-02)
2 3	54.156.8.121 54.156.8.121	14618 (AMAZON-AES) (AMAZON-AES)
1 1	142.251.16.156 142.251.16.156	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c02::88	15169 (GOOGLE) (GOOGLE)
2	157.240.229.1 157.240.229.1	32934 (FACEBOOK) (FACEBOOK)
6	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2606:4700::68... 2606:4700::6812:cf0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.111.94.218 34.111.94.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.224.214.104 13.224.214.104	16509 (AMAZON-02) (AMAZON-02)
1	172.67.5.146 172.67.5.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.165.83.25 18.165.83.25	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20ed:3200:c:2fdc:1a80:21	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.180 151.101.193.180	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:f36c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	18.160.41.73 18.160.41.73	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:2192	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.17.203.53 104.17.203.53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	23.227.60.200 23.227.60.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.165.83.17 18.165.83.17	16509 (AMAZON-02) (AMAZON-02)
2	3.234.132.155 3.234.132.155	14618 (AMAZON-AES) (AMAZON-AES)
2	143.198.251.218 143.198.251.218	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700:20:... 2606:4700:20::681a:c6a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.202.53 104.17.202.53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
191	61

1 3.33.251.168 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

www.carheadrestsafe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.65 (Ottawa, Canada) 1 redirects

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com

theheadrestsafe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:127:f00f:e:: (Canada)

ASN13335 (CLOUDFLARENET, US)

www.theheadrestsafe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c0b::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 23.227.38.74 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: shops.myshopify.com

www.theheadrestsafe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:127:f00f:ff00:: (Canada)

ASN13335 (CLOUDFLARENET, US)

shop.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.66.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.85.151.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-65.iad89.r.cloudfront.net

cdn.ravm.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:127:f00f:ff01:: (Canada)

ASN13335 (CLOUDFLARENET, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:89d1 (United States)

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.162.112.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-112-127.iad61.r.cloudfront.net

cdn1.stamped.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2479:c800:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25c8:c000:2:6431:e200:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.vibe.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:6efe (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.194.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::66 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.83.196.164 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-83-196-164.us-west-2.compute.amazonaws.com

stamped.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c04::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.163.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.41.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-53.iad55.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c02::be (Morganton, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

fast.a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-forms.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.22.104.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-104-4.compute-1.amazonaws.com

t.vibe.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0c::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.152.29 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.flowcode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collector.flowcode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25c8:8e00:2:6431:e200:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.vibe.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.197.103 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: qa-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.68.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.157.122.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-122-248.eu-central-1.compute.amazonaws.com

uptick.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c09::8a (Morganton, United States)

ASN15169 (GOOGLE, US)

www.merchant-center-analytics.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.191.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-41.iad89.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.156.8.121 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-8-121.compute-1.amazonaws.com

tags.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.156 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c02::88 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:cf0 (United States)

ASN13335 (CLOUDFLARENET, US)

a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.94.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.94.111.34.bc.googleusercontent.com

monorail-edge.shopifysvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-104.phl50.r.cloudfront.net

d3k81ch9hvuctc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.5.146 (United States)

ASN13335 (CLOUDFLARENET, US)

www.powr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.83.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-25.iad55.r.cloudfront.net

cdn.wishpond.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ed:3200:c:2fdc:1a80:21 (United States)

ASN16509 (AMAZON-02, US)

d1hcrjcdtouu7e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.180 (San Francisco, United States)

ASN54113 (FASTLY, US)

id-shop.govx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f36c (United States)

ASN13335 (CLOUDFLARENET, US)

api-na1.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.160.41.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-73.iad55.r.cloudfront.net

hello.zonos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:2192 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.commoninja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.17.203.53 (None, )

ASN13335 (CLOUDFLARENET, US)

scripttags.jst.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.jst.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.jst.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 23.227.60.200 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.83.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-17.iad55.r.cloudfront.net

cdn.wishpond.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.234.132.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-132-155.compute-1.amazonaws.com

www.wishpond.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.198.251.218 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

gdpr.apps.isenselabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c6a (United States)

ASN13335 (CLOUDFLARENET, US)

consentmo-geo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.202.53 (None, )

ASN13335 (CLOUDFLARENET, US)

aly.jst.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	theheadrestsafe.com 1 redirects theheadrestsafe.com www.theheadrestsafe.com	672 KB
23	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 3271 static-tracking.klaviyo.com — Cisco Umbrella Rank: 4013 fast.a.klaviyo.com — Cisco Umbrella Rank: 4261 static-forms.klaviyo.com — Cisco Umbrella Rank: 4011 a.klaviyo.com — Cisco Umbrella Rank: 3897	187 KB
21	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2287	677 KB
8	jst.ai scripttags.jst.ai — Cisco Umbrella Rank: 57815 cdn.jst.ai — Cisco Umbrella Rank: 23922 my.jst.ai — Cisco Umbrella Rank: 22801 aly.jst.ai — Cisco Umbrella Rank: 21550	58 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 72	654 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	6 KB
6	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 133 googleads.g.doubleclick.net — Cisco Umbrella Rank: 69 cm.g.doubleclick.net — Cisco Umbrella Rank: 264	4 KB
6	bing.com bat.bing.com — Cisco Umbrella Rank: 326	30 KB
5	zonos.com hello.zonos.com — Cisco Umbrella Rank: 30347	52 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 5 analytics.google.com — Cisco Umbrella Rank: 157	152 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	82 KB
4	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 15868 uptick.matomo.cloud	60 KB
4	stamped.io cdn1.stamped.io — Cisco Umbrella Rank: 15743 stamped.io — Cisco Umbrella Rank: 14833	76 KB
3	w55c.net 2 redirects tags.w55c.net — Cisco Umbrella Rank: 4844	2 KB
3	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4521 perf-na1.hsforms.com — Cisco Umbrella Rank: 4164	2 KB
3	flowcode.com cdn.flowcode.com — Cisco Umbrella Rank: 91536 collector.flowcode.com	25 KB
3	youtube.com www.youtube.com — Cisco Umbrella Rank: 98	12 KB
3	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 3865 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3922 track.hubspot.com — Cisco Umbrella Rank: 2271	26 KB
3	vibe.co s.vibe.co — Cisco Umbrella Rank: 65944 t.vibe.co — Cisco Umbrella Rank: 56705	5 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 428 fonts.googleapis.com — Cisco Umbrella Rank: 74	34 KB
3	ravm.tv cdn.ravm.tv — Cisco Umbrella Rank: 132594	132 KB
2	isenselabs.com gdpr.apps.isenselabs.com — Cisco Umbrella Rank: 18744	664 B
2	wishpond.com www.wishpond.com — Cisco Umbrella Rank: 105700	1 KB
2	commoninja.com cdn.commoninja.com — Cisco Umbrella Rank: 71109	142 KB
2	wishpond.net cdn.wishpond.net — Cisco Umbrella Rank: 104202	41 KB
2	cloudfront.net d3k81ch9hvuctc.cloudfront.net d1hcrjcdtouu7e.cloudfront.net	604 KB
2	shopifysvc.com monorail-edge.shopifysvc.com — Cisco Umbrella Rank: 3089
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 829 script.hotjar.com — Cisco Umbrella Rank: 1135	60 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 67	21 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4638 forms.hscollectedforms.net — Cisco Umbrella Rank: 4696	25 KB
2	shop.app shop.app — Cisco Umbrella Rank: 3226	3 KB
1	consentmo-geo.com consentmo-geo.com — Cisco Umbrella Rank: 22631	602 B
1	hubapi.com api-na1.hubapi.com — Cisco Umbrella Rank: 30957	2 KB
1	govx.com id-shop.govx.com — Cisco Umbrella Rank: 27016	7 KB
1	powr.io www.powr.io — Cisco Umbrella Rank: 17029	12 KB
1	merchant-center-analytics.goog www.merchant-center-analytics.goog — Cisco Umbrella Rank: 5734
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2093	26 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2118	24 KB
1	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 6628	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 352	12 KB
1	carheadrestsafe.com 1 redirects www.carheadrestsafe.com	229 B
191	41

	Domain	Requested by
44	www.theheadrestsafe.com	www.theheadrestsafe.com
21	cdn.shopify.com	www.theheadrestsafe.com
9	static.klaviyo.com	www.theheadrestsafe.com static.klaviyo.com
8	static-tracking.klaviyo.com	static.klaviyo.com
7	www.googletagmanager.com	www.theheadrestsafe.com www.googletagmanager.com
6	www.facebook.com	www.theheadrestsafe.com
6	bat.bing.com	www.theheadrestsafe.com bat.bing.com
5	hello.zonos.com	www.theheadrestsafe.com hello.zonos.com
4	cdn.jst.ai	scripttags.jst.ai cdn.jst.ai
4	a.klaviyo.com	www.theheadrestsafe.com
4	connect.facebook.net	www.theheadrestsafe.com connect.facebook.net
3	tags.w55c.net	2 redirects www.theheadrestsafe.com
3	uptick.matomo.cloud	cdn.matomo.cloud
3	googleads.g.doubleclick.net	www.theheadrestsafe.com www.googletagmanager.com
3	www.google.com	1 redirects www.theheadrestsafe.com
3	www.youtube.com	www.theheadrestsafe.com www.youtube.com
3	cdn1.stamped.io	www.theheadrestsafe.com cdn1.stamped.io
3	cdn.ravm.tv	www.theheadrestsafe.com
2	my.jst.ai	cdn.jst.ai ajax.googleapis.com
2	gdpr.apps.isenselabs.com	www.theheadrestsafe.com
2	www.wishpond.com	www.theheadrestsafe.com
2	cdn.commoninja.com	www.theheadrestsafe.com cdn.commoninja.com
2	cdn.wishpond.net	www.theheadrestsafe.com cdn.wishpond.net
2	monorail-edge.shopifysvc.com	www.theheadrestsafe.com
2	collector.flowcode.com	cdn.flowcode.com
2	forms.hsforms.com	www.theheadrestsafe.com
2	stats.g.doubleclick.net	www.theheadrestsafe.com www.googletagmanager.com
2	fonts.googleapis.com	ajax.googleapis.com client
2	www.google-analytics.com	www.theheadrestsafe.com
2	s.vibe.co	www.theheadrestsafe.com
2	shop.app	www.theheadrestsafe.com
1	aly.jst.ai	ajax.googleapis.com
1	consentmo-geo.com	www.theheadrestsafe.com
1	track.hubspot.com
1	scripttags.jst.ai	www.theheadrestsafe.com
1	api-na1.hubapi.com	www.theheadrestsafe.com
1	id-shop.govx.com	www.theheadrestsafe.com
1	d1hcrjcdtouu7e.cloudfront.net	www.theheadrestsafe.com
1	www.powr.io	www.theheadrestsafe.com
1	d3k81ch9hvuctc.cloudfront.net	www.theheadrestsafe.com
1	cm.g.doubleclick.net	1 redirects
1	script.hotjar.com	static.hotjar.com
1	analytics.google.com	www.theheadrestsafe.com
1	perf-na1.hsforms.com	www.theheadrestsafe.com
1	www.merchant-center-analytics.goog	www.theheadrestsafe.com
1	forms.hscollectedforms.net	www.theheadrestsafe.com
1	cdn.flowcode.com	www.theheadrestsafe.com
1	t.vibe.co	www.theheadrestsafe.com
1	cta-service-cms2.hubspot.com	www.theheadrestsafe.com
1	static-forms.klaviyo.com	www.theheadrestsafe.com
1	fast.a.klaviyo.com	www.theheadrestsafe.com
1	static.hotjar.com	www.googletagmanager.com
1	stamped.io	www.theheadrestsafe.com
1	js.hs-banner.com	js-na1.hs-scripts.com
1	js.hubspot.com	js-na1.hs-scripts.com
1	js.hs-analytics.net	js-na1.hs-scripts.com
1	js.hscollectedforms.net	js-na1.hs-scripts.com
1	cdn.matomo.cloud	www.theheadrestsafe.com
1	js-na1.hs-scripts.com	www.theheadrestsafe.com
1	cdn.jsdelivr.net	www.theheadrestsafe.com
1	ajax.googleapis.com	www.theheadrestsafe.com
1	theheadrestsafe.com	1 redirects
1	www.carheadrestsafe.com	1 redirects
191	63

This site contains links to these domains. Also see Links.

Domain
theheadrestsafe.myshopify.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.shopify.com

Subject Issuer	Validity	Valid
www.theheadrestsafe.com R10	`2024-07-09` - `2024-10-07`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
shop.app E1	`2024-05-25` - `2024-08-23`	3 months	crt.sh
static.klaviyo.com R11	`2024-07-11` - `2024-10-09`	3 months	crt.sh
ads.w55c.net Amazon RSA 2048 M03	`2024-06-18` - `2025-07-17`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
cdn.shopify.com E6	`2024-07-01` - `2024-09-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
hs-scripts.com E1	`2024-05-31` - `2024-08-29`	3 months	crt.sh
*.stamped.io Amazon RSA 2048 M02	`2023-09-11` - `2024-10-08`	a year	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M03	`2023-10-27` - `2024-11-23`	a year	crt.sh
vibe.co Amazon RSA 2048 M03	`2024-04-02` - `2025-05-01`	a year	crt.sh
hscollectedforms.net E1	`2024-05-27` - `2024-08-25`	3 months	crt.sh
hs-analytics.net WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
hubspot.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
hs-banner.com E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
static-tracking.klaviyo.com R3	`2024-05-20` - `2024-08-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-22` - `2024-07-21`	3 months	crt.sh
stamped.io Amazon RSA 2048 M02	`2024-06-23` - `2025-07-23`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
fast.a.klaviyo.com R11	`2024-07-11` - `2024-10-09`	3 months	crt.sh
static-forms.klaviyo.com R11	`2024-06-19` - `2024-09-17`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
flowcode.com E6	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.matomo.cloud Amazon RSA 2048 M02	`2024-05-21` - `2025-06-19`	a year	crt.sh
merchant-center-analytics.goog WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
hsforms.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
a.klaviyo.com E1	`2024-05-24` - `2024-08-22`	3 months	crt.sh
monorail-edge-gateway-east.shopifycloud.com R11	`2024-07-10` - `2024-10-08`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
powr.io E1	`2024-06-01` - `2024-08-30`	3 months	crt.sh
cdn.wishpond.net Amazon RSA 2048 M03	`2023-08-19` - `2024-09-16`	a year	crt.sh
*.govx.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-06-04` - `2025-07-06`	a year	crt.sh
hubapi.com E6	`2024-07-02` - `2024-09-30`	3 months	crt.sh
zonos.com Amazon RSA 2048 M02	`2024-06-08` - `2025-07-06`	a year	crt.sh
commoninja.com WE1	`2024-07-10` - `2024-10-08`	3 months	crt.sh
scripttags.jst.ai Cloudflare Inc ECC CA-3	`2024-03-06` - `2024-12-31`	10 months	crt.sh
cdn.jst.ai Cloudflare Inc ECC CA-3	`2024-03-05` - `2024-12-31`	10 months	crt.sh
wishpond.com Amazon RSA 2048 M02	`2024-01-08` - `2025-02-04`	a year	crt.sh
gdpr.apps.isenselabs.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-03` - `2024-11-17`	a year	crt.sh
my.jst.ai Cloudflare Inc ECC CA-3	`2024-02-29` - `2024-12-31`	10 months	crt.sh
consentmo-geo.com GTS CA 1P5	`2024-05-20` - `2024-08-18`	3 months	crt.sh
aly.jst.ai E6	`2024-06-28` - `2024-09-26`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.theheadrestsafe.com/
Frame ID: 70FE51A640C7FE98655D22DCEF461BFF
Requests: 191 HTTP requests in this frame

Frame: https://www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/custom/web-pixel-17891379@1/sandbox/modern/
Frame ID: 3BDAA3848DF37E0736FF1C32F9BDEFD2
Requests: 3 HTTP requests in this frame

Frame: https://www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/custom/web-pixel-19497011@1/sandbox/modern/
Frame ID: 45549CC66F3E65C22D0601F6DD622CB1
Requests: 4 HTTP requests in this frame

Frame: https://www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/custom/web-pixel-23068723@2/sandbox/modern/
Frame ID: FDB6F8C39300C15BCDF52CF757132EB0
Requests: 2 HTTP requests in this frame

Frame: https://www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/custom/web-pixel-shopify-custom-pixel@0132/sandbox/modern/
Frame ID: 98E436BA5898B25B15AA22904E33004A
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/K8PNHHzNLgY?modestbranding=true&showinfo=false&controls=false&loop=false&mute=false&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.theheadrestsafe.com&widgetid=1
Frame ID: 8B13E87D497E0DDB0460345FFEFC03F6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.wishpond.net/storage.html
Frame ID: 5F023D68EAB2BAC08F5F6D0B83A79B32
Requests: 1 HTTP requests in this frame

Frame: https://cdn.jst.ai/store_4.1.html?v=6.07
Frame ID: E2EDC4F325895FB6B15D8A4B02BAF06C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.jst.ai/store_4.1.html?v=6.07
Frame ID: C343D698B546D75F5B47815A1F01E561
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.carheadrestsafe.com/ HTTP 301
https://theheadrestsafe.com/ HTTP 301
https://www.theheadrestsafe.com/ Page URL

Detected technologies

Apple Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

<script id="apple-pay

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

191
Requests

99 %
HTTPS

48 %
IPv6

41
Domains

63
Subdomains

61
IPs

5
Countries

3776 kB
Transfer

8769 kB
Size

62
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://theheadrestsafe.myshopify.com/apps/product-registration?form=product-registration
Title: Product Registration

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheHeadrestSafeCo
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/TheHeadrestSafe
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/theheadrestsafeco/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCMEBo5duN86bPyoIyieQuQQ
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.shopify.com/?utm_campaign=poweredby&utm_medium=shopify&utm_source=onlinestore
Title: Powered by Shopify

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.carheadrestsafe.com/ HTTP 301
https://theheadrestsafe.com/ HTTP 301
https://www.theheadrestsafe.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=589376762.1720937506&url=https%3A%2F%2Fwww.theheadrestsafe.com%2F&dma=0&npa=0&gtm=45be4790v875616294za200zb859087076&auid=1406228851.1720937506&frm=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=589376762.1720937506&url=https%3A%2F%2Fwww.theheadrestsafe.com%2F&dma=0&npa=0&gtm=45be4790v875616294za200zb859087076&auid=1406228851.1720937506&frm=0

Request Chain 128

https://tags.w55c.net/rs?id=c330ccfe2a644cd284752aec65a7eea5&t=page_view&event_time=1720937505&event_id=a84c053ddfff44800e45adacb12b9999&ust=3.5&dpo=false HTTP 302
https://tags.w55c.net/rs?sccid=a74bdf6d-dbe0-f134-e03c-5c95db39ec4a&scc=1&id=c330ccfe2a644cd284752aec65a7eea5&t=page_view&event_time=1720937505&event_id=a84c053ddfff44800e45adacb12b9999&ust=3.5&dpo=false HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dVZNaEo1VWUxU3NTc3ky&google_cm&google_sc HTTP 302
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEH0Klk6EPAlzSma_pKGNDoQ&google_cver=1

191 HTTP transactions
19 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.theheadrestsafe.com/
Redirect Chain

https://www.carheadrestsafe.com/
https://theheadrestsafe.com/
https://www.theheadrestsafe.com/

401 KB
45 KB

251ms
85ms

Document
text/html

2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

016db808289870f376758be40758bb485971e5c890d2b5d6c1d2e4722ba66556

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a2f5b6e7d85a52e-MIA
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Sun, 14 Jul 2024 06:11:45 GMT
etag: "cacheable:42df3f9bed1db4bf3a21a2ad1842e9a5"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qkxf6cCyD1xGTFIzxx%2ByYR0idysR%2BhHpG3F%2FpIKEhmtAz%2BLZx7YyHyE3WPJRCcx5oNfBQKs7LIJG9%2BppYaowitd12j3m3EOY8llGu9R3t0wnSr2ahmhzC0uHmq3iIQ4ZdRHIl4Ckg0gAqld08CRkCJpCXFd8"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=19;desc="gc:2", db;dur=3, asn;desc="9009", edge;desc="MIA", country;desc="US", theme;desc="127789629491", pageType;desc="index", servedBy;desc="6v5m", requestID;desc="3c2b8090-301b-4780-bb0d-f2c98b59f0ed-1720937505" cfRequestDuration;dur=50.999880 ipv6, earlyhints
strict-transport-security: max-age=7889238
vary: Accept
x-cache: hit, server
x-content-type-options: nosniff
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: 3c2b8090-301b-4780-bb0d-f2c98b59f0ed-1720937505
x-shardid: 50
x-shopid: 55404494899
x-shopify-nginx-no-cookies: 0
x-sorting-hat-podid: 50
x-sorting-hat-shopid: 55404494899
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a2f5b6cde053371-MIA
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Sun, 14 Jul 2024 06:11:44 GMT
location: https://www.theheadrestsafe.com/
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8jkQjjAyITdGh048ZdgDj9PAJnyfKxn8F2%2BLW8pkdMaNcFmFE5QIRsP7MPc4FrHoJgn9mZs%2BlRcH%2Bad1Bpdw105CiimU85SBCiZirwk1eoJZUDCXVppRJcabVd4aQpU5p5ozVGg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=15;desc="gc:2", db;dur=2, asn;desc="9009", edge;desc="MIA", country;desc="US", pageType;desc="index", servedBy;desc="c7lb", requestID;desc="8f728688-9871-40c6-acb5-4e7cdddff4a1-1720937504" cfRequestDuration;dur=56.999922
strict-transport-security: max-age=7889238
vary: Accept
x-content-type-options: nosniff
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-redirect-reason: canonical_host_redirection
x-request-id: 8f728688-9871-40c6-acb5-4e7cdddff4a1-1720937504
x-shardid: 50
x-shopid: 55404494899
x-sorting-hat-podid: 50
x-sorting-hat-shopid: 55404494899
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
92 KB 323ms
204ms Script
application/javascript 2607:f8b0:400d:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10852316691

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df43ed1f6a84a6546f49f6e0ef4932141fcb4d6f42da77ea884bf6d1eb9226f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94083
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Jul 2024 06:11:45 GMT

GET
H2 200 singleproductwebicons-regular.woff
www.theheadrestsafe.com/cdn/shop/t/16/assets/ 24 KB
25 KB 47ms
45ms Font
font/woff2 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/shop/t/16/assets/singleproductwebicons-regular.woff?v=121403992484715806711709842080

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

619530333221c0d6e32af23430839489f314366af5ebea4694024a4a5e7e7173

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 5289866
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=234.605, imageryFetch;dur=94.262, imageryProcess;dur=140.023;desc="font", cfRequestDuration;dur=13.999939, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 25000
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 55404494899
x-request-id: fb38111b-e558-44c5-acf4-9066bc6e6841-1715643936
last-modified: Mon, 13 May 2024 23:45:36 GMT
server: cloudflare
x-shopid: 55404494899
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=41U9b6SAecklLYGYj4%2Bufs0aGTmVXNWvxuPZhwb4xbqgQkDPae3SmDWR9hIGI0y8I5loNWj0%2F%2B2QbyiAG%2BB%2Bdz%2FZHtzrEwlqLIL6jyOFI3mRIcf8c3fQU3F26W0DpETuK6g5o47tvdycmAsq8IboP3%2Fdrrpo"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
x-download-options: noopen
accept-ranges: bytes
cf-ray: 8a2f5b6f1deaa52e-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0554/0449/4899/t/16/assets/singleproductwebicons-regular.woff>; rel="canonical"
x-sorting-hat-podid: 50

GET
H2 200 socicon-webfont.woff
www.theheadrestsafe.com/cdn/shop/t/16/assets/ 11 KB
12 KB 78ms
76ms Font
font/woff2 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/shop/t/16/assets/socicon-webfont.woff?v=38221785440077609041709842080

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f21457744af2be6f9a28913955d4ad9a65a847f194bda00d1a98931445e06dd

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 5311397
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=123.125, imageryFetch;dur=84.579, imageryProcess;dur=38.251;desc="font", cfRequestDuration;dur=13.999939, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 11700
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 55404494899
x-request-id: 9a51199e-6093-4e87-b79a-c743e3c9ec8e-1715626108
last-modified: Fri, 03 May 2024 17:40:32 GMT
server: cloudflare
x-shopid: 55404494899
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=99awSwfiSFfMbWaanHyp1nwBrO3xG36XhMENQlg%2ByXdQmjLSU6gr78KQYCsp0fqZ3WwM9v4GkIqnwZwd3DgsMVZFzpNIAiCwKyR22MpObkXlD8NFBeptJfVvYgljpbXA3jugKUv7dJ8Jbvb9aO0gkZreGLhM"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
x-download-options: noopen
accept-ranges: bytes
cf-ray: 8a2f5b6f1deba52e-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0554/0449/4899/t/16/assets/socicon-webfont.woff>; rel="canonical"
x-sorting-hat-podid: 50

GET
H2 200 theme.css
www.theheadrestsafe.com/cdn/shop/t/16/assets/ 293 KB
39 KB 45ms
44ms Stylesheet
text/css 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/shop/t/16/assets/theme.css?v=33471569244590147041711743752

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7c60456d27094cf3ae0deb9073e7244413dd2dc9ace879ec928f814cb7efefa

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-central1
age: 3843727
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=120.794, imageryFetch;dur=56.832, cfRequestDuration;dur=13.999939, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 38910
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 55404494899
x-request-id: 5d3ce0d5-89dc-40f4-8bc9-ecceed222d0a-1715634018
last-modified: Mon, 13 May 2024 21:00:18 GMT
server: cloudflare
x-shopid: 55404494899
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=InX1ZbHrQ5xscTtfVMfp4GwCOGcicpFanGo9RmA8wTlqd93yF3EAcMAmK8%2FVKoVnpDYtNFewowax1%2Fj9fYAembXJk5PR5ILCOH28Bfv19FA0IkjO7CVOO3o0trOumfzL1qwZ9tfK%2BdX7A2INU2kRacIM5tSs"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
x-download-options: noopen
accept-ranges: bytes
cf-ray: 8a2f5b6f1de9a52e-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0554/0449/4899/t/16/assets/theme.css>; rel="canonical"
x-sorting-hat-podid: 50

GET
H2 200 modernizr-2.7.1.min.js Show response
www.theheadrestsafe.com/cdn/shop/t/16/assets/ 9 KB
5 KB 76ms
75ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/shop/t/16/assets/modernizr-2.7.1.min.js?v=97979361732255975071709842080

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

107dad5add93781ddf6c4562cc6da3dbe5b406bab97930e43df6d6c17a99af26

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-central1
age: 5289866
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=90.297, imageryFetch;dur=56.174, cfRequestDuration;dur=14.999866, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 3818
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 55404494899
x-request-id: 37f4ba42-5d1c-477f-a907-b69eaf3a4c4c-1715644237
last-modified: Mon, 13 May 2024 23:50:37 GMT
server: cloudflare
x-shopid: 55404494899
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J4C3PRBWds352WAQkWXLziiTj6rwENU4HpKhiUXtD9UgdhE0JRLyTgTsFdlw1m2049QWB3HSqfhHm%2Ffit%2FJKwkhgIpe7T6%2Bxlzyxxec17mUE3cEpicd6NqM7oup0cL76tpn8T7KLwiVadTp2TtOwkoPdDbVh"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
x-download-options: noopen
accept-ranges: bytes
cf-ray: 8a2f5b6f1deca52e-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0554/0449/4899/t/16/assets/modernizr-2.7.1.min.js>; rel="canonical"
x-sorting-hat-podid: 50

GET
H2 200 startup.js Show response
www.theheadrestsafe.com/cdn/shop/t/16/assets/ 465 KB
93 KB 76ms
76ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/shop/t/16/assets/startup.js?v=106905136692382181641709842080

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31ad848831e58a121caedeffe3b0934f137ec69ef1670f32ec91c199f0d16f55

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
age: 5289866
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=213.187, imageryFetch;dur=96.329, cfRequestDuration;dur=16.000032, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 94810
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 55404494899
x-request-id: e3c6bea7-1e76-4d0b-8efb-03e022e2a6d7-1715646108
last-modified: Tue, 14 May 2024 00:21:48 GMT
server: cloudflare
x-shopid: 55404494899
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BEO%2Bf0ewsNeWNBUeC%2BOwc%2F7yxx0bxIxkPpsSwX8OWOxBR0UhJNDMoH0Je1NHgfSYJcBQso5poDPP5%2FtDxLUaX0IgHkVzzY%2FFyNEJgeWqPSmzdEjzSaEfgxbMyEJ%2Bho8TYiAVFrc00nh%2FrFfuwtaQCxAeMvO5"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
x-download-options: noopen
accept-ranges: bytes
cf-ray: 8a2f5b6f1deda52e-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0554/0449/4899/t/16/assets/startup.js>; rel="canonical"
x-sorting-hat-podid: 50

GET
H3 200 preloads.js Show response
www.theheadrestsafe.com/checkouts/internal/ 4 KB
2 KB 77ms
72ms Script
application/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

ab20c632f672a892ab2089c60732aae3ab2dbe42d0c4cbed9db7f4349a78f3b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
server-timing: cfRequestDuration;dur=25.000095
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-shopid: 55404494899
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UdMKI4EKJg1y86WwLy7wVRVRDTS8Pf5fFmALY%2BS8niXKfQgPbF9ka%2BrCh3x4Gd3hWLY1k2aTmfQfnpNs4mNrC3XAVvbVK5tfr17S%2F3BVd0k4rCjlalue%2BpCBVxDT1Stjn03nMny6%2FdUQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; encoding=utf-8
access-control-allow-origin: *
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate
timing-allow-origin: *
cf-ray: 8a2f5b6f8c0da548-MIA

GET
H2 200 preloads.js Show response
shop.app/checkouts/internal/ 0
566 B 138ms
58ms Script
application/javascript 2620:127:f00f:ff00::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/checkouts/internal/preloads.js?locale=en-US&shop_id=55404494899

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff00:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=27.999878, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 0
server: cloudflare
x-shopid: 55404494899
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lFqXj5DpAq7KBjAWDemqr5i6dH2VW%2FvLT6pGqA4F0sJZkt6K7GBl7XIddegoNnVhLl5RhXCFK1GhJIQUw2pCuk4iKGiAB96yzNKqlKpvUPtD7KluLWJhxB57BqHXpQiclmNlIaCY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
timing-allow-origin: *
cf-ray: 8a2f5b6ffff05c7c-MIA

GET
H3 200 load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js Show response
www.theheadrestsafe.com/cdn/shopifycloud/shopify/assets/storefront/ 12 KB
4 KB 77ms
70ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 5297753
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=221.546, imageryFetch;dur=26.634, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
content-length: 3324
x-xss-protection: 1; mode=block
x-request-id: b7c22731-0dc7-4eae-a0ec-ff4f17ee9622-1715639751
last-modified: Fri, 03 May 2024 21:27:56 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E0wJQ83PvhJv%2BYSUKTuLRSfwkIeRnq5d8Eh4Zee0Vg46JaNHbdM0v6NQ4%2BSBaVxDD6Zp%2F5fSVEwkzTpFNvPx%2Fi6%2FS8INDvgtbS4ahCQcFIZXBg3BmeiD62aNbpqWEAy3NyYCmsYnxKDB"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
cf-ray: 8a2f5b6f8c10a548-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 storefront-80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8.js Show response
www.theheadrestsafe.com/cdn/shopifycloud/shopify/assets/shopify_pay/ 51 KB
19 KB 77ms
70ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8.js?v=20220906

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 5318957
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=60.750, imageryFetch;dur=35.482, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
content-length: 18677
x-xss-protection: 1; mode=block
x-request-id: 6b608c49-107e-4e11-bfed-5ab1afda9fb5-1715618548
last-modified: Mon, 13 May 2024 16:42:28 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kSfr9gKkoZjU39nu7R%2BRF4Udvdv8YG1kr2k6ObqxLFKb4aCBxwmZTybpABfxneDwFmh3JyUPMPYQkoB7QmZpWv9qlzQfDFIN5c6C622jSghAY%2F7qLBk4O2wydJkRndDbNsyvuuu1jJcp"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
cf-ray: 8a2f5b6f8c12a548-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js Show response
www.theheadrestsafe.com/cdn/shopifycloud/shopify/assets/storefront/ 37 KB
13 KB 77ms
70ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 5296694
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=41.104, imageryFetch;dur=29.181, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
content-length: 12292
x-xss-protection: 1; mode=block
x-request-id: a44af5c0-0bf9-4711-bfd7-2e0800badbbc-1715640810
last-modified: Mon, 13 May 2024 22:53:31 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6RfDCwwNhRuNKLZRaFMj6jHxZbmwEsanhgrSxWU5H9ZyOS4lMeOzR0GAvDSZb8UQXUMcEd4Vx%2Ffisey0YQUvLOucxrdOIUddCkWUV4UWd000nQ8vF8RJKQLVGAg31PfukSY1Prn98qLu"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
cf-ray: 8a2f5b6f8c14a548-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 4 KB
2 KB 155ms
30ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=S7X2K4

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5be60d589eb61d7b067a612dcc7f6148b95bce3707b2ee57f53d464c863c4d8b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 06:11:45 GMT
age: 109126
x-cache: MISS, HIT
content-length: 1057
x-served-by: cache-lga13620-LGA, cache-mia-kmia1760086-MIA
server: nginx
x-timer: S1720937505.331389,VS0,VE1
etag: "2c22de52ddbcc5804c34bf8551327deb"
allow: OPTIONS, GET
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-language: en-us
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
content-type: application/javascript
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 0, 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 287 KB
101 KB 121ms
71ms Script
application/javascript 2607:f8b0:400d:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WBNBCJS

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06f804c5df076ea4717e858540f3a4fbf4c210ae4a8d32094ef3a931c003cb7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102515
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Jul 2024 06:11:45 GMT

GET
H2 200 rkp.loader.js Show response
cdn.ravm.tv/ust/dist/ 1 KB
978 B 250ms
53ms Script
application/javascript 52.85.151.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravm.tv/ust/dist/rkp.loader.js
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.151.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-151-65.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e15c17341c3ab2d7b40ae77693941e098314f330da0ecbc34bfecb6ee5e35578

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: ivBb9xhTBiE6ar3.C_F0iyMFxCe_y04A
content-encoding: gzip
via: 1.1 ba82151bf51e4c722c5305c983d8b71e.cloudfront.net (CloudFront)
date: Sat, 13 Jul 2024 07:17:50 GMT
last-modified: Wed, 24 Apr 2024 14:42:01 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
age: 82436
x-amz-server-side-encryption: AES256
etag: W/"68f0b04c5f40157dc78ecde90db8821f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
x-amz-cf-id: mGKgISjoO7h7_wtSB9zLqhF-P7xIRnO8tf8Nf3Ra8RMjRQdSzZTrWg==

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 159ms
55ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 14 Jul 2024 06:11:44 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 754E586488714614AB01F5360B3D7DD1 Ref B: MIAEDGE2916 Ref C: 2024-07-14T06:11:45Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H3 200 shopify-perf-kit-unstable.min.js Show response
www.theheadrestsafe.com/cdn/shopifycloud/perf-kit/ 17 KB
6 KB 99ms
94ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/shopifycloud/perf-kit/shopify-perf-kit-unstable.min.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

25a2db068c549177333788aefd69394a3f87635c5bfff4e05c35de8f8bab949e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 64
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=249.768, imageryFetch;dur=27.823, cfRequestDuration;dur=14.000177
alt-svc: h3=":443"; ma=86400
content-length: 5478
x-xss-protection: 1; mode=block
x-request-id: 18a3840e-6d77-46c4-a478-d38f95a973a2-1720936623
last-modified: Sun, 14 Jul 2024 05:57:04 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HvBWZOOOfB%2BVc4den2rXFXHf3ije7EaMi9pT8KCMCkXOEKSMeunqDPxyrHUPGAlMpd7YNftqHJOvBBrq1f8euK8rKMqW07ZOeR6CFif%2FhK0njMIfXNfGsYlXN3eRyXIqU4Hys%2F%2FZgxMq"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 8a2f5b6f8c15a548-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/perf-kit/shopify-perf-kit-unstable.min.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H2 200 SEMA-logo.png
cdn.shopify.com/s/files/1/0554/0449/4899/files/ 5 KB
6 KB 48ms
47ms Image
image/avif 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0554/0449/4899/files/SEMA-logo.png?v=1648220138

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c7a1b426e232f59eb45500fbab388e7edff030fee8e8d22e40be040345040a

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 5288957
source-type: image/png
server-timing: imagery;dur=157.751, imageryFetch;dur=50.997, imageryProcess;dur=106.136;desc="image", cfRequestDuration;dur=14.000177, ipv6
source-length: 15405
content-length: 5041
x-xss-protection: 1; mode=block
x-request-id: 6033634b-f428-4d39-828d-61550e2de5ad-1715641976
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 May 2024 23:12:56 GMT
server: cloudflare
x-shopid: 55404494899
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fnshnr5IicAMzQ%2BQA3IwM%2BVZaPi0lUVvl6QrgXSFsWAJS%2FN2CxXm%2BMny34c88%2BeCF9yPz5OI2ItR7TTtDRVleX8Zo3JPkneXBc8yi62EDggd0QStqGbqtzLNxVqmhDVXThQCJdy8XZARbuYVLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0554/0449/4899/files/SEMA-logo.png>; rel="canonical"
cf-ray: 8a2f5b6f3ab65d0e-MIA

GET
H3 200 jquery-1.10.0.min.js Show response
www.theheadrestsafe.com/cdn/shop/t/16/assets/ 91 KB
32 KB 106ms
101ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/shop/t/16/assets/jquery-1.10.0.min.js?v=57374740516698537231709842080

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

36c4c126ade9169c1ff72dee0b5c87f0cdcb73d3a412e7e594b39c7a7ce23255

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
age: 5289866
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=162.548, imageryFetch;dur=122.831, cfRequestDuration;dur=14.000177
alt-svc: h3=":443"; ma=86400
content-length: 31583
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 55404494899
x-request-id: d9fbcc55-0c33-4dee-bb47-752cc8e65f27-1715643219
last-modified: Mon, 13 May 2024 23:33:40 GMT
server: cloudflare
x-shopid: 55404494899
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ok4tP4Y0o7CecLE0ibglS1%2F%2BJc52V0TaCSIwF4rsFeJ8auIJv%2BLSvmVgIlWiZ2VL2AsVZbrHt2i1hOvyN7KuG5%2BOkgQ%2FfWBycSZLYLZ760pTucBGPUpWJu1xw7CMCvmLV210GjpohTZP"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
x-download-options: noopen
accept-ranges: bytes
cf-ray: 8a2f5b6f8c16a548-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0554/0449/4899/t/16/assets/jquery-1.10.0.min.js>; rel="canonical"
x-sorting-hat-podid: 50

GET
H3 200 api.jquery-b0af070cfe3f5cf7c92f9e2a5da2665ee07ed2aad63bb408f8d6672f894a5996.js Show response
www.theheadrestsafe.com/cdn/shopifycloud/shopify/assets/themes_support/ 6 KB
2 KB 137ms
132ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/shopifycloud/shopify/assets/themes_support/api.jquery-b0af070cfe3f5cf7c92f9e2a5da2665ee07ed2aad63bb408f8d6672f894a5996.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

b0af070cfe3f5cf7c92f9e2a5da2665ee07ed2aad63bb408f8d6672f894a5996

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 5295365
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=63.755, imageryFetch;dur=30.270, cfRequestDuration;dur=14.000177
alt-svc: h3=":443"; ma=86400
content-length: 1599
x-xss-protection: 1; mode=block
x-request-id: f513ce59-d1de-43e9-9efc-4225bb1cebfd-1715642140
last-modified: Mon, 13 May 2024 23:15:40 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TKkqjLVaRPybDdnlE3JrBpEolnTlfcFdlqKNwfiuwJk7cCyVd2IVuD%2BzNw2fxXypu5eZvAQjWkUpBDLkNxBPk4lERIAcghI%2BAjh6wgHBFmDZPPtGwxq6O467I4UWV%2FUX5wBZxBhTjnCb"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
cf-ray: 8a2f5b6f8c17a548-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/api.jquery-b0af070cfe3f5cf7c92f9e2a5da2665ee07ed2aad63bb408f8d6672f894a5996.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 88 KB
31 KB 178ms
56ms Script
text/javascript 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 17:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31100
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jul 2025 17:54:21 GMT

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
12 KB 100ms
31ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 14 Jul 2024 06:11:45 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3912979
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11325
x-served-by: cache-fra-eddf8230096-FRA, cache-mia-kmia1760065-MIA
x-jsd-version-type: version
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 custom.js Show response
www.theheadrestsafe.com/cdn/shop/t/16/assets/ 3 KB
2 KB 135ms
131ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/shop/t/16/assets/custom.js?v=164022281512924250611709842080

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

5fe472bdf55045f666bf8626c01836360643cec1ee087f71f39f14b5bb5572ce

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-central1
age: 5314712
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=62.128, imageryFetch;dur=48.276, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
content-length: 733
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 55404494899
x-request-id: e54d0ba5-4d86-4b79-ae85-5ff94184d4a7-1715620961
last-modified: Mon, 13 May 2024 17:22:41 GMT
server: cloudflare
x-shopid: 55404494899
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Ugbym3AjjO3ymg4CYnFZL0dNBOk8A0bXbgR9WXuhZXw2Bl5UhyoMRiX9WFB%2BUM9OvDbI90jK1%2FxFPqs14tm3ffLlqXlee%2FWa8aobcP5Fp26K8JfNwS3%2BzQ18artgnEfdcXo%2FgQl%2Fx7X"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
x-download-options: noopen
accept-ranges: bytes
cf-ray: 8a2f5b6f8c18a548-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0554/0449/4899/t/16/assets/custom.js>; rel="canonical"
x-sorting-hat-podid: 50

GET
H2 200 23307918.js Show response
js-na1.hs-scripts.com/ 2 KB
1 KB 119ms
43ms Script
application/javascript 2606:4700::6810:89d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-na1.hs-scripts.com/23307918.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e166f7414c81efb4397d928034cb2291c1c15e7b7c0ad6add841dba37d327288

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 41673554-ac38-4472-a974-37902991edff
cf-polished: origSize=2085
age: 5283
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 41673554-ac38-4472-a974-37902991edff
cf-bgj: minify
last-modified: Sun, 14 Jul 2024 04:43:42 GMT
server: cloudflare
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.theheadrestsafe.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-wcv89
x-evy-trace-virtual-host: all
access-control-allow-credentials: true
cf-ray: 8a2f5b6ffd884c00-MIA

GET
H2 200 widget.min.js Show response
cdn1.stamped.io/files/ 104 KB
29 KB 214ms
61ms Script
application/javascript 3.162.112.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.stamped.io/files/widget.min.js
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.112.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-112-127.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 268308d4d336856564e6188606756bcbd7d8b33e1fb352dd047f776dc8eaf3d0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: ToEaywiJP3xkct0ZlxvFqSY2mTnuBa_5
content-encoding: br
via: 1.1 0bdcc10f69b746cb367ceb51e88a3d1c.cloudfront.net (CloudFront)
date: Sat, 13 Jul 2024 07:59:15 GMT
last-modified: Fri, 05 Jul 2024 17:07:23 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P2
age: 79951
x-amz-server-side-encryption: AES256
etag: W/"d40c306fca3394fa294243e734670458"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Ep4ETeACb_jOxQjG0xFF2yq1vDYs85_jkXnfFqNI4qrc8F2kJ5lgOg==

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/uptick.matomo.cloud/ 202 KB
59 KB 246ms
70ms Script
application/javascript 2600:9000:2479:c800:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.matomo.cloud/uptick.matomo.cloud/matomo.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2479:c800:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

66201a2c86712b41b428533ccfd867f1f83f702c7080371bd91a3e5b85e1b7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:00:50 GMT
x-amz-version-id: xMFAYlPDndqEScJTuXQIW.FsZ..CrrNW
content-encoding: gzip
strict-transport-security: max-age=31536000
via: 1.1 e28efd1a65ea5d8d42e5dac75c735524.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD61-P3
age: 656
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 29 Apr 2024 01:00:51 GMT
server: CloudFront
etag: W/"a2c666452da7d3de9962da748837d415"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: UccAb3spUICrMxRDJf5l3Q2f-2vk7vmgMuOAMp_6i1RY11pZpqPU5g==

GET
H2 200 vbpx.js Show response
s.vibe.co/ 5 KB
3 KB 308ms
62ms Script
application/javascript 2600:9000:25c8:c000:2:6431:e200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vibe.co/vbpx.js
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:c000:2:6431:e200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e61e17c7280d82614dd947b048c237f69e02463e33c5ed5e60aa59e22be75932

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 07:32:33 GMT
content-encoding: gzip
via: 1.1 e681dabd190d3783884c0bade3bdc5ca.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 81567
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2258
last-modified: Fri, 07 Jun 2024 10:10:52 GMT
server: AmazonS3
etag: "f723a21be650cf6bf91252d40b170e22"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: BNSGf6cjxksKiLKMtFbAEAz_RahxR6jwF9UMh5b8SuWcpqt4B64BUw==

GET
H3 200 b7b287763w75de8ebep01a2177bme7de4691m.js Show response
www.theheadrestsafe.com/cdn/wpm/ 96 KB
33 KB 134ms
132ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

6a84cddfa540c1de5c3aaab337c71963fe18d3af127cefeab67b0a7bf09d35b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 128790
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=175.767, imageryFetch;dur=140.206, cfRequestDuration;dur=12.000084
alt-svc: h3=":443"; ma=86400
content-length: 32674
x-xss-protection: 1; mode=block
x-request-id: 4b3398e2-ab72-40e4-8045-729ec217c37d-1720808713
last-modified: Fri, 12 Jul 2024 18:25:14 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3n5N3yICF745cmnYfd1hNEqD85QOidBvho2np5a5AUa51OC0hb%2BdZJXVyu6z1PffVMlBNTHiHTRyIKbjeTcUntQprScuBHv2AypsdzcuK4fRtniu3zNVg%2BOJnXa4YMfrrpKMaarjY0zf"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8a2f5b6f8c19a548-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 trekkie.storefront.a1ad2ab43a5932ff96084a0e2e69f51ba73ddbec.min.js Show response
www.theheadrestsafe.com/cdn/s/ 114 KB
25 KB 137ms
134ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/s/trekkie.storefront.a1ad2ab43a5932ff96084a0e2e69f51ba73ddbec.min.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

329346116705b9b3a98c506a01c0daff5d2070d4a7115b9caef6735be6244680

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-central1
age: 835981
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=78.551, imageryFetch;dur=55.230, cfRequestDuration;dur=11.999846
alt-svc: h3=":443"; ma=86400
content-length: 24371
x-xss-protection: 1; mode=block
x-request-id: a966ea33-5ec1-466e-a271-262fe2342c6f-1720101523
last-modified: Thu, 04 Jul 2024 13:58:43 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IqTYorL0xQZYIwq4yLndSzRPKbbRXJRPEMtlVjECTpPhzfnC8hN%2FZJ1Z63sqyCv8H%2Banbg%2BZbT85snQW14sAl3Faa4nrUCXHOCibmt8P9%2FFKKh8yo26CuJGgsZpWkzm9oPFV9aOggE1k"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8a2f5b6f8c1aa548-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/s/trekkie.storefront.a1ad2ab43a5932ff96084a0e2e69f51ba73ddbec.min.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js Show response
www.theheadrestsafe.com/cdn/shopifycloud/shopify/assets/ 8 KB
3 KB 161ms
159ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 5291923
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=212.549, imageryFetch;dur=37.576, cfRequestDuration;dur=11.999846
alt-svc: h3=":443"; ma=86400
content-length: 2640
x-xss-protection: 1; mode=block
x-request-id: 24e17d90-b47f-4cec-9563-d2fa2052be16-1715645582
last-modified: Tue, 14 May 2024 00:13:02 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fbhBni4BYaoCvkcaqa2zmrL%2FZLDafHYrEJKCSJlsgeQ%2Fl3RuMGAUpmK%2BlR931rUHi81ndM6lthhkHduoutRLXSgiouDG1Os9P8R03F7moqVAcnAmv0N4aOpj8qBnmrISmys%2B%2B%2Fu6OOik"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
cf-ray: 8a2f5b6f8c1ba548-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 shopify-boomerang-1.0.0.min.js Show response
www.theheadrestsafe.com/cdn/shopifycloud/boomerang/ 61 KB
19 KB 47ms
45ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

468e777478117be830b202b97cdf0304bee6f3d9fd4cb1ce70650ed93b7fa4a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 196239
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=153.947, imageryFetch;dur=24.444, cfRequestDuration;dur=12.000084
alt-svc: h3=":443"; ma=86400
content-length: 18578
x-xss-protection: 1; mode=block
x-request-id: 911944ed-896b-451e-9fdb-d2f1e6052199-1715631936
last-modified: Mon, 13 May 2024 20:25:36 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kr%2Fho7yNT9Ppb8PzfmebS3Udxld0JjoQCCEXvvozQiFlRltxqksBKNaRnxMoKh9ODHErZovtJpss7KdI40VKdK31NqmM4ZAV56EUhc20DiOhRr9epSZONBfwisiEXlJr%2F4OD8VS8KWiX"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
accept-ranges: bytes
cf-ray: 8a2f5b6f7c09a548-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbb566154b4803835135c8599bcc53a0d422819d6388b437bd9b4408a95739a2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cd389a67a4abba059d8cd15a1bb0d662061a3134f28776fd7da38effa8b86fe

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbe99a3dbe3685bbbade15c615c07fd30594743e858e71ca50c392a0523faac7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef48662be834d44e6ea658c62326b3f74bc8ea8a65541c6744f40c2f236e3c71

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62aee7541225afd65b410c06e3bde94a416284023bca342474cb67b954fcf8f6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c99c35f95d220fe98460ccf1f4111e43b4ae2e72c5c6773afdf669ad449a1b8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfe1e4ff024a063e1cb56e4278fc052715e09908468ec807d69ef374d03e8ddb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4227cff16d692769bf0db4111ddadc4e2379e450d5c4485454e98c79e46004f4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6052f33ace2867b278e88a5aa513b19c68b1ef06d486831588629da47e667f6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca91b86af5588703453571d039dc26ed358d2990614c74ce0cce08635b177a4f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c8bebc5287b11fa97a39721c3b0d97d072d71aba546b011e047ef6ccc4066e2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b565fd07ef48a089c18347801d7671ad2486d665b66e2f0476bfdb76b7996c94

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b904262eaf40598db52480e23551e645f2103b7b6a1b758aa13f772a4e54960b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5f8ae4e954e3fc812c2252799aed26e143ba968276974c229fe28792d6132be

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cabin_n4.90cfc8efed7ff88f02d58b22d38933ec75887560.woff2
www.theheadrestsafe.com/cdn/fonts/cabin/ 22 KB
23 KB 86ms
85ms Font
font/woff2 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/fonts/cabin/cabin_n4.90cfc8efed7ff88f02d58b22d38933ec75887560.woff2?h1=dGhlaGVhZHJlc3RzYWZlLmNvbQ&h2=dGhlaGVhZHJlc3RzYWZlLmFjY291bnQubXlzaG9waWZ5LmNvbQ&hmac=f9ed041b0b08e7f5a1c02a5f1939eaf35d1fa7af8eb6954d46fd6667f322d3b2

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/shop/t/16/assets/theme.css?v=33471569244590147041711743752

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

d10915a9f649491d7ae0785d1563051632e9ec57b48ffd27f8e116b9df364aae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/cdn/shop/t/16/assets/theme.css?v=33471569244590147041711743752
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-east1
age: 464239
server-timing: imagery;dur=62.588, imageryFetch;dur=62.027, cfRequestDuration;dur=13.000011, ipv6, cfRequestDuration;dur=26.999950
alt-svc: h3=":443"; ma=86400
content-length: 22876
x-xss-protection: 1; mode=block
x-request-id: 09bd7928-4e37-448f-ad3c-ef80ad710aa5-1719503193
last-modified: Thu, 27 Jun 2024 15:46:34 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0PfrUz6pC7UZApauDKu16OHCDln4%2FKwZ61DwHGZSQdUCjWNd7JYdtp8gGP78zjQWmTmVlnwy%2BByyFsGMGhSRHiw0v8O5zbBZ4PIjAZS723p68T%2FS18OkrFUMxFr1SeVck1JT8C130Aph"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2629800, immutable
accept-ranges: bytes
cf-ray: 8a2f5b700c73a548-MIA
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 691 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b14d1e453214ef22e190e4274a159b3ec5fb06e6abe759e78f8c825392d0deeb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 442 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03065511cc61a52fce5ae9399e727b0be8acc72d8580c6785532ef0ce22e2d72

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a5fd88d95c59c4abaa979775219ba0e13ecfa3170f1a109b6f988b87f5d8eb1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 raleway_i8.9c3123a8dd5fd606719e87f4d0d5f946d74cb53e.woff2
www.theheadrestsafe.com/cdn/fonts/raleway/ 29 KB
29 KB 87ms
86ms Font
font/woff2 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/fonts/raleway/raleway_i8.9c3123a8dd5fd606719e87f4d0d5f946d74cb53e.woff2?h1=dGhlaGVhZHJlc3RzYWZlLmNvbQ&h2=dGhlaGVhZHJlc3RzYWZlLmFjY291bnQubXlzaG9waWZ5LmNvbQ&hmac=20a9d53b800b4d8fefd899d3d1607efccbeeb71d73473a02a12d9279cbf4f761

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/shop/t/16/assets/theme.css?v=33471569244590147041711743752

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

4a9605be20f394b23dbea27e80e6c69fa069b6954ddb9e34a27c09a189dac836

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/cdn/shop/t/16/assets/theme.css?v=33471569244590147041711743752
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-east1
age: 59130
server-timing: imagery;dur=107.830, imageryFetch;dur=107.526, cfRequestDuration;dur=11.999846, ipv6, cfRequestDuration;dur=24.000168
alt-svc: h3=":443"; ma=86400
content-length: 29344
x-xss-protection: 1; mode=block
x-request-id: 4ac383ec-f52e-493e-be7a-85b818a767a2-1720878091
last-modified: Sat, 13 Jul 2024 13:41:31 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RQYxdthb1nWYkVIoOQ7JMFIG%2Fhpfog8tFzHJvj1mCjP0DCwQfUMkVbT69LiEljnOGx5F9raJ1hOeTwY%2BQgCDXeNzX63IBLVZ200BJJsURbzheJAvIwJl06d%2FRet%2BMEpjO0Af8ZuQpbzu"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2629800, immutable
accept-ranges: bytes
cf-ray: 8a2f5b700c74a548-MIA
timing-allow-origin: *

GET
H3 200 raleway_n6.6c405c3e5d61f12e93db56d9d0f418c2881b8452.woff2
www.theheadrestsafe.com/cdn/fonts/raleway/ 27 KB
28 KB 92ms
91ms Font
font/woff2 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/fonts/raleway/raleway_n6.6c405c3e5d61f12e93db56d9d0f418c2881b8452.woff2?h1=dGhlaGVhZHJlc3RzYWZlLmNvbQ&h2=dGhlaGVhZHJlc3RzYWZlLmFjY291bnQubXlzaG9waWZ5LmNvbQ&hmac=510bd7c3b96967fe84fdd1c342be6b313c7109b9e479e7b525180aa3fb633a62

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/shop/t/16/assets/theme.css?v=33471569244590147041711743752

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

92f2b2887cd9bc5badc90238d8a80ceaf8f906959d4a1c1762ff5182279d9a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/cdn/shop/t/16/assets/theme.css?v=33471569244590147041711743752
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-central1
age: 45831
server-timing: imagery;dur=66.341, imageryFetch;dur=66.101, cfRequestDuration;dur=10.999918, ipv6, cfRequestDuration;dur=25.000095
alt-svc: h3=":443"; ma=86400
content-length: 28116
x-xss-protection: 1; mode=block
x-request-id: 4b925087-37f3-42d3-9b4b-32607bdb4086-1719501898
last-modified: Thu, 27 Jun 2024 15:24:58 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ufLpzbk%2FDpX7taszTuCNsGDRtOoyQ4B7ngCSd4maZeHe6cpkmeoswtdW5S8P4xBp3VYWSSra5NefJr8PTWWL3cdU%2FuQGA%2BL37iz1746tXBVU5mWF0JQcaY6jOAH1IuwuHJ7fZy5eSAUt"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2629800, immutable
accept-ranges: bytes
cf-ray: 8a2f5b700c75a548-MIA
timing-allow-origin: *

GET
H3 200 raleway_n8.288f28749538e8dc2fd6dc320317036eff167472.woff2
www.theheadrestsafe.com/cdn/fonts/raleway/ 27 KB
28 KB 92ms
92ms Font
font/woff2 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/fonts/raleway/raleway_n8.288f28749538e8dc2fd6dc320317036eff167472.woff2?h1=dGhlaGVhZHJlc3RzYWZlLmNvbQ&h2=dGhlaGVhZHJlc3RzYWZlLmFjY291bnQubXlzaG9waWZ5LmNvbQ&hmac=efa8775cbc6f9133b40794966ac1fee926af88cf7475c02332dfd606410aa11b

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/shop/t/16/assets/theme.css?v=33471569244590147041711743752

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

4afcd33fa5a1937f55dbfb233d06e1b4bcac7b6bdb1b8e27e482a1261e2b461b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/cdn/shop/t/16/assets/theme.css?v=33471569244590147041711743752
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-east1
age: 59858
server-timing: imagery;dur=73.479, imageryFetch;dur=73.159, cfRequestDuration;dur=8.000135, ipv6, cfRequestDuration;dur=26.000023
alt-svc: h3=":443"; ma=86400
content-length: 27848
x-xss-protection: 1; mode=block
x-request-id: d26a3ad3-e4ee-4c3b-9263-7c40ac130dbf-1720877619
last-modified: Sat, 13 Jul 2024 13:33:40 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qt2jaRuJ2aV2SU7MoviFopoS9omMjhpL1Oivjfai12u3UwRBd6ajbLKX1jv5Uc%2FYpAxSESTUaIpcEnGtj%2FEH0oM1%2FouL0ZZkrriPUuG6fGfH0uoWiOELDpK%2BQwr1NdPRCx5Mp5QtuUSO"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2629800, immutable
accept-ranges: bytes
cf-ray: 8a2f5b700c76a548-MIA
timing-allow-origin: *

GET
H3 200 raleway_n9.df4f31dc4db78ef39d3be0ec584ec69566890b1a.woff2
www.theheadrestsafe.com/cdn/fonts/raleway/ 27 KB
28 KB 113ms
112ms Font
font/woff2 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/fonts/raleway/raleway_n9.df4f31dc4db78ef39d3be0ec584ec69566890b1a.woff2?h1=dGhlaGVhZHJlc3RzYWZlLmNvbQ&h2=dGhlaGVhZHJlc3RzYWZlLmFjY291bnQubXlzaG9waWZ5LmNvbQ&hmac=a89e5f8d0bb30f792065f80b482731437861d3bc68a20b11685b29b40615c7dd

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/shop/t/16/assets/theme.css?v=33471569244590147041711743752

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

f3a998eb2d1b4ae72a180602f372a600ef9640c810f668213b16cd9e3cc275d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/cdn/shop/t/16/assets/theme.css?v=33471569244590147041711743752
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-central1
age: 42306
server-timing: imagery;dur=147.263, imageryFetch;dur=146.914, cfRequestDuration;dur=11.999846, ipv6, cfRequestDuration;dur=23.999929
alt-svc: h3=":443"; ma=86400
content-length: 28112
x-xss-protection: 1; mode=block
x-request-id: af092ddd-1298-4100-a0d8-de427444e255-1719562259
last-modified: Fri, 28 Jun 2024 08:11:00 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0h%2FPp8EOZ8zeANEA5kho533RwbYxwm07ywocacN5I2zQI4CRaf1FkI3C%2FQ5HUm48INYpM6cZcW6qFyie1lytpp0Ap1HHhs8fatnfwowB1mKu1BsdwQzqcGLUwuT36HLr%2B5TniSIrnVJu"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2629800, immutable
accept-ranges: bytes
cf-ray: 8a2f5b700c77a548-MIA
timing-allow-origin: *

GET
H2 200 session Show response
shop.app/pay/ 18 B
3 KB 140ms
77ms Fetch
application/json 2620:127:f00f:ff00::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/pay/session?v=1&token=aeb0c554-4ebf-47b7-8e0b-6b2cc64d3b27&shop_id=55404494899

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8.js?v=20220906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff00:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com https://.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://.hcaptcha.com https://.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://.hcaptcha.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://.hcaptcha.com; frame-ancestors admin.shopify.com https: .myshopify.com admin.shopify.com; report-uri /csp-report?source%5Baction%5D=show&source%5Bapp%5D=ShopServer&source%5Bcontroller%5D=pay%2Fusers%2Fsessions&source%5Buuid%5D=07596747-b279-404a-8a0c-a7fc9beafa9b-1720937505
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=ShopServer&source%5Bcontroller%5D=pay%2Fusers%2Fsessions&source%5Buuid%5D=07596747-b279-404a-8a0c-a7fc9beafa9b-1720937505

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-security-policy: default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://*.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://*.hcaptcha.com; frame-ancestors admin.shopify.com https: *.myshopify.com admin.shopify.com; report-uri /csp-report?source%5Baction%5D=show&source%5Bapp%5D=ShopServer&source%5Bcontroller%5D=pay%2Fusers%2Fsessions&source%5Buuid%5D=07596747-b279-404a-8a0c-a7fc9beafa9b-1720937505
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gcp-us-east1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: CP="Not used"
server-timing: cfRequestDuration;dur=46.000004, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 18
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=ShopServer&source%5Bcontroller%5D=pay%2Fusers%2Fsessions&source%5Buuid%5D=07596747-b279-404a-8a0c-a7fc9beafa9b-1720937505
x-request-id: 07596747-b279-404a-8a0c-a7fc9beafa9b-1720937505
x-runtime: 0.003307
server: cloudflare
etag: W/"9b5179ea2a77fe69b294fbd2ed504eac"
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theheadrestsafe.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=76hMWotvj6s2U0vrjlUVJonVVUELZGKNhgrjDDAA3dv%2BoJeZwVy7PR2Jwi2IqjfPxZNsF1UfEzGbksRKKwhDCloxHTYe240eJZQDKDyeDsflrxlRyQFqWKBonV6HbtXD9nFn8nok"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
vary: Accept, Origin
x-robots-tag: noindex
cf-ray: 8a2f5b70a8df6c87-MIA
x-frame-options: DENY
x-sorting-hat-podid: -1

GET
H2 200 consent-tracking-api.js Show response
cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/ 14 KB
5 KB 44ms
43ms Script
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/shopifycloud/perf-kit/shopify-perf-kit-unstable.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd53a8479388645b34d630f2134c4f8117639270188c2ab5223fe2b37f1d9c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 41
server-timing: imagery;dur=116.350, imageryFetch;dur=31.254, cfRequestDuration;dur=9.000063, ipv6
alt-svc: h3=":443"; ma=86400
content-length: 4471
x-xss-protection: 1; mode=block
x-request-id: 791f12d1-52a0-48f3-a4d2-ae3f4ee2cb76-1720936356
last-modified: Sun, 14 Jul 2024 05:52:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iKCcUYUIKyxZGmjt5SPOZUaEi30U%2FOwZ9Cs78nEZBBpbNqDAsQ0LxJiJopTTCphInSXSFBGH5fQya%2ByraoK7Daf4%2FXwKJo7JZ1UiRaHKsYeKlpfkhEF9RaPO8V6lOrd1nVGwYTNq3QeUzsekNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
cf-ray: 8a2f5b704b4a5d0e-MIA

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 145ms
72ms Script
application/javascript 2606:4700::6810:6efe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/23307918.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6efe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=8a2f5b70c8712260-MIA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"7d377a186677c174f204d466b8fa5fdb"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: collected-forms-embed-js/static-1.503/bundles/project.js
date: Sun, 14 Jul 2024 06:11:45 GMT
x-amz-version-id: WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
x-content-type-options: nosniff
cf-cache-status: EXPIRED
via: 1.1 7375f2360b80ec8c602f04aa2cc7a57c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 6dbdfce5-e32f-4ea8-9122-e73c04656157
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-request-id: 6dbdfce5-e32f-4ea8-9122-e73c04656157
last-modified: Wed, 15 May 2024 14:34:44 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-8zszv
cf-ray: 8a2f5b70c8712260-MIA
x-amz-cf-id: agGrF4Rp0dtVdSxaeaSEWRQE3HBDdrjpQWDQstnPZtZVDf2DeIwpfw==

GET
H2 200 23307918.js Show response
js.hs-analytics.net/analytics/1720932000000/ 67 KB
24 KB 163ms
94ms Script
text/javascript 2606:4700::6811:afc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1720932000000/23307918.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/23307918.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a35912346539e4bbb959ccf61c9b89decd7809ce93588f352dca6f6c8f232283

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: 70D44PABS1YJKZ71
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 0c00a5ad-528d-4f94-a6bb-655fd2c39b84
x-envoy-upstream-service-time: 25
x-amz-id-2: aEWeqaRVkMJ4u2srJhzdI78rh6JYLGbFMxqvZd1FgyB1GPt9i1bNaZIvLhhNEs58C2aUUkARGyjDSgkWlPR48pUjwJi4c7p9
x-evy-trace-listener: listener_https
x-request-id: 0c00a5ad-528d-4f94-a6bb-655fd2c39b84
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 09 Jul 2024 18:28:34 GMT
server: cloudflare
etag: W/"d1ec60a690ba1cb18616896df7f056af"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-w85d2
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8a2f5b70ec58a56a-MIA
expires: Sun, 14 Jul 2024 06:16:45 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 82 KB
24 KB 185ms
76ms Script
application/javascript 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/23307918.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

223ce47ad1f37b0e8d8d12e8333faa417930d86e8a2b69e932364cd4fa725310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1232/bundles/project.js&cfRay=8a2f5b713bf731fb-MIA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"a72ef6dcb4ff7248d922f14d4297ff6d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1232/bundles/project.js
date: Sun, 14 Jul 2024 06:11:45 GMT
x-amz-version-id: VlZofOO6XLIMBEw0GCyKL1V6eti3_6c2
x-content-type-options: nosniff
cf-cache-status: EXPIRED
via: 1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 3fd5d8ef-992e-45a9-ab21-90fde9466e01
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-request-id: 3fd5d8ef-992e-45a9-ab21-90fde9466e01
last-modified: Wed, 10 Jul 2024 15:31:47 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Igua%2FUsgDAUSTJqyrG7VbTl5VEgS8hd9yYzBd2KQVbBR%2Ft14c3HiCmgGyvy39oDxuEX845oCDrvYqg%2Fw4E1lK2Gl7wGZDFs86uytn79CF88jNOLq9AZkpEXUHNQJDS%2FdISY%2BQGUB8mwIJNgN"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-zrgzf
cf-ray: 8a2f5b713bf731fb-MIA
x-amz-cf-id: QFI_BSEuXusmf48VhDyo0zcRIDGIM3I56TYTF628QYAyQEofCvw_cw==

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/23307918/ 71 KB
26 KB 197ms
131ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/23307918/banner.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/23307918.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5557d5abe402b6563a64e9a6be95d06aa107d1681bc103669cb04c3b2a73388

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
x-amz-version-id: Eyn8GXHkECzdby5J0q5qGkJ7T.7.qrBf
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: WXJP5J0MXM49TXAE
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: e400886e-4e02-4b8c-8f54-ddce623ce2f7
x-envoy-upstream-service-time: 74
x-amz-id-2: B5MTAu47PWRqGezHWsq3u+1eLSxCM+IlWsp1Q22YCHS9ZuXT8XD6IyM88Aw+LbiM+7GOk+So67U=
x-evy-trace-listener: listener_https
x-request-id: e400886e-4e02-4b8c-8f54-ddce623ce2f7
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 15 Apr 2024 16:53:55 GMT
server: cloudflare
etag: W/"c8dd9aed5aa2946fb4592a39f2758540"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.theheadrestsafe.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-647fb
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8a2f5b716f406dda-MIA
expires: Sun, 14 Jul 2024 06:16:45 GMT

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e1c75bd4ae7a1ee5ff76bb25673634ea075642f67394683f3b833df0102333c

Request headers

Referer
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 pixel.modern.js Show response
www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/app/web-pixel-141590579@8b3843af2d71780cfb83fdde884ce168/ 5 KB
2 KB 47ms
46ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/app/web-pixel-141590579@8b3843af2d71780cfb83fdde884ce168/pixel.modern.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

d58f86b1e008729029696408d6623de88b0f746e53f9a0bb09db956a7ff3089e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-encoding: br
x-permitted-cross-domain-policies: none
age: 125667
x-shopify-nginx-no-cookies: 0
server-timing: processing;dur=21, db;dur=6, asn;desc="7018", edge;desc="MIA", country;desc="US", servedBy;desc="t7zk", requestID;desc="26bd6d7d-5e89-4782-9bf0-4e6fe121910f-1720811838", cfRequestDuration;dur=13.999939
x-sorting-hat-shopid: 55404494899
x-shardid: 50
x-storefront-renderer-rendered: 1
etag: "cacheable:e61eebcd3caaec2bafa5fbb821ea0a0c"
x-shopid: 55404494899
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding
content-type: text/javascript; charset=utf-8
content-language: en
cache-control: max-age=31536000, public
x-robots-tag: noindex, nofollow
date: Sun, 14 Jul 2024 06:11:45 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
x-cache: miss
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 26bd6d7d-5e89-4782-9bf0-4e6fe121910f-1720811838
server: cloudflare
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yckesxNDnBj3nlGXXDhn2LClc7JmHLEKG%2Fw%2BRBZ7kCB4sph7oBgKbO7m%2BxA4Ledas%2FNSG9MEoVNsnSTkRgMaMg3H0KIa3TvkVpxVdg4Tdv6ARqkhzsKygHPKDhbMiRl7Jyge9qMeRMLn"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a2f5b709ccca548-MIA
x-sorting-hat-podid: 50

GET
H3 200 / Show response
www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/custom/web-pixel-17891379@1/sandbox/modern/ Frame 3BDA 42 KB
17 KB 46ms
46ms Document
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/custom/web-pixel-17891379@1/sandbox/modern/

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

b4c6e27247fbeee03f9b76bc4455a9f236d0127b20d8e66732210a69cb591daa

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 125667
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000, public
cf-cache-status: HIT
cf-ray: 8a2f5b70acd2a548-MIA
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Sun, 14 Jul 2024 06:11:45 GMT
etag: "cacheable:e7ad4ed4825f5dac26621328beec37cc"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ii0NwZicxasC%2F93fJV2mimODZirtren8ftRn%2FpWf0MT%2BNAcre92XMNtZo5YxPAKJdF8t8pP491R8sdIRfuF1YnYZIaP7vah2nVVSfcOa2di0LMIWRtf4NVF5QFbGqbGUCxxmLG1AsoW%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=34;desc="gc:1", db;dur=6, asn;desc="7018", edge;desc="MIA", country;desc="US", theme;desc="127789629491", servedBy;desc="dvpc", requestID;desc="e596ba23-4aac-44a8-9d94-d3c14fc585ce-1720811838" cfRequestDuration;dur=13.999939, earlyhints
strict-transport-security: max-age=7889238
vary: Accept, Accept-Encoding
x-cache: miss
x-content-type-options: nosniff
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: e596ba23-4aac-44a8-9d94-d3c14fc585ce-1720811838
x-robots-tag: noindex, nofollow
x-shardid: 50
x-shopid: 55404494899
x-shopify-nginx-no-cookies: 0
x-sorting-hat-podid: 50
x-sorting-hat-shopid: 55404494899
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

GET
H3 200 / Show response
www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/custom/web-pixel-19497011@1/sandbox/modern/ Frame 4554 42 KB
17 KB 46ms
46ms Document
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/custom/web-pixel-19497011@1/sandbox/modern/

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

294f1d012e6ba5066a5f9a28090718f16e436f3b1521920f13fab7b01c549b8c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 125667
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000, public
cf-cache-status: HIT
cf-ray: 8a2f5b70acd3a548-MIA
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Sun, 14 Jul 2024 06:11:45 GMT
etag: "cacheable:6fbf34447def11f34ffa532231ccf61a"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hI44q9B1SiNFhn925PHePHHqFbJ7LEYBO8Bgpq1SgkhN8Kq2KDm1lTuYvqktNmKkP2HpWhwNdCREJ5Gaq%2B6LfjO47cZAAlMoqpzE29P%2F1eccZf%2BomTAacWZ39EYBgBodY25hk8Fsk5%2Fj"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=24, db;dur=5, asn;desc="7018", edge;desc="MIA", country;desc="US", theme;desc="127789629491", servedBy;desc="t7zk", requestID;desc="b34cc416-9c0c-4777-b262-4b2cdbfe458e-1720811838" cfRequestDuration;dur=13.999939, earlyhints
strict-transport-security: max-age=7889238
vary: Accept, Accept-Encoding
x-cache: miss
x-content-type-options: nosniff
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: b34cc416-9c0c-4777-b262-4b2cdbfe458e-1720811838
x-robots-tag: noindex, nofollow
x-shardid: 50
x-shopid: 55404494899
x-shopify-nginx-no-cookies: 0
x-sorting-hat-podid: 50
x-sorting-hat-shopid: 55404494899
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

GET
H3 200 / Show response
www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/custom/web-pixel-23068723@2/sandbox/modern/ Frame FDB6 42 KB
17 KB 48ms
47ms Document
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/custom/web-pixel-23068723@2/sandbox/modern/

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

9861864ff7392728fc4f25057ab6383812899db7b7709d48d6f21cc2926e9bc8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 125667
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000, public
cf-cache-status: HIT
cf-ray: 8a2f5b70acd5a548-MIA
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Sun, 14 Jul 2024 06:11:45 GMT
etag: "cacheable:e6b3053f5c69709ab7066b40db7fff50"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1AhoK7ry5tj3bkHerCAz8Fa9VN%2F7XG3rEJjrrYXiXpuVZZvkFH%2BrTSXQ%2FdNVMwS1PDmoi7zFKLO8KjA%2F6wPqzec9IJ39a2JUdP0qYMVT0jhXGx%2Bs7krGpibXM462ITqRpBstfB5pwBCr"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=32, db;dur=5, asn;desc="7018", edge;desc="MIA", country;desc="US", theme;desc="127789629491", servedBy;desc="94bm", requestID;desc="aac407be-32e8-4fbc-80a2-dd5edcb53491-1720811838" cfRequestDuration;dur=14.000177, earlyhints
strict-transport-security: max-age=7889238
vary: Accept, Accept-Encoding
x-cache: miss
x-content-type-options: nosniff
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: aac407be-32e8-4fbc-80a2-dd5edcb53491-1720811838
x-robots-tag: noindex, nofollow
x-shardid: 50
x-shopid: 55404494899
x-shopify-nginx-no-cookies: 0
x-sorting-hat-podid: 50
x-sorting-hat-shopid: 55404494899
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

GET
H3 200 / Show response
www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/custom/web-pixel-shopify-custom-pixel@0132/sandbox/modern/ Frame 98E4 41 KB
17 KB 48ms
47ms Document
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/custom/web-pixel-shopify-custom-pixel@0132/sandbox/modern/

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

0e9060cded9f171fd71f869970e1e2afa0f7600c13f8fdabc755bc364aed09fe

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 125667
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000, public
cf-cache-status: HIT
cf-ray: 8a2f5b70acd9a548-MIA
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Sun, 14 Jul 2024 06:11:45 GMT
etag: "cacheable:c210b03886eab4afbe23f62e78a3286a"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DehFgnTWacO1I5nvfG9fAiM5Jl5yomgLeLpLQOZNYivj8%2Bg3ES1VJxv93eqOnWAgU8WDE%2Ba4YrpdRpQ9ZLMKbh1dk3Oqzag5USOlG4%2Fl%2Fk1Q6rp4ULPr%2FbIJczQnINZx0cYDYAAcNrJq"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=26;desc="gc:3", db;dur=4, asn;desc="7018", edge;desc="MIA", country;desc="US", theme;desc="127789629491", servedBy;desc="v8gv", requestID;desc="cb13c120-ca0c-4437-8cf9-cf0088a1e53d-1720811838" cfRequestDuration;dur=14.000177, earlyhints
strict-transport-security: max-age=7889238
vary: Accept, Accept-Encoding
x-cache: miss
x-content-type-options: nosniff
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: cb13c120-ca0c-4437-8cf9-cf0088a1e53d-1720811838
x-robots-tag: noindex, nofollow
x-shardid: 50
x-shopid: 55404494899
x-shopify-nginx-no-cookies: 0
x-sorting-hat-podid: 50
x-sorting-hat-shopid: 55404494899
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

GET
H3 200 worker.modern.js
www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/web-pixel-shopify-app-pixel@0132/sandbox/ 41 KB
17 KB 44ms
44ms Other
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/web-pixel-shopify-app-pixel@0132/sandbox/worker.modern.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

0cfdf75928053dc8776dc45e0f679229b05e8182e8092a5b835c19c9dd840be5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-encoding: br
x-permitted-cross-domain-policies: none
age: 125667
x-shopify-nginx-no-cookies: 0
server-timing: processing;dur=39;desc="gc:4", db;dur=4, asn;desc="7018", edge;desc="MIA", country;desc="US", servedBy;desc="fj4t", requestID;desc="da582487-5c97-4f6d-99d1-6c3a3fd28cd8-1720811838", cfRequestDuration;dur=11.999846
x-sorting-hat-shopid: 55404494899
x-shardid: 50
x-storefront-renderer-rendered: 1
etag: "cacheable:f96666cf71145e76ee41e8306af7bb78"
x-shopid: 55404494899
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding
content-type: text/javascript; charset=utf-8
content-language: en
cache-control: max-age=31536000, public
x-robots-tag: noindex, nofollow
date: Sun, 14 Jul 2024 06:11:45 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
x-cache: miss
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: da582487-5c97-4f6d-99d1-6c3a3fd28cd8-1720811838
server: cloudflare
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mp%2BzrH4T440vSXWQ07dyBGJwSAx%2BeV%2FGiW%2F8VOFQCJRPXA11E7UgbzQbYr%2FNupplrotL4hz0suX%2FDroXQleWuTuAxHZzSCM4f2XVJB4W2UBaAIEYI3xJSOUjlfn7DhPw%2F7tWJtzqM6PS"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a2f5b70fd07a548-MIA
x-sorting-hat-podid: 50

GET
H2 200 fender_analytics.f692ee00c71150d7db91.js Show response
static-tracking.klaviyo.com/onsite/js/ 31 KB
13 KB 176ms
30ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.f692ee00c71150d7db91.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=S7X2K4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 5WJy..Lo4mK2jnII0rHa1l5haINArMgZ
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 06:11:45 GMT
x-amz-request-id: 41Y2RTP149KA3F25
age: 109364
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12748
x-amz-id-2: mKL1xWMRGO3xerTYlPL0yRvVbZ5DZgnzOEYw7UzT/IairFK8mTlaNUFMOeD5za6kjnB4D8Fzjtw=
x-served-by: cache-lga21947-LGA, cache-mia-kmia1760056-MIA
last-modified: Thu, 11 Apr 2024 15:48:20 GMT
server: AmazonS3
etag: "cb6418619f08d5e582cf68f2d2432438"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: f762585ddd3a013913c4e420e75aa2819d1084f2
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 2, 79295

GET
H2 200 static.500134348b1f0969ffe3.js Show response
static-tracking.klaviyo.com/onsite/js/ 2 KB
2 KB 170ms
33ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=S7X2K4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 2L_.X11dgB5ItJdIxOLpsdUl7RuAaHwi
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 06:11:45 GMT
x-amz-request-id: F82JVRQFRQE0D0ND
age: 109365
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 2183
x-amz-id-2: XmO+iStmg5njyuMH7vXkQdM03SQBJDOIcVKuFvHQmczFeeUes7JtthO+XbG+RcAUTnJlfLyP1tUWCT8PTcmHv+9kgXg+SY0S
x-served-by: cache-lga21976-LGA, cache-mia-kmia1760056-MIA
last-modified: Wed, 27 Mar 2024 10:30:34 GMT
server: AmazonS3
etag: "64de10774c3382fe4adddab07ea17f0d"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 2825b63e6933b08d1be25eea4d99ad73625b8faa
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 3129, 87449

GET
H2 200 runtime.765ff78e9894f774c2b4.js Show response
static.klaviyo.com/onsite/js/ 20 KB
8 KB 91ms
30ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/runtime.765ff78e9894f774c2b4.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=S7X2K4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8f8c0775cc2ea1769238d75afb9f2af2108e115eadd7e26bdace4e48de9b19b

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 08T5eBkGgVEwE7Dlo2aL9lUWz2jOTXjT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 06:11:45 GMT
x-amz-request-id: C6TPXJF0XZ0PW9PA
age: 109365
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 7694
x-amz-id-2: jA9nmQ6C+ZMPLNY0GP61q6ts3NqdiTzQROPFJG6o4nTvNKPqlQ2Q0oZLtVUUpB0LlbuUC+B7kNE=
x-served-by: cache-lga21947-LGA, cache-mia-kmia1760045-MIA
last-modified: Fri, 12 Jul 2024 18:29:33 GMT
server: AmazonS3
etag: "9a28566b6cf85f3a7f7c50956b1a4c51"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 5951a217769c58abb4323a4ac993e2aaaacfdc16
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 42, 93104

GET
H2 200 sharedUtils.58c71a5d906c1c27c8e6.js Show response
static.klaviyo.com/onsite/js/ 48 KB
18 KB 93ms
32ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.58c71a5d906c1c27c8e6.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=S7X2K4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43f84fc07ca84521ccdd33195be1d62cbe8b43720aecc3e26d859b15061c3b30

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: ITWaxvCLmiXAceusM0.5yRJFy.eMUuuz
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 06:11:45 GMT
x-amz-request-id: FY7ATG7XXCNQ66H2
age: 109365
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 17916
x-amz-id-2: dnsW8FA9YHOznUgcBOOipeCChPutGh4+MstMRwg50IZcDj4sMsAEPm03Ts6wH4QAP830M5Y+miU=
x-served-by: cache-lga21941-LGA, cache-mia-kmia1760045-MIA
last-modified: Thu, 27 Jun 2024 09:36:48 GMT
server: AmazonS3
etag: "6cc01be3baf017cfa85878bcac0f9e8f"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 912e2bb7dd18552828727b3c1954397389e047e7
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 155, 84114

GET
H2 200 vendors~signup_forms~post_identification_sync~onsite-triggering.c14341885543cb645efc.js Show response
static.klaviyo.com/onsite/js/ 12 KB
4 KB 92ms
32ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms~post_identification_sync~onsite-triggering.c14341885543cb645efc.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=S7X2K4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2222a907ad2fb7ba41f4a997ef171321add118fc95f14be074debc3290e1ac59

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Ez16MoxhPquxXdlhYF9sWgpH9m1QDXhm
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 06:11:45 GMT
x-amz-request-id: RC12JSQ3R2B07EYD
age: 109365
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 4100
x-amz-id-2: p7UZsp5JEN6wbLK2qdMQiZclhFKdFs4cb20pOOn9PVKbj9SooS36vR7ofoo/uX+CX/Nk+9WS8KGYF+3M3QRlD7eNxjq71Z+e
x-served-by: cache-lga21980-LGA, cache-mia-kmia1760045-MIA
last-modified: Mon, 24 Jun 2024 13:00:51 GMT
server: AmazonS3
etag: "9ffe3c33ee0912112ebffc1673dcb79e"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 1ba971f639266cabe55904cbeae0edad9add3ed4
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 8, 65079

GET
H2 200 vendors~signup_forms.02363fe5acd5fa75cb6b.js Show response
static.klaviyo.com/onsite/js/ 21 KB
7 KB 92ms
31ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=S7X2K4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0a9caf662f6ac36c25690c76124101ec7ee0d8937734ddf35ffa89dfb7120ad

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Mekwof6XjI4q2BHYhTSsMqFmFe4SDBfo
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 06:11:45 GMT
x-amz-request-id: RC1EAVJFCYCYTEDW
age: 109365
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 6996
x-amz-id-2: hXz2idQOMfvufPQKWZX9zk3PUt+OZnC/NjRGF7CqBFcdHgDlBey9v48kAMOPi/ieP96Pmm9RUjHnRiSsZxSO8IqTE5wpOq6A
x-served-by: cache-lga21949-LGA, cache-mia-kmia1760045-MIA
last-modified: Mon, 24 Jun 2024 13:00:51 GMT
server: AmazonS3
etag: "61ccc2011600d4f458768ffe94ddb555"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 1ba971f639266cabe55904cbeae0edad9add3ed4
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 7, 63722

GET
H2 200 default~signup_forms~onsite-triggering.880bde204b8ee5a4bc37.js Show response
static.klaviyo.com/onsite/js/ 32 KB
9 KB 118ms
58ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/default~signup_forms~onsite-triggering.880bde204b8ee5a4bc37.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=S7X2K4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 914f159ab6f0a08a1cec049c6ed2b02c6dce9a3c6a5d7103c1028baf5c6ddfcd

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: TCLdJkL8Iy0EL9kJPG2XU3Ulc0EcHiYO
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 06:11:45 GMT
x-amz-request-id: CPRP7MF7AHSYEWER
age: 109365
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 9251
x-amz-id-2: l0ozQ6LhzI0QJ2qQ8NlubwXKpVFMEIUuoPByJZARCUQQstPH1mf16K7R9fasrlb/iNTN3TvJjF/eidQgRixc35EZNsNmmsKcBHPQS18HQKo=
x-served-by: cache-lga21940-LGA, cache-mia-kmia1760045-MIA
last-modified: Tue, 02 Jul 2024 18:50:16 GMT
server: AmazonS3
etag: "d6b76df89ecf86204b5fe867d284de34"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: c4f147782cde260d619a1c566ff3b2560e3ad660
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 77, 64739

GET
H2 200 signup_forms.6a972a58c16254a9f1c7.js Show response
static.klaviyo.com/onsite/js/ 14 KB
5 KB 117ms
57ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signup_forms.6a972a58c16254a9f1c7.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=S7X2K4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4f459599d92979623b52c45d6b3775486f92cb00db55621b43799cfd91bf98f

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: bQ2zCRyZKHh.rDJ1xI_V0BLETa9p9yAu
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 06:11:45 GMT
x-amz-request-id: XB5KNB0S4CZMK3XP
age: 109365
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 5138
x-amz-id-2: Fu134mf2p8y4q4ahgn0Dld8hhdu6CEIgNaRdH8F5QSURuwehsLpLtLCbR5Sgu2uU4nzuUbMdQI4=
x-served-by: cache-lga21931-LGA, cache-mia-kmia1760045-MIA
last-modified: Thu, 27 Jun 2024 16:31:42 GMT
server: AmazonS3
etag: "eed975187f707457bafc3d36797f3ab1"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: dab50ba5f2ff41d14ab217987084867b2749f75b
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 7, 65375

POST
H3 200 produce_batch
www.theheadrestsafe.com/.well-known/shopify/monorail/unstable/ 0
778 B 84ms
82ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/s/trekkie.storefront.a1ad2ab43a5932ff96084a0e2e69f51ba73ddbec.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=52.999973
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: 36ef8653-1724-4aa2-81de-9c4f2696bb70
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fekJB8ajl%2BeMGfmSNKzHR45xWpHEMGujNHkmWYcIa1oWn5apT%2F7B4m0j1NYtdol746LkgRnsf1z7sskVF%2FtZ4sHmIbSUfEMitvEKpiVUSYJh95SllBUznWU5nuXfW8JRREWF99hO1cTY"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.theheadrestsafe.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 8a2f5b711d13a548-MIA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 171ms
56ms Script
text/javascript 2607:f8b0:4004:c09::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/s/trekkie.storefront.a1ad2ab43a5932ff96084a0e2e69f51ba73ddbec.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 14 Jul 2024 04:30:02 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6103
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 14 Jul 2024 06:30:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
85 KB 72ms
72ms Script
application/javascript 2607:f8b0:400d:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-5NRBKH9

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/s/trekkie.storefront.a1ad2ab43a5932ff96084a0e2e69f51ba73ddbec.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f48cd45b01f4832b0d397faddc762a96a638a9f645b3ddb9d69f2b06ebcf371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86443
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Jul 2024 06:11:45 GMT

GET
H2 200 343124210.js Show response
bat.bing.com/p/action/ 334 B
405 B 57ms
57ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343124210.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0170197caffee3d73fe659b2b65d4c50b88310d98752d7dba0e7988e7dfe4376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sun, 14 Jul 2024 06:11:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 45CFDF22A42A4848A9F406D9DC73B33A Ref B: MIAEDGE2916 Ref C: 2024-07-14T06:11:45Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

POST
H3 200 produce_batch
www.theheadrestsafe.com/.well-known/shopify/monorail/unstable/ 0
779 B 84ms
83ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/s/trekkie.storefront.a1ad2ab43a5932ff96084a0e2e69f51ba73ddbec.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=52.000046
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: be194657-7db9-46b2-9b23-3e2c76dac102
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C2MkI4EnTfUcisuI3Xipwv3LQC4%2FUhUTClB8Rkw23Jr8cMhwnmZTio3GhA3aOD2L1GY0TXqcxSk5SS6RkAqJfZLCNrq7Xz9bDbe6lTVREcUvtJz%2Bj9SDASgDf8p1I7gzoGyou%2FZdSKW6"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.theheadrestsafe.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 8a2f5b727ddea548-MIA

POST
H3 200 produce_batch
www.theheadrestsafe.com/.well-known/shopify/monorail/unstable/ 0
778 B 83ms
82ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/s/trekkie.storefront.a1ad2ab43a5932ff96084a0e2e69f51ba73ddbec.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=50.999880
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: fd329379-e2cd-4a72-ac17-84a530df273f
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8vy4hAQy5t6S7vxhQVS3hI2yJuBPTaHcUqfrclFb7KfjYW%2Bo4GAWvE2%2BXfM2R9paRKGa41RW2ORbq7sU2B8eFbtn4gUlTYPcn%2BzTKQA1ZCPBPHiW9NOKX7pikdNrOBqqjmE77kCjKx11"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.theheadrestsafe.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 8a2f5b727de4a548-MIA

POST
H3 200 produce_batch
www.theheadrestsafe.com/.well-known/shopify/monorail/unstable/ 0
780 B 84ms
83ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/s/trekkie.storefront.a1ad2ab43a5932ff96084a0e2e69f51ba73ddbec.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=52.000046
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: e51cdc4e-7ca3-41ac-b25d-c45bd6e8683d
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aHCWn%2FFBYIfOTGmZ3P%2F9I1Mzg33O6rQi67yWw4OxscU5Q3Zw7%2BZj85KJnGLPQrsZHxkU05e5MkfiwOALOFRzKaS8GcEpOYFvm59VvjJY3Yxbkm7ydje1QRXF5P6g3WBnTIXlVNtDADap"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.theheadrestsafe.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 8a2f5b727de5a548-MIA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 223 KB
60 KB 173ms
58ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/app/web-pixel-141590579@8b3843af2d71780cfb83fdde884ce168/pixel.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 14 Jul 2024 06:11:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58653
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=12, mss=1297, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: D2knGHxWoejjiN+Rwi3b/f8UW42fkD8r8kBKAMPd3Cv+ptYpT3gPmPJm0KIgpht0cyxN0XBiKPYYl6CQe8E0RQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 widget.min.css
cdn1.stamped.io/files/ 105 KB
18 KB 61ms
61ms Stylesheet
text/css 3.162.112.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.stamped.io/files/widget.min.css
Requested by: Host: cdn1.stamped.io
URL: https://cdn1.stamped.io/files/widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.112.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-112-127.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 621d3307d6abb417c3190b7116359afb5bc6e4523482803b3cd544dfc7f2f3f8

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: PXVPfhYGgPUPIXHH4NYmY0in0DdLAlIg
content-encoding: br
via: 1.1 0bdcc10f69b746cb367ceb51e88a3d1c.cloudfront.net (CloudFront)
date: Sat, 13 Jul 2024 08:38:22 GMT
last-modified: Wed, 30 Aug 2023 18:53:44 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P2
age: 77604
x-amz-server-side-encryption: AES256
etag: W/"d9b8def00576b61976ba25954bcd4115"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: zTjoMMdyruvbRMVSGKQDgpcSop9ho8JWa8E4t4CW34kqfnuf2H6Ilg==

GET
H2 200 getappkey Show response
stamped.io/api/ 62 B
178 B 404ms
139ms XHR
application/json 35.83.196.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stamped.io/api/getappkey?shopShopifyDomain=theheadrestsafe.myshopify.com
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.83.196.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-83-196-164.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: bbc0f7b2f6f9ed404bbd1d58d7a2b6fd2372fd69070a51f418527c31de07108c

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 14 Jul 2024 06:11:46 GMT
content-length: 62
vary: Origin
content-type: application/json; charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ 11 KB
2 KB 181ms
66ms Stylesheet
text/css 2607:f8b0:400d:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c0c4dc54f76b3ed86c0ffe83ff98f7d2b0cd8c3de92bca47159b3dd8d948b78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 05:43:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Jul 2024 06:11:45 GMT

GET
DATA 200
OK truncated
/ 628 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c15bbada916387381018033bf829b5845ac74c6fb78a6c8be67f0043b4cbb7a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 Horizontal_Primary_TM_Logo_192x96.png
www.theheadrestsafe.com/cdn/shop/files/ 4 KB
5 KB 51ms
50ms Image
image/avif 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theheadrestsafe.com/cdn/shop/files/Horizontal_Primary_TM_Logo_192x96.png?v=1689091785

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

50484055ebfc53a44e9f8e9811a237b6822db9a801d68f3b7c23378887c56d26

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 882614
x-permitted-cross-domain-policies: none
source-type: image/png
server-timing: imagery;dur=265.669, imageryFetch;dur=74.178, imageryProcess;dur=190.109;desc="image", cfRequestDuration;dur=16.999960
source-length: 10298
content-length: 3935
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 55404494899
x-request-id: 92f90345-6eda-4a7d-a2a9-90b8289dbb4b-1718326283
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 14 Jun 2024 00:51:23 GMT
server: cloudflare
x-shopid: 55404494899
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=io28egrBztmdV4qHpx8pnw9gQwp4aYRVWX1ZkiX1xXrrZULOW3BT9nHMuQRb3DyZFLSe580%2Fi0PT0clJ4fhTpgax95Rn4bCV61wSwVNmk3%2BEMkgh2FbEpROHaKK32RC8Xt8ndwkpFw9%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
x-download-options: noopen
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a2f5b72fe3aa548-MIA
x-sorting-hat-podid: 50

GET
H3 200 keyfeatures-hrs_416x448.png
www.theheadrestsafe.com/cdn/shop/files/ 21 KB
22 KB 54ms
53ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theheadrestsafe.com/cdn/shop/files/keyfeatures-hrs_416x448.png?v=1712585347

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

49406c89d61a8ed492f4cca818fcd90d1262c3a69c177f20cbb006ab40a90952

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 882614
x-permitted-cross-domain-policies: none
source-type: image/png
server-timing: imagery;dur=196.085, imageryFetch;dur=90.015, imageryProcess;dur=104.061;desc="image", cfRequestDuration;dur=21.000147
source-length: 103467
content-length: 21168
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 55404494899
x-request-id: d0b86400-bb29-4f14-ab04-ffe168ef4811-1715622258
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 May 2024 17:44:18 GMT
server: cloudflare
x-shopid: 55404494899
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5RqUNqYiYnhz4qli9GImxCWVNBDaFIQMrHP8XaotlH3kt02b93ogJB%2BN9HMxXlKZdC7EoYO1AopfKc78hjSmBVaLGlXeRgqbwheyUQXX%2BVrZEnG6NHnYAvYSObVDCI6SpxzWYCPF2CVD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
x-download-options: noopen
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a2f5b72fe3ba548-MIA
x-sorting-hat-podid: 50

GET
H3 200 VulcanBundlewithLock_480x320.png
www.theheadrestsafe.com/cdn/shop/files/ 8 KB
9 KB 46ms
45ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theheadrestsafe.com/cdn/shop/files/VulcanBundlewithLock_480x320.png?v=1691433106

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

085d9ae442d664271ecd0b2f7b457a9b8bef3d2828a8cb482c2358019f1c379a

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 3160467
x-permitted-cross-domain-policies: none
source-type: image/png
server-timing: imagery;dur=154.304, imageryFetch;dur=47.154, imageryProcess;dur=106.285;desc="image", cfRequestDuration;dur=13.000011
source-length: 368579
content-length: 8038
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 55404494899
x-request-id: f76bd950-d8a8-4222-864c-62fb1c72b5d4-1715643937
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 May 2024 23:45:37 GMT
server: cloudflare
x-shopid: 55404494899
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UyuMaKXVuThOE5rs4lSX3jTbNx%2BcmJBU1a%2BJjLevWE2vCtFQ2uCkYldVYal6DKxQd9OspOyNdetG0HsmOJRo%2FM2tNg1wJAvzu3ym4%2F4FhWhGYl7vEsAcY%2FekFKzJqtAYx3tDGV2NQ8Ga"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
x-download-options: noopen
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a2f5b72fe3ca548-MIA
x-sorting-hat-podid: 50

GET
H3 200 slide_bundle_black_leatherette_optimized_480x320.png
www.theheadrestsafe.com/cdn/shop/files/ 12 KB
13 KB 50ms
49ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theheadrestsafe.com/cdn/shop/files/slide_bundle_black_leatherette_optimized_480x320.png?v=1712337168

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

b62f2c5d9c2e7ac0a1a7516459050baf7e42fc95942057819c88950c90f73e51

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 882614
x-permitted-cross-domain-policies: none
source-type: image/png
server-timing: imagery;dur=150.270, imageryFetch;dur=62.277, imageryProcess;dur=86.866;desc="image", cfRequestDuration;dur=15.999794
source-length: 218053
content-length: 12744
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 55404494899
x-request-id: 4d468d9b-bef4-4012-bc6e-b922612e1485-1717562281
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 05 Jun 2024 04:38:01 GMT
server: cloudflare
x-shopid: 55404494899
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KugzjyH7PjetC1CfR6x7d0NoR7JzHnfTNV7133NMZHvstYBibo3JsX5ebff0kJWmfA1seW1I7IQvnUyb6yuOgy02GY74rZIxqKfm4%2FkOhMDwinSREVQxh45wHSxVn0gNscwjPR1Yhbjp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
x-download-options: noopen
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a2f5b72fe3ea548-MIA
x-sorting-hat-podid: 50

GET
H2 200 rkp.tracker.js Show response
cdn.ravm.tv/ust/dist/ 604 KB
130 KB 61ms
61ms Script
application/javascript 52.85.151.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravm.tv/ust/dist/rkp.tracker.js
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.151.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-151-65.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13b5ffa55013d786e30034e13cc1fc4e3642e9f6bb934193acfd281437557ad9

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: FSuk0wjOH0x6a9kUVY.s9NqQNQTkIuQ3
content-encoding: gzip
via: 1.1 ba82151bf51e4c722c5305c983d8b71e.cloudfront.net (CloudFront)
date: Sun, 14 Jul 2024 01:02:06 GMT
last-modified: Wed, 24 Apr 2024 14:42:01 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
age: 18580
x-amz-server-side-encryption: AES256
etag: W/"f5391f26556534c5ca17cdf848984094"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
x-amz-cf-id: xlmXJSAuZQSLH1xxmELa5zs1H2VosZbg-7KfidbMAmzaDYRlCsx3Ug==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 334 KB
108 KB 76ms
76ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0R9BC4E5ZK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBNBCJS

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

9036a4e0240619fc6c09f84d0b4afe868c062a50e8fc727f729e2d4325aa2b17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 110897
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Jul 2024 06:11:45 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 267 KB
92 KB 138ms
137ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10852316691&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBNBCJS

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

00e3a33ea333cdcd8df32a48876188e9b09294cbc73feb1fa91303a4646d2f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94055
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Jul 2024 06:11:45 GMT

GET
H2 200 hotjar-3218037.js Show response
static.hotjar.com/c/ 9 KB
4 KB 265ms
130ms Script
application/javascript 18.160.41.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3218037.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBNBCJS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.41.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-41-53.iad55.r.cloudfront.net

Software

Resource Hash

1b96446df66caea0600cf76337c75d28c8222664d68ae218eb4a98d3e97816b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 b6caa49e59026d07a8e0859900a10572.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
etag: W/f908bdd4597519265ccfa71cbc7eec10
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: wtZVud_9-xqK6LKw5a0qyTNan4eQ-APZvkjA88IFf9F9zHajcpPUXQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
92 KB 111ms
110ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10852316691&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBNBCJS

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

61bb6831df65cccfac27e973629895e49a6965e7f1283a8eebf26f913d01d1cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94092
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Jul 2024 06:11:45 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
85 KB 71ms
71ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-5NRBKH9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBNBCJS

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

7476c88ad10a9327596703327fccfd91c346146716f92f783afbaed0232d88ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86559
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Jul 2024 06:11:45 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 190ms
72ms Script
text/javascript 2607:f8b0:400d:c02::be
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/shop/t/16/assets/startup.js?v=106905136692382181641709842080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::be Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8e7957d2930152fe815b50b888553d1052e6f08f33a46c970a8b2adce6bf1aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 14 Jul 2024 06:11:45 GMT

GET
H2 200 onsite Show response
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 2 KB
991 B 123ms
30ms XHR
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=S7X2K4

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

35d4c57b3c7fce09926ec7d9e4ab388743ac54fdb1d77b728c04ecaa32206285

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; report-uri /csp/
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; object-src 'none'; report-uri /csp/
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 06:11:45 GMT
strict-transport-security: max-age=900
age: 12356409
x-cache: HIT, HIT
content-length: 398
x-served-by: cache-bos4663-BOS, cache-mia-kmia1760071-MIA
server: nginx
allow: GET, HEAD, OPTIONS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=10
access-control-allow-credentials: true
vary: Accept-Encoding, Cookie
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 143, 0

GET
H2 200 full-forms Show response
static-forms.klaviyo.com/forms/api/v7/S7X2K4/ 9 KB
3 KB 137ms
32ms XHR
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-forms.klaviyo.com/forms/api/v7/S7X2K4/full-forms
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afb325b8e245ab01418c4a822d65f783849de6dc8888e74891cbfd899335d833

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: WL_R.P2Ygj7FhKmI6r5SkTLPSm1YZyza
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 Jul 2024 06:11:45 GMT
x-amz-request-id: MZNM971PFPSZ30P2
age: 1627557
x-amz-server-side-encryption: AES256
x-cache: HIT
client-geo-continent: NA
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/S7X2K4 custom-fonts/S7X2K4
content-length: 2363
x-amz-id-2: 65kIHDHEJYsyAnmhROPV7SSMB4nRkw+VZ9SpC7NHEPqBgqYUkGYJn4Sw5V0nT0s3S0k8gCbvn5E=
x-served-by: cache-mia-kmia1760076-MIA
client-geo-country: US
last-modified: Tue, 28 May 2024 04:15:23 GMT
server: AmazonS3
x-timer: S1720937506.940313,VS0,VE1
etag: "600aab2a82faea89ff8ae9a54272d180"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: client-geo-continent, client-geo-country
cache-control: max-age=5
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 108 B
1 KB 181ms
137ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=23307918&currentUrl=https%3A%2F%2Fwww.theheadrestsafe.com%2F

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a45c89da6cfa94009a61215c8921175ec1bf18444adb5bcba07e22e9b12954d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c5cd1780-8d1e-4ce3-a0af-8e59a608e1e5
content-encoding: br
x-envoy-upstream-service-time: 10
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c5cd1780-8d1e-4ce3-a0af-8e59a608e1e5
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.theheadrestsafe.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MoDFR5zgPA%2FBvgamxOL4WfUbMtOpGAue%2FMlh2EQyxrcf07nUgon%2Fk85WLvVPOSM%2BpIGuFBmfzLkmLcwI0Kl8XbkcOt5Fol3yCuDwc0SbbBkmLC8UX0OcBmFP7TuLve4NqHqslwtqsvdnrrlm7FBxG%2BX3hvnkcXdtjGA%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8a2f5b73cdc831fb-MIA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-x87g5

GET
H2 200 s Show response
t.vibe.co/pixel/ 16 B
158 B 268ms
56ms XHR
application/json 23.22.104.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://t.vibe.co/pixel/s?aid=OadhB9&cid=882f9069-02c2-4509-8171-80bfdf855546&gid=&eid=e9382d88-02a9-472c-80e1-afa6106ec3c6&a=page_view&ed=&v=3&url=https%3A%2F%2Fwww.theheadrestsafe.com%2F&ifr=0&ref=&ts=1720937505840&sr=1600x1200&vp=1600x1200&trk=trkid&t=xhr
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.104.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-104-4.compute-1.amazonaws.com
Software: /
Resource Hash: cca55903fc065c308bc958d7cebc0f93c5fdf986deab6c1709d9f63aea917c73

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.theheadrestsafe.com
date: Sun, 14 Jul 2024 06:11:46 GMT
access-control-allow-credentials: true
content-length: 16
content-type: application/json

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
213 B 65ms
64ms XHR
text/plain 2607:f8b0:4004:c09::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2097623418&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theheadrestsafe.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=The%20Headrest%20Safe%20%7C%20Discreet%20Vehicle%20Safes%20%7C%20The%20Headrest%20Safe%E2%84%A2%20Co.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABBAAAACgCIAB~&jid=633812791&gjid=1415428657&cid=1096921383.1720937506&tid=UA-217178170-1&_gid=19211752.1720937506&_slc=1&did=BwiEti&z=2061692211

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 06:11:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theheadrestsafe.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
351 B 174ms
58ms XHR
text/plain 2607:f8b0:400d:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-217178170-1&cid=1096921383.1720937506&jid=633812791&gjid=1415428657&_gid=19211752.1720937506&_u=YGBAgEABBAAAAGgCIAD~&z=1750697267

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 14 Jul 2024 06:11:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theheadrestsafe.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pnjgI91B.js Show response
cdn.flowcode.com/fcsp/ Frame 3BDA 73 KB
25 KB 131ms
49ms Script
text/javascript 172.64.152.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.flowcode.com/fcsp/pnjgI91B.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/custom/web-pixel-17891379@1/sandbox/modern/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04df534457a534497f47669def4b6908be8960ed7b3cdc46204bc194164c7f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 14 Jul 2024 06:11:45 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: yMDsB5jGGsArdeDczgC28w==
age: 3856284
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Mon, 26 Sep 2022 19:35:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 815a3c90-001e-001f-53a2-b2a330000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-robots-tag: noindex
cf-ray: 8a2f5b7449a7370e-MIA
expires: Mon, 14 Jul 2025 06:11:45 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 4554 49 KB
14 KB 153ms
55ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/custom/web-pixel-19497011@1/sandbox/modern/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 14 Jul 2024 06:11:45 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 835CD7ED170D4110803C92497D45BA90 Ref B: MIAEDGE1718 Ref C: 2024-07-14T06:11:45Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H2 200 vbpx.js Show response
s.vibe.co/ Frame FDB6 5 KB
3 KB 188ms
63ms Script
application/javascript 2600:9000:25c8:8e00:2:6431:e200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vibe.co/vbpx.js
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/wpm@7b287763w75de8ebep01a2177bme7de4691/custom/web-pixel-23068723@2/sandbox/modern/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:8e00:2:6431:e200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e61e17c7280d82614dd947b048c237f69e02463e33c5ed5e60aa59e22be75932

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 07:32:33 GMT
content-encoding: gzip
via: 1.1 be2c2de1ae578e4915f9466876d9de46.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 81568
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2258
last-modified: Fri, 07 Jun 2024 10:10:52 GMT
server: AmazonS3
etag: "f723a21be650cf6bf91252d40b170e22"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: dQM6WVq-AZzgCVPjfPcbnrRdW9yckjW2TLE9DKo-hcUeOCGxeOdLnQ==

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=589376762.1720937506&url=https%3A%2F%2Fwww.theheadrestsafe.com%2F&dma=0&npa=0&gtm=45be4790v875616294za200zb859087076&auid...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=589376762.1720937506&url=https%3A%2F%2Fwww.theheadrestsafe.com%2F&dma=0&npa=0&gtm=45be4790v875616294za200zb8...

42 B
66 B

57ms
57ms

Ping
image/gif

173.194.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=589376762.1720937506&url=https%3A%2F%2Fwww.theheadrestsafe.com%2F&dma=0&npa=0&gtm=45be4790v875616294za200zb859087076&auid=1406228851.1720937506&frm=0

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Server

173.194.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 06:11:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Jul 2024 06:11:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=589376762.1720937506&url=https%3A%2F%2Fwww.theheadrestsafe.com%2F&dma=0&npa=0&gtm=45be4790v875616294za200zb859087076&auid=1406228851.1720937506&frm=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10852316691/ 3 KB
1 KB 160ms
60ms Script
text/javascript 173.194.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10852316691/?random=1720937505919&cv=11&fst=1720937505919&bg=ffffff&guid=ON&async=1&gtm=45be4790v875616294za200zb859087076&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theheadrestsafe.com%2F&hn=www.googleadservices.com&frm=0&tiba=The%20Headrest%20Safe%20%7C%20Discreet%20Vehicle%20Safes%20%7C%20The%20Headrest%20Safe%E2%84%A2%20Co.&npa=0&pscdl=noapi&auid=1406228851.1720937506&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10852316691

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f154.1e100.net

Software

cafe /

Resource Hash

daed0b5b9717fd7e469decde44da986ffde74a1125391ddc10040ee5aa55c191

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 06:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1399
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
359 B 55ms
54ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343124210&tm=shpfy_ui&Ver=2&mid=037f19f8-fa74-48ad-872f-4588f0a382d9&sid=f2baa9c041a711efbd5b45bd2f226087&vid=f2bad4a041a711ef8a3757456cab87e8&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20Headrest%20Safe%20%7C%20Discreet%20Vehicle%20Safes%20%7C%20The%20Headrest%20Safe%E2%84%A2%20Co.&p=https%3A%2F%2Fwww.theheadrestsafe.com%2F&r=&lt=1505&evt=pageLoad&sv=1&cdb=AQAQ&rn=213588

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 14 Jul 2024 06:11:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 74F076A789BE46EC8BECE85ECBF4AC07 Ref B: MIAEDGE2916 Ref C: 2024-07-14T06:11:45Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 135 B
435 B 71ms
69ms XHR
application/json 2606:4700::6810:6efe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=23307918&utk=

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6efe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc80710c31e580b5f51f30637bd60ffe0d6face1370eada77322e67c8852d7a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 61ec3f36-7852-4567-9523-fd3480fa22e0
x-envoy-upstream-service-time: 2
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 61ec3f36-7852-4567-9523-fd3480fa22e0
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.theheadrestsafe.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-qfdc9
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8a2f5b7439f42260-MIA

POST
H2 400 matomo.php
uptick.matomo.cloud/ 411 B
525 B 521ms
169ms Ping
text/html 18.157.122.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uptick.matomo.cloud/matomo.php?action_name=The%20Headrest%20Safe%20%7C%20Discreet%20Vehicle%20Safes%20%7C%20The%20Headrest%20Safe%E2%84%A2%20Co.&idsite=2&rec=1&r=082914&h=20&m=11&s=45&url=https%3A%2F%2Fwww.theheadrestsafe.com%2F&_id=aa63241c2e540857&_idn=1&send_image=0&_refts=0&pv_id=KAbRUi&fa_pv=1&fa_fp[0][fa_vid]=oRaR4j&fa_fp[0][fa_fv]=1&pf_net=167&pf_srv=37&pf_tfr=77&pf_dm1=157&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/uptick.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.157.122.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-122-248.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 8b3870645ef8115a00e25ec8b1c7f303d7faa4b23520792fbaf236151914f19f

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Sun, 14 Jul 2024 06:11:46 GMT
content-encoding: gzip
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.theheadrestsafe.com
access-control-allow-credentials: true
content-length: 280

POST
H2 204 collect
www.merchant-center-analytics.goog/mc/ 0
0 211ms
60ms Fetch
text/plain 2607:f8b0:400d:c09::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.merchant-center-analytics.goog/mc/collect?v=2&tid=MC-DLVCWEKTJV&gtm=45Pe4790v9120289909za200zb859087076&_p=1720937505144&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=1096921383.1720937506&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dp=%2F&dt=The%20Headrest%20Safe%20%7C%20Discreet%20Vehicle%20Safes%20%7C%20The%20Headrest%20Safe%E2%84%A2%20Co.&dl=https%3A%2F%2Fwww.theheadrestsafe.com%2F&sid=1720937505&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1856&_z=fetch
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c09::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 06:11:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theheadrestsafe.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 produce_batch
www.theheadrestsafe.com/.well-known/shopify/monorail/unstable/ 0
782 B 88ms
87ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 14 Jul 2024 06:11:46 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=52.000046
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: 8561023d-63a6-4c06-a673-68c82fea6468
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2F%2B2HBspBgLXuKh5jtwrjyRaHzP0jc1YhRcUWOyY%2BzQv6A7yNOI8o1zKzEafEkdmy2e%2FhGlmYesNr7IKpbRzPubnRpykCEhwVCgXKXJDcIfQggZUrVgcCd6IgqQc%2Bn22ywJ8rELdEqvA"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.theheadrestsafe.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 8a2f5b748fa2a548-MIA

GET
H2 400 configs.php
uptick.matomo.cloud/plugins/HeatmapSessionRecording/ 0
0 490ms
164ms Script
text/html 18.157.122.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uptick.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=HoUVAr&url=https%3A%2F%2Fwww.theheadrestsafe.com%2F
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/uptick.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.157.122.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-122-248.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:46 GMT
server: Apache
content-length: 0
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
content-type: text/html; charset=UTF-8

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
785 B 67ms
65ms Stylesheet
text/css 2607:f8b0:400d:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:ital,wght@0,400&family=Poppins:ital,wght@0,400&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9c0c56b7d0f2c44b63b7a498383c86c71a277e7815072b5da84470bd7fac0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 Jul 2024 06:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 Jul 2024 06:11:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Jul 2024 06:11:46 GMT

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
886 B 109ms
73ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=3

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 5f7e5eb2-0560-4fd4-8e8e-0ba5b8a43977
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5f7e5eb2-0560-4fd4-8e8e-0ba5b8a43977
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-ptpxr
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8a2f5b750878a548-MIA

GET
H2 200 ust_PaccU2xIO5Zn.config.json Show response
cdn.ravm.tv/ust/ 255 B
818 B 156ms
52ms XHR
application/json 52.85.151.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ravm.tv/ust/ust_PaccU2xIO5Zn.config.json

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.151.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-151-65.iad89.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f8cf7cc54d97087e95eb72cf21ef6f2c464690a798d928b7513e311fe752e575

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: U.TeAkvZGF8JWEhRNljQUkVrm3wESy0G
date: Sat, 13 Jul 2024 06:43:17 GMT
via: 1.1 613faec4b883bfe2ebdd8a74d5006f4c.cloudfront.net (CloudFront)
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: IAD89-C3
age: 84510
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 255
last-modified: Sat, 22 Jun 2024 19:37:29 GMT
server: AmazonS3
etag: "5c37b774e2d411b8589ba1bb916b31d7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: must-revalidate
accept-ranges: bytes
x-amz-cf-id: ahA9WtXpe4QfH0M2eWBETQgiFyt1QJFs9HsL_mUAeMBwsArUie6n5Q==

GET
H2 200 1543260919844302 Show response
connect.facebook.net/signals/config/ 61 KB
12 KB 96ms
95ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1543260919844302?v=2.9.161&r=stable&domain=www.theheadrestsafe.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9ed10eec2c7d2fd20c76b9c3c1c87208efca459ae79176f7fc4ed9c2cf3d3ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 14 Jul 2024 06:11:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=64, mss=1297, tbw=64138, tp=-1, tpl=-1, uplat=38, ullat=0
pragma: public
x-fb-debug: kafK+Ds80syZKMzjo3mun1MA2oysW7Qt8zLILFF4tg2xneymWX77Iuuq1SqG2SPkXHJojD141MeWSF14GHveAQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/8d9f6215/www-widgetapi.vflset/ 31 KB
10 KB 59ms
58ms Script
text/javascript 2607:f8b0:400d:c02::be
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8d9f6215/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::be Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb34150905a3d5ae56c7b9d66a658a0ed0de85b1e9a41282e2e82c326831aec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 17:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 303639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10405
x-xss-protection: 0
last-modified: Wed, 10 Jul 2024 04:14:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 10 Jul 2025 17:51:07 GMT

GET
H2 200 vendors~reviews~atlas~ClientStore.dd9d02dd9fc376e8dd48.js Show response
static-tracking.klaviyo.com/onsite/js/ 22 KB
22 KB 31ms
30ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/vendors~reviews~atlas~ClientStore.dd9d02dd9fc376e8dd48.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.765ff78e9894f774c2b4.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa03b89682a1f628e945d75327d8d602161b73c35d7159a34e6b2d01af15e4ca

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: qx3h0uREf27xQaVjzDUczEGF5bA1XxtJ
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 06:11:46 GMT
x-amz-request-id: JGDYH129XKD9B27F
age: 109365
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 22024
x-amz-id-2: +W3IaUbpwUlwzoZkZJmVAln1V48BXk94ii2DGOzdDTTEFIddoyzd00RRdgSn3zMBTPS9gvmuueA=
x-served-by: cache-lga21934-LGA, cache-mia-kmia1760056-MIA
last-modified: Tue, 19 Mar 2024 12:30:23 GMT
server: AmazonS3
etag: "2f5438508c293a1ad8e8f5b6a6cbd520"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 58e4c18a2713778f3963d50a2fa09785ecab4330
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 2156, 225044

GET
H2 200 ClientStore.dc42ff4537a0893c5834.js Show response
static-tracking.klaviyo.com/onsite/js/ 64 KB
18 KB 38ms
38ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/ClientStore.dc42ff4537a0893c5834.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.765ff78e9894f774c2b4.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d43fcf82e79a703198813729e16fa7ad798500ea1d9121c3d75e8f2cbf7dbb3a

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: .KN0V6aMuG2BFKvGgJfsmwG9iuwo81s0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 06:11:46 GMT
x-amz-request-id: R6QW24TRPJXVZ57D
age: 109365
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 18234
x-amz-id-2: g6kUGsZJMBtkvchlWkLhTfkaf5f2rsVuMFWLKKHZ6CNmhHqvq8Asq78PzfPup74X8NPwZFnZg4Q=
x-served-by: cache-lga13622-LGA, cache-mia-kmia1760056-MIA
last-modified: Fri, 05 Jul 2024 19:07:48 GMT
server: AmazonS3
etag: "bd44ecd345c21fbf641381fa2c203218"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 67abca9c10c76527f105265634a9985f7cdc288a
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 22, 14163

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10852316691/ 2 KB
1 KB 58ms
58ms Script
text/javascript 173.194.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10852316691/?random=1720937506131&cv=11&fst=1720937506131&bg=ffffff&guid=ON&async=1&gtm=45be4790v875616294z8859087076za201&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theheadrestsafe.com%2F&hn=www.googleadservices.com&frm=0&tiba=The%20Headrest%20Safe%20%7C%20Discreet%20Vehicle%20Safes%20%7C%20The%20Headrest%20Safe%E2%84%A2%20Co.&npa=0&pscdl=noapi&auid=1406228851.1720937506&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10852316691&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f154.1e100.net

Software

cafe /

Resource Hash

75da86fa256fc51a4bf06238db01b7407d858052f7ecde1d39e00862c12adf42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 06:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1396
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
890 B 111ms
70ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ec238de7-0f43-4376-a37d-726a5f9789a8
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ec238de7-0f43-4376-a37d-726a5f9789a8
last-modified: Sun, 14 Jul 2024 06:11:46 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-rb5dx
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8a2f5b75a92ea548-MIA

OPTIONS
H3 200 tp2
collector.flowcode.com/com.snowplowanalytics.snowplow/ Frame 0
0 163ms
83ms Preflight 172.64.152.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.flowcode.com/com.snowplowanalytics.snowplow/tp2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: null
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a2f5b760998da43-MIA
content-length: 0
date: Sun, 14 Jul 2024 06:11:46 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload

POST
H3 200 tp2 Show response
collector.flowcode.com/com.snowplowanalytics.snowplow/ Frame 3BDA 2 B
368 B 109ms
75ms XHR
text/plain 172.64.152.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.flowcode.com/com.snowplowanalytics.snowplow/tp2

Requested by

Host: cdn.flowcode.com
URL: https://cdn.flowcode.com/fcsp/pnjgI91B.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sun, 14 Jul 2024 06:11:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 8a2f5b76ce030a0e-MIA
alt-svc: h3=":443"; ma=86400
content-length: 2

POST
H2 204 collect
analytics.google.com/g/ 0
0 118ms
44ms Fetch
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-0R9BC4E5ZK&gtm=45je4790v885788363z8859087076za200zb859087076&_p=1720937505144&_gaz=1&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=1096921383.1720937506&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1720937506&sct=1&seg=0&dl=https%3A%2F%2Fwww.theheadrestsafe.com%2F&dt=The%20Headrest%20Safe%20%7C%20Discreet%20Vehicle%20Safes%20%7C%20The%20Headrest%20Safe%E2%84%A2%20Co.&en=page_view&_fv=1&_ss=1&tfd=2073&_z=fetch
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 06:11:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theheadrestsafe.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 57ms
57ms Ping
text/plain 2607:f8b0:400d:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0R9BC4E5ZK&cid=1096921383.1720937506&gtm=45je4790v885788363z8859087076za200zb859087076&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0R9BC4E5ZK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0c::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 06:11:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theheadrestsafe.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.e4b2dc39f985f11fb1e4.js Show response
script.hotjar.com/ 223 KB
56 KB 184ms
57ms Script
application/javascript 99.84.191.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3218037.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-191-41.iad89.r.cloudfront.net

Software

Resource Hash

619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Jul 2024 08:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 b13c6d10b44fd12a68a8ca01d540a750.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1116039
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56291
last-modified: Mon, 01 Jul 2024 08:10:34 GMT
etag: "ca025d2d8ae4b3dc51e058b782590501"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 1FTA-qGWO7PwxaHaZ5OPJU9H5ri9bjrsVALtXogBrzGzvnhWWP8gtw==

GET
H2 200 343124210.js Show response
bat.bing.com/p/action/ Frame 4554 334 B
406 B 55ms
55ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343124210.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0170197caffee3d73fe659b2b65d4c50b88310d98752d7dba0e7988e7dfe4376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sun, 14 Jul 2024 06:11:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 69088CB9B9BA4B339399A49FE2879DB8 Ref B: MIAEDGE1718 Ref C: 2024-07-14T06:11:46Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

GET
H/1.1

200

match-result
tags.w55c.net/
Redirect Chain

https://tags.w55c.net/rs?id=c330ccfe2a644cd284752aec65a7eea5&t=page_view&event_time=1720937505&event_id=a84c053ddfff44800e45adacb12b9999&ust=3.5&dpo=false
https://tags.w55c.net/rs?sccid=a74bdf6d-dbe0-f134-e03c-5c95db39ec4a&scc=1&id=c330ccfe2a644cd284752aec65a7eea5&t=page_view&event_time=1720937505&event_id=a84c053ddfff44800e45adacb12b9999&ust=3.5&dpo...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dVZNaEo1VWUxU3NTc3ky&google_cm&google_sc
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEH0Klk6EPAlzSma_pKGNDoQ&google_cver=1

42 B
618 B

56ms
56ms

Image
image/gif

54.156.8.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEH0Klk6EPAlzSma_pKGNDoQ&google_cver=1

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

HTTP/1.1

Server

54.156.8.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-8-121.compute-1.amazonaws.com

Software

Retargeting/v2.0.30-810-g7063ef3#rel-ec2-master i-0e51433251c60b01d@us-east-1b@dxedge-app-us-east-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Jul 2024 06:11:46 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-810-g7063ef3#rel-ec2-master i-0e51433251c60b01d@us-east-1b@dxedge-app-us-east-1-prod-asg
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Forwarded-Proto
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Jul 2024 06:11:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEH0Klk6EPAlzSma_pKGNDoQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 384
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10852316691/ 42 B
64 B 58ms
58ms Image
image/gif 172.217.197.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10852316691/?random=1720937505919&cv=11&fst=1720936800000&bg=ffffff&guid=ON&async=1&gtm=45be4790v875616294za200zb859087076&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theheadrestsafe.com%2F&hn=www.googleadservices.com&frm=0&tiba=The%20Headrest%20Safe%20%7C%20Discreet%20Vehicle%20Safes%20%7C%20The%20Headrest%20Safe%E2%84%A2%20Co.&npa=0&pscdl=noapi&auid=1406228851.1720937506&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL8idSCSiPo2MNAcw92SRn1iYBCQgkAg&random=287296807&rmt_tld=0&ipr=y

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 06:11:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 K8PNHHzNLgY
www.youtube.com/embed/ Frame 8B13 0
0 221ms
109ms Document
text/html 2607:f8b0:400d:c02::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/K8PNHHzNLgY?modestbranding=true&showinfo=false&controls=false&loop=false&mute=false&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.theheadrestsafe.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d9f6215/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::88 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jul 2024 06:11:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 analytics.js Show response
www.theheadrestsafe.com/cdn/shopifycloud/media-analytics/v0.1/ 24 KB
8 KB 44ms
44ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/shopifycloud/media-analytics/v0.1/analytics.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

7abc5bad60f3c1a3728640864ab085439d4c492e440bdd89b2d64d613aaf2160

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 3530
x-permitted-cross-domain-policies: none
server-timing: imagery;dur=92.883, imageryFetch;dur=34.499, cfRequestDuration;dur=12.000084
alt-svc: h3=":443"; ma=86400
content-length: 7279
x-xss-protection: 1; mode=block
x-request-id: ce832c50-3438-498b-86f8-344eba09f4e1-1720931256
last-modified: Sun, 14 Jul 2024 04:27:36 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8wCEvOFvlROEACCVtonwBmLzaltxEEE3I3V1RVMmo%2BX%2FPPAL0iRJoMUmO2cBQlgsUupQ4IZLP2egerkc2qDKh9CnMUFffOrpD%2BTgYS0adhDo%2B3SEOK6VtWRyMNyEAvBhY8ulTUfVSYR%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 8a2f5b76195ea548-MIA
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/media-analytics/v0.1/analytics.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 /
www.google.com/pagead/1p-user-list/10852316691/ 42 B
64 B 55ms
55ms Image
image/gif 172.217.197.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10852316691/?random=1720937506131&cv=11&fst=1720936800000&bg=ffffff&guid=ON&async=1&gtm=45be4790v875616294z8859087076za201&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theheadrestsafe.com%2F&hn=www.googleadservices.com&frm=0&tiba=The%20Headrest%20Safe%20%7C%20Discreet%20Vehicle%20Safes%20%7C%20The%20Headrest%20Safe%E2%84%A2%20Co.&npa=0&pscdl=noapi&auid=1406228851.1720937506&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLL8_-nKl7IdaBh5n38dhsvXVhu5nZalMJQVChkYwVfGrQzmEP&random=911330553&rmt_tld=0&ipr=y

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jul 2024 06:11:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4656677967776690 Show response
connect.facebook.net/signals/config/ 39 KB
7 KB 98ms
97ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/4656677967776690?v=2.9.161&r=stable&domain=www.theheadrestsafe.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C190%2C189%2C191%2C196%2C197%2C198%2C194%2C186%2C125%2C155%2C185%2C187%2C116%2C149%2C138%2C143%2C180%2C122%2C222%2C109%2C121%2C223%2C157%2C113%2C129%2C117%2C140%2C146

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

542a13b0c6ead28be3b663ebf10f958c02ec2e41b80f91523cac3e49c8ea7b32

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 14 Jul 2024 06:11:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=52, rtx=0, c=23, mss=1232, tbw=4322, tp=9, tpl=0, uplat=42, ullat=0
pragma: public
x-fb-debug: YlXLKwceM6UV1Cwe5hLxIdtFSvxEr8LOx2Ss1vxji6RygUuviuq9gIWM65JMadFEV7eMBQORzE0MNfxs1rc87w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
269 B 174ms
58ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1543260919844302&ev=PageView&dl=https%3A%2F%2Fwww.theheadrestsafe.com%2F&rl=&if=false&ts=1720937506262&sw=1600&sh=1200&v=2.9.161&r=stable&a=shopify_web_pixel&ec=0&o=4126&fbp=fb.1.1720937506260.957868196742854554&ler=empty&cdl=API_unavailable&it=1720937506096&coo=false&dpo=&eid=sh-afde6725-C911-4C8F-4865-86F9071576B9&rqm=GET

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1297, tbw=2805, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 14 Jul 2024 06:11:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 320ms
204ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1543260919844302&ev=PageView&dl=https%3A%2F%2Fwww.theheadrestsafe.com%2F&rl=&if=false&ts=1720937506262&sw=1600&sh=1200&v=2.9.161&r=stable&a=shopify_web_pixel&ec=0&o=4126&fbp=fb.1.1720937506260.957868196742854554&ler=empty&cdl=API_unavailable&it=1720937506096&coo=false&dpo=&eid=sh-afde6725-C911-4C8F-4865-86F9071576B9&rqm=FGET

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x535f561a4ce34cb0","source_keys":["1","2"]},{"key_piece":"0x7a4c464982c3c8ab","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 14 Jul 2024 06:11:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391370308757124698", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=20, mss=1297, tbw=7249, tp=-1, tpl=-1, uplat=146, ullat=0
pragma: no-cache
x-fb-debug: B4lvLd8g+1XQH3OvoxYLMhAavyW6fk1ga2I1CxKVo4578Q9Xs4eigGGItLqZsNIM8d+YyCso8fDwlae1qjp/uQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391370308757124698"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 track-analytics
a.klaviyo.com/onsite/ Frame 0
0 156ms
88ms Preflight
text/html 2606:4700::6812:cf0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=S7X2K4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:cf0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theheadrestsafe.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
allow: POST, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8a2f5b76bcfd742e-MIA
content-encoding: gzip
content-language: en-us
content-security-policy: script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; report-uri /csp/
content-type: text/html; charset=utf-8
date: Sun, 14 Jul 2024 06:11:46 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Language, Cookie, Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow

OPTIONS
H2 200 track-analytics
a.klaviyo.com/onsite/ Frame 0
0 155ms
87ms Preflight
text/html 2606:4700::6812:cf0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=S7X2K4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:cf0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theheadrestsafe.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
allow: POST, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8a2f5b76bcf8742e-MIA
content-encoding: gzip
content-language: en-us
content-security-policy: object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/
content-type: text/html; charset=utf-8
date: Sun, 14 Jul 2024 06:11:46 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Language, Cookie, Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow

GET
H2 200 styles.56e13916dea5bb41e6da.css
static-tracking.klaviyo.com/onsite/js/ 76 KB
9 KB 31ms
29ms Stylesheet
text/css 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/styles.56e13916dea5bb41e6da.css
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.765ff78e9894f774c2b4.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41483a98f0282e2a948da3ec49b051e3ba757e3af9cddbde22350489094a880c

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: QotKxdOc9ZC5eKOryAfn8ZoMpqUg1N.E
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 06:11:46 GMT
x-amz-request-id: 7KTKWMYA9V7W4S65
age: 109365
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 8622
x-amz-id-2: RDpC5eEqzZGq1rfx9CTUYYDB5CB17Sgsu1b66e6RHHZNfvjjqvox93VS87MgEPBKrExBPpi1FJ4GItt0/j0wf6JuLJ2BTlMr
x-served-by: cache-lga21963-LGA, cache-mia-kmia1760056-MIA
last-modified: Thu, 11 Jul 2024 20:54:12 GMT
server: AmazonS3
etag: "85203fa4d9a1b62342a1da46c8fe75b8"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: edde74379c6c6425751260d3972e5afdddcd77f6
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 11, 14833

GET
H2 200 styles.4a2f033013cf7c575b53.js Show response
static-tracking.klaviyo.com/onsite/js/ 13 KB
4 KB 32ms
31ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/styles.4a2f033013cf7c575b53.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.765ff78e9894f774c2b4.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2041a63eb5aaf5b6e6c32ab81f61144ce170f2ab4dbc2837fa7b08e79f717be

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: bbrfwkY_dWeqbk.da5ldE1TSOl7_vO5t
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 06:11:46 GMT
x-amz-request-id: 2B0XVDH58QT7J1CV
age: 109365
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 3661
x-amz-id-2: qA29liHg4RMlDisuVRledw9kF/O3kYxtJL8zf5RdS6mQ7MkhT6Y6o4PXqLXZEeVzlxqNu4WPPnII75SHDFYEYE9a+hpaCwgwgf4HXVCEjTs=
x-served-by: cache-lga21965-LGA, cache-mia-kmia1760056-MIA
last-modified: Tue, 09 Jul 2024 14:51:38 GMT
server: AmazonS3
etag: "50750d89ca478b696247c1ebe25ba38c"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: d773c2537787c288e198593d0551f859130c7de9
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 23, 14775

GET
H2 200 vendors~Render.f01ae5f2152690614ec3.js Show response
static-tracking.klaviyo.com/onsite/js/ 54 KB
13 KB 34ms
33ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/vendors~Render.f01ae5f2152690614ec3.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.765ff78e9894f774c2b4.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b21eaec9b955efeb791c1b49085ad2ca4e47830a58a7535a35be42bfdb77b1d

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 0_.IIdoxvZXK0xy.nyEYZzsIUXzV5pG3
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 06:11:46 GMT
x-amz-request-id: 7K0Q6H7RFTZG281H
age: 109365
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 13326
x-amz-id-2: PXMsS+eQf9Q3KM5iFbT8XAFS7Eyi3253xeK5Mzj/TL2pFeXRdS9iyejU5gc5ycyZnY/8a7Tt0ks=
x-served-by: cache-lga21955-LGA, cache-mia-kmia1760056-MIA
last-modified: Fri, 05 Jul 2024 14:04:52 GMT
server: AmazonS3
etag: "c15ad3a7467c93bda86851d620e55fb8"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: d93f1261c703dd22f2bd096a193be2997299fdfa
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 8, 14678

GET
H2 200 Render.48c41da27b3a18e89e42.js Show response
static-tracking.klaviyo.com/onsite/js/ 123 KB
31 KB 34ms
34ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/Render.48c41da27b3a18e89e42.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.765ff78e9894f774c2b4.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21c5e1bba3456d3f721cf00ab1fdcbe8cb7452eb84b3f621e4f7b5c937e84f7f

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: O1ajRVVQ617hwlSg1k9cnRwEgceqTS9g
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 06:11:46 GMT
x-amz-request-id: 2P9PDZAJRHGD3DZC
age: 109365
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 31846
x-amz-id-2: +Qai6WwTQ70XH318sy+HAocRZ97L/4p1Oj1jQvh1zo87kh//+eUPzD5I5qbFRTKZXodo3U5dLl0=
x-served-by: cache-lga21967-LGA, cache-mia-kmia1760056-MIA
last-modified: Fri, 12 Jul 2024 18:29:33 GMT
server: AmazonS3
etag: "5ba5685472cdd03796cf0a5dbc37bd77"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 5951a217769c58abb4323a4ac993e2aaaacfdc16
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 33, 14743

POST
H2 202 track-analytics Show response
a.klaviyo.com/onsite/ 50 B
139 B 98ms
97ms XHR
application/json 2606:4700::6812:cf0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=S7X2K4

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:cf0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Jul 2024 06:11:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; report-uri /csp/
content-length: 50
server: cloudflare
allow: POST, OPTIONS
vary: Accept-Language, Cookie, Accept-Encoding
content-language: en-us
access-control-allow-origin: *
access-control-allow-methods: POST
content-type: application/json
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 8a2f5b774dc6742e-MIA
access-control-allow-headers
x-robots-tag: noindex, nofollow

POST
H2 202 track-analytics Show response
a.klaviyo.com/onsite/ 50 B
337 B 100ms
98ms XHR
application/json 2606:4700::6812:cf0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=S7X2K4

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:cf0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Jul 2024 06:11:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
content-length: 50
server: cloudflare
allow: POST, OPTIONS
vary: Accept-Language, Cookie, Accept-Encoding
content-language: en-us
access-control-allow-origin: *
access-control-allow-methods: POST
content-type: application/json
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 8a2f5b774dc5742e-MIA
access-control-allow-headers
x-robots-tag: noindex, nofollow

GET
H2 204 0
bat.bing.com/action/ Frame 4554 0
293 B 55ms
54ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343124210&Ver=2&mid=33c00845-1858-4cf0-8bad-cb13ca78a490&sid=f2baa9c041a711efbd5b45bd2f226087&vid=f2bad4a041a711ef8a3757456cab87e8&vids=0&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20Headrest%20Safe%20%7C%20Discreet%20Vehicle%20Safes%20%7C%20The%20Headrest%20Safe%E2%84%A2%20Co.&p=https%3A%2F%2Fwww.theheadrestsafe.com%2Fwpm%407b287763w75de8ebep01a2177bme7de4691%2Fcustom%2Fweb-pixel-19497011%401%2Fsandbox%2Fmodern%2F&r=&lt=336&evt=pageLoad&ifm=1&sv=1&cdb=AQAQ&rn=326195

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 14 Jul 2024 06:11:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A2FF39F2518640A7A5574CC6B9E7FAEE Ref B: MIAEDGE1718 Ref C: 2024-07-14T06:11:46Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 produce
monorail-edge.shopifysvc.com/v1/ Frame 0
0 136ms
43ms Preflight 34.111.94.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://monorail-edge.shopifysvc.com/v1/produce
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.94.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.94.111.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-monorail-edge-client-message-id,x-monorail-edge-event-created-at-ms,x-monorail-edge-event-sent-at-ms
Access-Control-Request-Method: POST
Origin: https://www.theheadrestsafe.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.theheadrestsafe.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 14 Jul 2024 06:11:46 GMT
via: 1.1 google

POST
H2 200 produce
monorail-edge.shopifysvc.com/v1/ 0
0 46ms
43ms Fetch 34.111.94.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://monorail-edge.shopifysvc.com/v1/produce
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.94.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.94.111.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://www.theheadrestsafe.com/
X-Monorail-Edge-Event-Created-At-Ms: 1720937506299
X-Monorail-Edge-Event-Sent-At-Ms: 1720937506300
X-Monorail-Edge-Client-Message-Id: e6e351ab-1278-44a1-9f86-51e43daf5269
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 14 Jul 2024 06:11:46 GMT
via: 1.1 google
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.theheadrestsafe.com
access-control-allow-credentials: true
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 6a1de920-be64-415b-bf73-ca2fb8ebf46f

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
539 B 68ms
68ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 3ce47af8-5039-434f-aff0-9022a9321ffc
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3ce47af8-5039-434f-aff0-9022a9321ffc
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-x87g5
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8a2f5b76d9d0a548-MIA

GET
H2 200 poppins_latin_regular_400_2.woff2
static.klaviyo.com/onsite/hosted-fonts/Poppins/latin/ 8 KB
8 KB 30ms
30ms Font
binary/octet-stream 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/hosted-fonts/Poppins/latin/poppins_latin_regular_400_2.woff2
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: JoJmNoIt7y74RbGGAmEZV57ZHNIyCadF
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 06:11:46 GMT
x-amz-request-id: 73Y7ZXSB012HJPEW
age: 3751
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 7884
x-amz-id-2: xOAJRZG6kb/wR8YvdY6QZktSJdhtcGg1l1983+cM9vfdIqFA+d25eCUQDExOh/KYPa24Jmyha1feFGoYSuej7JH86VxAzFDf
x-served-by: cache-lga21954-LGA, cache-mia-kmia1760045-MIA
last-modified: Fri, 07 Apr 2023 20:06:48 GMT
server: AmazonS3
etag: "9212f6f9860f9fc6c69b02fedf6db8c3"
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 56380, 46

GET
H/1.1 200
OK 2ebe11b5-3f1b-4545-b617-bc86c9cc71f5.png
d3k81ch9hvuctc.cloudfront.net/company/S7X2K4/images/ 557 KB
558 KB 261ms
81ms Image
image/png 13.224.214.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3k81ch9hvuctc.cloudfront.net/company/S7X2K4/images/2ebe11b5-3f1b-4545-b617-bc86c9cc71f5.png
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-104.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: abe04dc73b488f7836f9755b2880974e08d7dbb1443a7f9952dd13f56a8b8255

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 14 Jul 2024 02:52:20 GMT
x-amz-version-id: ZqFmdZ6IjnQqMMGfDZDLILuGU0jd9EqP
Via: 1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: PHL50-C1
Age: 11967
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 570701
Last-Modified: Mon, 08 Jan 2024 19:47:43 GMT
Server: AmazonS3
ETag: "43c38fc7bde60461f8f79dd3118da8c3"
Content-Type: image/png
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: Z6V3mZVEIYHDKS3yELefPqDsT2SoxjpXSS0U9ITVT0TBDOW-eTvMng==

GET
H2 200 poppins_latin_regular_700.woff2
static.klaviyo.com/onsite/hosted-fonts/Poppins/latin/ 8 KB
8 KB 32ms
31ms Font
binary/octet-stream 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/hosted-fonts/Poppins/latin/poppins_latin_regular_700.woff2
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: obMlTM.0yISCe8hIBr.UzAPojg0bXd7z
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Jul 2024 06:11:46 GMT
x-amz-request-id: R23Z5G5SGJ0QH553
age: 4839
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 7816
x-amz-id-2: NRlNVvnjTVEeGqZldl2CxlOzFbFBD6TsiQIR+7YCeLPm+8APan+8HBQdbua/B96xqj7UDBeLJ5g=
x-served-by: cache-lga21973-LGA, cache-mia-kmia1760045-MIA
last-modified: Fri, 07 Apr 2023 19:55:28 GMT
server: AmazonS3
etag: "25b0e113ca7cce3770d542736db26368"
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 32040, 17

GET
H3 200 3611272122425095 Show response
connect.facebook.net/signals/config/ 21 KB
3 KB 107ms
107ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3611272122425095?v=2.9.161&r=stable&domain=www.theheadrestsafe.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C190%2C189%2C191%2C196%2C197%2C198%2C194%2C186%2C125%2C155%2C185%2C187%2C116%2C149%2C138%2C143%2C180%2C122%2C222%2C109%2C121%2C223%2C157%2C113%2C129%2C117%2C140%2C146%2C128%2C127%2C130%2C120

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

57dfac79192baf6e9b949a951fece402e23729bf536a44a5511664f907231332

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 14 Jul 2024 06:11:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=54, rtx=0, c=31, mss=1232, tbw=14082, tp=19, tpl=0, uplat=52, ullat=0
pragma: public
x-fb-debug: TFKETKIwUoY5h0TkfOSugK+yEybemqdj3gTi4fB843nHFuqWmczbcVL2sBkIRO1/Jc/8CmofriqwTxoQ04ZftQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
99 B 57ms
56ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4656677967776690&ev=PageView&dl=https%3A%2F%2Fwww.theheadrestsafe.com%2F&rl=&if=false&ts=1720937506406&sw=1600&sh=1200&v=2.9.161&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1720937506260.957868196742854554&ler=empty&cdl=API_unavailable&hmd=1eb58926c844047e350d8882&pl=https%3A%2F%2Fwww.theheadrestsafe.com%2F&cs_est=true&it=1720937506096&coo=false&dpo=&rqm=GET

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1297, tbw=3188, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 14 Jul 2024 06:11:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 157ms
156ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=4656677967776690&ev=PageView&dl=https%3A%2F%2Fwww.theheadrestsafe.com%2F&rl=&if=false&ts=1720937506406&sw=1600&sh=1200&v=2.9.161&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1720937506260.957868196742854554&ler=empty&cdl=API_unavailable&hmd=1eb58926c844047e350d8882&pl=https%3A%2F%2Fwww.theheadrestsafe.com%2F&cs_est=true&it=1720937506096&coo=false&dpo=&rqm=FGET

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x2a8c4f5c159315e1","source_keys":["1","2"]},{"key_piece":"0xb1b0a2dbea687b33","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 14 Jul 2024 06:11:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391370308121174386", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=20, mss=1297, tbw=3331, tp=-1, tpl=-1, uplat=96, ullat=0
pragma: no-cache
x-fb-debug: KI+LFsK5XAdswOj1LNudFRp/Uyx/PmpfqCEMF9km+GHCwzxYm/5+jB75lo0IUFCu+5eRRniFkNFq9SQzbX8Npg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391370308121174386"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 produce_batch
www.theheadrestsafe.com/.well-known/shopify/monorail/unstable/ 0
778 B 85ms
82ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 14 Jul 2024 06:11:46 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=52.000046
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: 0b9db5bf-5c65-4be7-a4d7-8f784ee6ed91
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qjf9o8gRNNKiY2doXjW41eAadDxrrxv7ZIqzdZIvNoj%2FW3ArlHFlqO9NYd2shvPuke0mymVDD23BPZYzaNNngmfZc1EpbpoH2sl8uBmvv7BpGqI5pSfB7uUVY%2FbYZ5euh%2F8p5MqQSLep"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.theheadrestsafe.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 8a2f5b77ba4ba548-MIA

GET
H2 200 /
www.facebook.com/tr/ 0
97 B 57ms
56ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3611272122425095&ev=PageView&dl=https%3A%2F%2Fwww.theheadrestsafe.com%2F&rl=&if=false&ts=1720937506522&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720937506260.957868196742854554&ler=empty&cdl=API_unavailable&it=1720937506096&coo=false&dpo=&rqm=GET

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=20, mss=1297, tbw=7108, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 14 Jul 2024 06:11:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 82ms
82ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3611272122425095&ev=PageView&dl=https%3A%2F%2Fwww.theheadrestsafe.com%2F&rl=&if=false&ts=1720937506522&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720937506260.957868196742854554&ler=empty&cdl=API_unavailable&it=1720937506096&coo=false&dpo=&rqm=FGET

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x856b3b770bc749d7","source_keys":["1","2"]},{"key_piece":"0xd27edcb2eab5ff8b","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 14 Jul 2024 06:11:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391370308587701838", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=20, mss=1297, tbw=8485, tp=-1, tpl=-1, uplat=25, ullat=0
pragma: no-cache
x-fb-debug: 3bi/sCbtqJBw0nB4oytY7P0oR9/6FM0taVdmf44nj+ZMwtvjL2VutdHQrULQH1YDQ5IK3KyWBUQdgfLtCccRig==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391370308587701838"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 powr.js Show response
www.powr.io/ 47 KB
12 KB 88ms
46ms Script
application/javascript 172.67.5.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powr.io/powr.js?powr-token=theheadrestsafe.myshopify.com&external-type=shopify&shop=theheadrestsafe.myshopify.com

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.5.146 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e94f0a7150c7650bc12fc1d30d6f28a004d1112fbd2b516b89abf146d1556b10

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .powr.io .wix.com .mybigcommerce.com .weebly.com .stripe.com .myshopify.com .shopify.com .editorx.com .sharethis.com sharethis.com .webydo.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:47 GMT
content-security-policy: frame-ancestors *.powr.io *.wix.com *.mybigcommerce.com *.weebly.com *.stripe.com *.myshopify.com *.shopify.com *.editorx.com *.sharethis.com sharethis.com *.webydo.com;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-origin-instance: gke
age: 162258
x-envoy-upstream-service-time: 31
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 11 Jul 2024 17:02:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
cf-ray: 8a2f5b7e1ee5da4b-MIA
expires: Fri, 11 Jul 2025 17:03:18 GMT

GET
H2 200 connect.js Show response
cdn.wishpond.net/ 157 KB
41 KB 231ms
63ms Script
application/javascript 18.165.83.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wishpond.net/connect.js?merchantId=1817652&writeKey=555128992718&shop=theheadrestsafe.myshopify.com
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.83.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-25.iad55.r.cloudfront.net
Software: nginx/1.17.5 /
Resource Hash: e68cd7af9567cebc5c4ef7c7ceb252d204da72a25c0bd9b92ddd62215441f7a1

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 10:09:41 GMT
content-encoding: gzip
via: 1.1 3c84f89bba43de446e67a27b8df8b660.cloudfront.net (CloudFront)
last-modified: Mon, 24 Jun 2024 23:58:50 GMT
server: nginx/1.17.5
x-amz-cf-pop: IAD55-P3
age: 158526
etag: W/"667a083a-2754a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, stale-if-error, max-age=3600, s-max-age=172800
x-amz-cf-id: jRpBxubg7RrKDnTj2x0xmM6tph4dcrTxAT3vUhZ1VkVwa56MKJnVIQ==

GET
H2 200 gdpr_cookie_consent.min.js Show response
d1hcrjcdtouu7e.cloudfront.net/js/ 177 KB
46 KB 251ms
61ms Script
application/javascript 2600:9000:20ed:3200:c:2fdc:1a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1hcrjcdtouu7e.cloudfront.net/js/gdpr_cookie_consent.min.js?shop=theheadrestsafe.myshopify.com
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:3200:c:2fdc:1a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 09a5eca447af486a318745722d6cef74794605165d1daf4b598b63ce84e2bce4

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:45:58 GMT
content-encoding: gzip
via: 1.1 4e2a7874b5959279490dd3b94b18a312.cloudfront.net (CloudFront)
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: PHL50-C1
age: 239148
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 46482
x-amz-cf-id: FaAPWjvND41liSjpsF7IfZuGiyogUvbBzchTYZ8RveiHnj_aB4I5eg==
expires: Fri, 08 Nov 2024 11:45:58 GMT

GET
H2 200 govx.js Show response
id-shop.govx.com/app/theheadrestsafe.myshopify.com/ 20 KB
7 KB 229ms
84ms Script
text/javascript 151.101.193.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://id-shop.govx.com/app/theheadrestsafe.myshopify.com/govx.js?shop=theheadrestsafe.myshopify.com

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.180 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

ba7e9e9042cb20de08cb6a2eb9e6a8274ed3cd9c42d7a9e5b8d7c1b3e4aeee7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:47 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding: gzip
strict-transport-security: max-age=31557600
age: 16
x-powered-by: Express
x-cache: MISS, HIT, HIT
content-length: 6833
x-served-by: cache-bur-kbur8200172-BUR, cache-bur-kbur8200052-BUR, cache-mia-kmia1760062-MIA
request-context: appId=cid-v1:d9002c24-59a4-4c92-93de-421890e97c48
x-timer: S1720937508.649391,VS0,VE54
etag: W/"51df-CHMOVOXuLlNXFnpoWMPY8Gxyzgg"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300
accept-ranges: bytes
x-cache-hits: 0, 662, 0

GET
H2 200 23307918.js Show response
api-na1.hubapi.com/scriptloader/v1/ 2 KB
2 KB 195ms
77ms Script
application/javascript 2606:4700::6812:f36c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-na1.hubapi.com/scriptloader/v1/23307918.js?shop=theheadrestsafe.myshopify.com

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f36c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43790849b9c48552f938ea58ff86afbc0a31646ebae387e73e869ba4e722d20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7e906f9f-a8e0-49ad-b7c3-9fb5ddbd293c
x-envoy-upstream-service-time: 4
content-length: 662
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7e906f9f-a8e0-49ad-b7c3-9fb5ddbd293c
last-modified: Sun, 14 Jul 2024 03:04:52 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.theheadrestsafe.com
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-94hvq
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6fTiNKE6WnEUwnyDL7cUJdQ7Gs%2F9DXGqx5a48CAkg3liYx%2FLJGoEMSoV4RlwRr%2FdK3cwMnk0AdmSLbigx7%2BvYjrtokaKP2jFGB8UO6mXGRQmlbU19EYZIgnBHidek%2BMw4HNyCF0PUalEoF283SjGog%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a2f5b7e99c82589-MIA

GET
H2 200 hello.js Show response
hello.zonos.com/shop-duty-tax/ 2 KB
3 KB 233ms
57ms Script
application/json 18.160.41.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.zonos.com/shop-duty-tax/hello.js?1698620626638&shop=theheadrestsafe.myshopify.com
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.41.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-41-73.iad55.r.cloudfront.net
Software: Cowboy / Express
Resource Hash: 1d6dabef2b20716235c21ab2411f82f34d9af49be6ec03f186a4f28ddcabc0a7

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:27:00 GMT
via: 1.1 vegur, 1.1 8bf94e29f889f8d0076c4502ae008b58.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: Cowboy
x-amz-cf-pop: IAD55-P1
age: 240287
x-powered-by: Express
etag: W/"961-eCZisrwQ3FVYgpkmtFHoAy1eBzU"
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720697220&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=foUIuvmYKQL5tsvNfKglOSsouF94dGqBxK%2Bm%2Bn%2F25mc%3D"}]}
content-type: application/json; charset=utf-8
x-cache: Hit from cloudfront
cache-control: max-age=604800
content-length: 2401
x-amz-cf-id: wyWmllvoPXE-JL5Rlp8mBF7jilJ39GymHxz5vTRgynss-hxYzd7a5w==
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720697220&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=foUIuvmYKQL5tsvNfKglOSsouF94dGqBxK%2Bm%2Bn%2F25mc%3D

GET
H2 200 widget.min.js Show response
cdn1.stamped.io/files/ 104 KB
29 KB 65ms
61ms Script
application/javascript 3.162.112.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.stamped.io/files/widget.min.js?shop=theheadrestsafe.myshopify.com
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.112.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-112-127.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 268308d4d336856564e6188606756bcbd7d8b33e1fb352dd047f776dc8eaf3d0

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: ToEaywiJP3xkct0ZlxvFqSY2mTnuBa_5
content-encoding: br
via: 1.1 0bdcc10f69b746cb367ceb51e88a3d1c.cloudfront.net (CloudFront)
date: Sat, 13 Jul 2024 07:59:15 GMT
last-modified: Fri, 05 Jul 2024 17:07:23 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P2
age: 79953
x-amz-server-side-encryption: AES256
etag: W/"d40c306fca3394fa294243e734670458"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: qBpuvI--cOXG-woFKNwncQzyNiFAbclcNQ04ng0IflKftOMnpNkARg==

GET
H2 200 commonninja.js Show response
cdn.commoninja.com/sdk/latest/ 31 KB
10 KB 281ms
167ms Script
application/javascript 2606:4700:10::6816:2192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/sdk/latest/commonninja.js?shop=theheadrestsafe.myshopify.com
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c894b53906e5fecca9e55a665670443ad5d8afb18f1af140d1739b6152202a38

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:47 GMT
via: 1.1 vegur, 1.1 vegur
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
cross-origin-resource-policy: cross-origin
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720907564&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=kJVsd6r0%2BAvnx9ICOdjkonXJcIcbDFWGDyNLzUdiIeo%3D
cf-bgj: minify
last-modified: Sat, 13 Jul 2024 20:12:55 GMT
server: cloudflare
etag: W/"7dd3-190adba2158"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720907564&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=kJVsd6r0%2BAvnx9ICOdjkonXJcIcbDFWGDyNLzUdiIeo%3D"}]}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 8a2f5b7e9f963dcd-MIA

GET
H3 200 shopify_justuno_55404494899_29af4670-cc40-11ee-8f51-e1ef0d5ff12a.js Show response
scripttags.jst.ai/ 405 B
851 B 193ms
53ms Script
application/x-javascript 104.17.203.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripttags.jst.ai/shopify_justuno_55404494899_29af4670-cc40-11ee-8f51-e1ef0d5ff12a.js?shop=theheadrestsafe.myshopify.com
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.203.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b7e4f81deb76562b928e45e6033695d3b02ec796adff229eab8cb9fd3128818

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop: miamiUSFL
date: Sun, 14 Jul 2024 06:11:47 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 74P9DTXK5BHAEBEP
cf-polished: origSize=411
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: MISS
x-accel-date: 1719444745
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Uyr6YAyhwVNlYBq3vOYe0CxAglQroFCn1k2WRlb937OUWqE0gX16HLcOpmfWtiotaABCT2VBm2o=
x-77-nzt: EwgBWbutCgFBDAFPf8khAffl4ggADAGckjviAfcHWAkA
x-77-age: 582373
cf-bgj: minify
last-modified: Thu, 15 Feb 2024 20:24:05 GMT
server: cloudflare
etag: W/"b0997e3bcc1f97c5f6609ba61dacece8"
x-77-nzt-ray: 596cea2e9e24f310ee8785666ed9de13
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=691200
cf-ray: 8a2f5b7ebef467b4-MIA
expires: Mon, 22 Jul 2024 06:11:47 GMT

GET
H3 200 runtime.latest.en.7e83e9affa30a20ef89d.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
5 KB 77ms
44ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/runtime.latest.en.7e83e9affa30a20ef89d.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 107603
server-timing: imagery;dur=19.554, imageryFetch;dur=19.266, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
content-length: 3851
x-xss-protection: 1; mode=block
x-request-id: db833f76-e30b-4631-896f-5b85e2f7b307-1720826165
last-modified: Fri, 12 Jul 2024 23:16:05 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Ze%2FQsL7Lngsz7xall8kJsaVbe163nTIpcWfwb14FfwazCqHYkHzBC4gpgADvbpevxJ4hY%2FhgGdwEQj9TyNtrU%2BK06kz552BcAvDEAJcWg4zItoydhPRO1AQKrfDLKk4oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/runtime.latest.en.7e83e9affa30a20ef89d.js>; rel="canonical"
cf-ray: 8a2f5b7e1a93db11-MIA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 161ms
89ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=533429052&v=1.1&a=23307918&rcu=https%3A%2F%2Fwww.theheadrestsafe.com%2F&pu=https%3A%2F%2Fwww.theheadrestsafe.com%2F&t=The+Headrest+Safe+%7C+Discreet+Vehicle+Safes+%7C+The+Headrest+Safe%E2%84%A2+Co.&cts=1720937507500&vi=a85319a7d037d324f65e9aae41678076&nc=true&u=246263835.a85319a7d037d324f65e9aae41678076.1720937507494.1720937507494.1720937507494.1&b=246263835.1.1720937507495&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 60303c99-a5eb-4f1b-806f-511837150c7f
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 11
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 60303c99-a5eb-4f1b-806f-511837150c7f
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hA%2BbGv07Q6DRd7Y8YATe4SOAkf7WgMeet6JXQdslAK8Hny8xbPhpcqnWS%2F5i4Dz0ngW0B%2FJUVuWV6H3S4qIl%2FJWtrOtSEZWgr7F5%2F1fG78cm%2F0O%2F9JSgzh5AP6FKcYMUJuA2Dus1dxohrlW8FcQo"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-2vxt5
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8a2f5b7e6bc2746a-MIA
x-robots-tag: none

GET
H3 200 Horizontal_Red_TM_Logo_5ae67f53-e5f5-4342-b5a7-16c97bc1b030_32x32.png
www.theheadrestsafe.com/cdn/shop/files/ 1 KB
2 KB 46ms
46ms Other
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cdn/shop/files/Horizontal_Red_TM_Logo_5ae67f53-e5f5-4342-b5a7-16c97bc1b030_32x32.png?v=1659731614

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

94ba4d6e35b0ba9ef79a08890cfa5cf8bd0b784872719d61b1c5e1504aecfc42

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:47 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 332564
x-permitted-cross-domain-policies: none
source-type: image/png
server-timing: imagery;dur=129.058, imageryFetch;dur=92.231, imageryProcess;dur=35.604;desc="image", cfRequestDuration;dur=14.000177
source-length: 2685
content-length: 1514
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 55404494899
x-request-id: c5886568-66a3-42d9-9999-1a4f12c35ec5-1715632707
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 May 2024 20:38:27 GMT
server: cloudflare
x-shopid: 55404494899
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qFOC4w7wEomRQbUl%2B4CiCu%2BxHTS%2FQCe%2BuVIQrLYWfhXq%2BvKbSagaQam9G3N1cQsC8ENam6bo8bbvsqKxjC2dZ0sHVXY9ScK9QBCSSQe%2BCJj0JpcxrO5w%2F8Ol1ycUUApwrygGc%2FhDUmnf"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
x-download-options: noopen
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a2f5b7e1e75a548-MIA
x-sorting-hat-podid: 50

GET
H3 200 1978.latest.en.a9dc7430639bc3610f48.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
76 KB 46ms
45ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/1978.latest.en.a9dc7430639bc3610f48.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 136550
server-timing: imagery;dur=26.573, imageryFetch;dur=26.318, cfRequestDuration;dur=12.999773
alt-svc: h3=":443"; ma=86400
content-length: 77040
x-xss-protection: 1; mode=block
x-request-id: 1626dc64-d4ee-4580-ba10-bd94687d2a99-1720794076
last-modified: Fri, 12 Jul 2024 14:21:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e5JUHtG2OX5jejLZVOWVIMtoIjD6lJaB1xBRxwLNGCIh%2B507w5TmQWWJbONIv%2BmEWFkHeJVTU6Zw6jonhjdy58NQrAQRmpYpPLibxFU0FMb7b1%2FoltGKVz9C0eQPtkAe%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/1978.latest.en.a9dc7430639bc3610f48.js>; rel="canonical"
cf-ray: 8a2f5b7e6ab6db11-MIA

GET
H3 200 vck-shopify.js Show response
cdn.jst.ai/ 8 KB
3 KB 191ms
48ms Script
application/javascript 104.17.203.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jst.ai/vck-shopify.js
Requested by: Host: scripttags.jst.ai
URL: https://scripttags.jst.ai/shopify_justuno_55404494899_29af4670-cc40-11ee-8f51-e1ef0d5ff12a.js?shop=theheadrestsafe.myshopify.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.203.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78728492117ffdd4cd5cf4ffab2a186741f1b09b27206de4b6bb5976fcb3850a

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop: miamiUSFL
date: Sun, 14 Jul 2024 06:11:47 GMT
x-amz-version-id: SHM7dR7DOoCJxYFlXIfbg1rtnWWFWHEv
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: A25ENF04RBR5CGJG
age: 422721
cf-polished: origSize=11137
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: MISS
x-accel-date: 1717217902
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Ki9yNF3/pcMvYccY+TwJc78Tpy2NYGHhRiF0KAZx2SFy3dfKkzYvwybZw3BXG2MYFnDg0Nqq/SI=
x-77-nzt: EggBWbutFQFBDAG5O98UAffslAcA
x-77-age: 496876
cf-bgj: minify
last-modified: Wed, 06 Sep 2023 15:44:11 GMT
server: cloudflare
etag: W/"bd4cd14d20f2f7e0e698a1830de5fbd4"
x-77-nzt-ray: 256bf619b85a4a245a3f6266779c1c0c
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=700000
cf-ray: 8a2f5b80085fdb2d-MIA
access-control-allow-headers: *
expires: Mon, 22 Jul 2024 08:38:27 GMT

GET
H3 200 6605.latest.en.0a027deb4f4e87ae29a9.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
39 KB 44ms
44ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/6605.latest.en.0a027deb4f4e87ae29a9.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 227954
server-timing: imagery;dur=23.260, imageryFetch;dur=23.075, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
content-length: 39393
x-xss-protection: 1; mode=block
x-request-id: 095448bd-deac-4ac8-84f2-04e1102622ea-1720709553
last-modified: Thu, 11 Jul 2024 14:52:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FLIDAfGvgEFB2S3oTzGgzXtiTozSqVigFQqExsCfvLW7TzcKxEPLYIfDJClNEesKkK9Bjon3Oj9SG%2BhEzyT8s9%2Fv9GkHkLgcT7PevZVV7d7sy5llIY7ivx4jEWbhjzyBlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/6605.latest.en.0a027deb4f4e87ae29a9.js>; rel="canonical"
cf-ray: 8a2f5b7f1b05db11-MIA

GET
H2 200 hello.js Show response
hello.zonos.com/ 98 KB
34 KB 67ms
66ms Script
text/javascript 18.160.41.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.zonos.com/hello.js?siteKey=1O4BBGCKTSDFK
Requested by: Host: hello.zonos.com
URL: https://hello.zonos.com/shop-duty-tax/hello.js?1698620626638&shop=theheadrestsafe.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.41.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-41-73.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04d9c3a3765152d61f3d225a51a9cbbc1cba8460331f03fe1c597db9bf2ab2eb

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:07:39 GMT
content-encoding: gzip
via: 1.1 8bf94e29f889f8d0076c4502ae008b58.cloudfront.net (CloudFront)
last-modified: Fri, 16 Feb 2024 23:51:13 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 249
etag: W/"e52ca84289076a2cb0dd6ebf04d7264a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
x-amz-cf-id: wjzh2oj4Fxh8W1LNqOCszWQyjhpZZHHiRY8O9eySgPcUHQPJacw_1w==

GET
H3 200 4085.latest.en.d3bc65d7a91c6d71a13d.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
18 KB 53ms
52ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/4085.latest.en.d3bc65d7a91c6d71a13d.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 189431
server-timing: imagery;dur=22.493, imageryFetch;dur=22.206, cfRequestDuration;dur=12.000084
alt-svc: h3=":443"; ma=86400
content-length: 17728
x-xss-protection: 1; mode=block
x-request-id: 7a5a4ce8-51e2-475a-a87a-4505c4163527-1720621487
last-modified: Wed, 10 Jul 2024 14:24:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=srq3VVKll%2F4UVCMUCOIAMNnZiKYPKKgHqS6d3%2FrtOES4Vczg5jDAW0B8MgQuSUsdHiI%2FgaTTbBU%2BGue%2BuqHmOkPYqi2xLy3%2FLlTYLU3CQ9Waq2f07TZT5SgzTPo5Qz71jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/4085.latest.en.d3bc65d7a91c6d71a13d.js>; rel="canonical"
cf-ray: 8a2f5b7f7b2fdb11-MIA

GET
H2 200 storage.html
cdn.wishpond.net/ Frame 5F02 0
0 167ms
57ms Document
text/html 18.165.83.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wishpond.net/storage.html
Requested by: Host: cdn.wishpond.net
URL: https://cdn.wishpond.net/connect.js?merchantId=1817652&writeKey=555128992718&shop=theheadrestsafe.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.83.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-17.iad55.r.cloudfront.net
Software: nginx/1.17.5 /
Resource Hash

Request headers

Referer: https://www.theheadrestsafe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 450116
cache-control: public, must-revalidate, proxy-revalidate, max-age=0, s-max-age=172800
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 09 Jul 2024 01:09:51 GMT
etag: W/"666b254f-c7d"
last-modified: Thu, 13 Jun 2024 16:58:55 GMT
server: nginx/1.17.5
vary: Accept-Encoding
via: 1.1 65cdd88e2e6e21b095c2caf59292000c.cloudfront.net (CloudFront)
x-amz-cf-id: BaX3tbv6UckWTSiLu8fgHUHuwVsGpOcEb0pw2umPptBcHygys04P0w==
x-amz-cf-pop: IAD55-P3
x-cache: Hit from cloudfront

OPTIONS
H2 200 popups.json
www.wishpond.com/ Frame 0
0 231ms
59ms Preflight
text/plain 3.234.132.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/popups.json?merchant_id=1817652&url=https%3A%2F%2Fwww.theheadrestsafe.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.234.132.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-132-155.compute-1.amazonaws.com

Software

nginx/1.17.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.theheadrestsafe.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.theheadrestsafe.com
access-control-expose-headers
access-control-max-age: 600
content-encoding: gzip
content-type: text/plain
date: Sun, 14 Jul 2024 06:11:48 GMT
server: nginx/1.17.5
strict-transport-security: max-age=300
vary: Accept-Encoding
x-download-options: noopen
x-request-id: 1a05fb60-843e-4bd6-875e-d6692685b421
x-runtime: 0.000746

GET
H2 200 popups.json Show response
www.wishpond.com/ 13 B
1 KB 73ms
73ms XHR
application/json 3.234.132.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/popups.json?merchant_id=1817652&url=https%3A%2F%2Fwww.theheadrestsafe.com%2F

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.234.132.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-132-155.compute-1.amazonaws.com

Software

nginx/1.17.5 /

Resource Hash

96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self'
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Sun, 14 Jul 2024 06:11:48 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
content-security-policy: default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self'
content-encoding: gzip
p3p: CP="NON"
x-xss-protection: 1; mode=block
x-request-id: 2dfd34f3-a47e-4883-a153-8c2269337624
x-runtime: 0.013688
server: nginx/1.17.5
x-download-options: noopen
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-language: en-US
access-control-allow-origin: https://www.theheadrestsafe.com
access-control-expose-headers
access-control-max-age: 600
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
x-frame-options: DENY

GET
H3 200 app.latest.en.3aefd3d6726a4bbd5d1e.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
244 KB 50ms
50ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.3aefd3d6726a4bbd5d1e.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 107602
server-timing: imagery;dur=35.085, imageryFetch;dur=34.907, cfRequestDuration;dur=19.000053
alt-svc: h3=":443"; ma=86400
content-length: 248978
x-xss-protection: 1; mode=block
x-request-id: 136f081d-1be4-4827-a208-3af418ebbdc2-1720826166
last-modified: Fri, 12 Jul 2024 23:16:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oXGIbXTQRKKYsb8fZCQk5Iy%2BQX8XIFLuzi%2BwgB25slOs9VmVEsqFOiLfm2Njy%2F5PMbGB1xVmb7s0l57Hssm5SbhCQM8kolHukne1B%2B%2FKZFwZ7TAhgpqPQUKoAr4orqAeBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.3aefd3d6726a4bbd5d1e.js>; rel="canonical"
cf-ray: 8a2f5b7ffc54db11-MIA

GET
H/1.1 200
OK versioning Show response
gdpr.apps.isenselabs.com/users/ 114 B
397 B 470ms
152ms Fetch
application/json 143.198.251.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr.apps.isenselabs.com/users/versioning?shop=theheadrestsafe.myshopify.com&lqch=null&lqcl=null&version=null&designMode=false
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.198.251.218 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: c286e2728280320f33029ab4c6842fe20e716d0191ba5763d82fb2c6d791606f

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 14 Jul 2024 06:11:48 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Keep-Alive: timeout=5, max=200
Content-Length: 110

GET
H2 200 country Show response
hello.zonos.com/api/ 2 KB
1 KB 171ms
59ms XHR
application/json 18.160.41.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.zonos.com/api/country?siteKey=1O4BBGCKTSDFK
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.41.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-41-73.iad55.r.cloudfront.net
Software: /
Resource Hash: 19a28a7248efb89bb200cd9512c0d1775eadb527985edf43cf5cb05789a18317

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 05:52:07 GMT
content-encoding: gzip
via: 1.1 35306eb26a83034d2e583f34ce922c08.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
age: 1181
x-amzn-requestid: 0c6fa3c1-2446-4f59-b44a-0ac0b876c04c
x-amzn-trace-id: Root=1-66936787-40bc17a866948d70680b1ebe;Parent=3558487d576f9e7f;Sampled=0;lineage=1b766e8c:0
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1200
x-amz-apigw-id: a40dMHQMIAMEdZQ=
x-amz-cf-id: 0vQ1zi405Af-lQ6xAlfCp9tg8w3rQ3gkC_-VG1q3fCNYXt9jrSX2Dw==

GET
H3 200 cart.json Show response
www.theheadrestsafe.com/ 283 B
2 KB 84ms
84ms XHR
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/cart.json

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

dac48c6712fe068634f30f48d32512c78d1c8a993c1e7131e8beec3c5be97fad

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:47 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding: gzip
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
x-content-type-options: nosniff
x-shopify-nginx-no-cookies: 0
x-permitted-cross-domain-policies: none
server-timing: processing;dur=15, db;dur=3, asn;desc="9009", edge;desc="MIA", country;desc="US", servedBy;desc="v8gv", requestID;desc="2934cdd9-6c4d-46b7-b096-918b3a9cd670-1720937507", cfRequestDuration;dur=50.999880
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 55404494899
x-request-id: 2934cdd9-6c4d-46b7-b096-918b3a9cd670-1720937507
x-shardid: 50
x-storefront-renderer-rendered: 1
server: cloudflare
x-shopid: 55404494899
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: application/json; charset=utf-8
content-language: en
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ch9TZjNLMsDJbhFGj9KLWgJojHJXIV0RM3QK5q1VNtvStCpeX6TbiComyNoxZsrw9fDXTjWMpiCfVW30tRDN2GTIxSTWc%2BzHzt8vvMqBzz4wGn8daONvfnKbUDe4fTuFAc5RHGVukedM"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8a2f5b803f9da548-MIA
x-cartjs-cache: 1
x-sorting-hat-podid: 50
x-cartjs-updatedat: 0

GET
H3 200 account_version_check.html Show response
my.jst.ai/ajax/ 36 B
563 B 254ms
122ms Script
application/json 104.17.203.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.jst.ai/ajax/account_version_check.html?id=95A39452-BC0A-4ADF-9096-24B5A6FA08A3
Requested by: Host: cdn.jst.ai
URL: https://cdn.jst.ai/vck-shopify.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.203.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3087d46d3e5b9dfa894127a74a6c8df8d737e21affd87351dde52330a71c8382

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:48 GMT
cf-cache-status: EXPIRED
p3p: CP="CURa ADMa DEVa TAIa CONa OUR BUS DSP NON COR"
alt-svc: h3=":443"; ma=86400
content-length: 36
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 13 Jul 2024 23:11:48 PST
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=30
accept-ranges: bytes
cf-ray: 8a2f5b812a225c7c-MIA
access-control-allow-headers: X-CSRFToken, x-csrf-token, x-rover-source, X-Requested-With, origin, content-type, accept, Authentication
expires: Sun, 14 Jul 2024 06:12:18 GMT

GET
H2 200 main.js Show response
cdn.commoninja.com/scripts/sdk/ 441 KB
132 KB 50ms
49ms Script
text/javascript 2606:4700:10::6816:2192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.commoninja.com/scripts/sdk/main.js
Requested by: Host: cdn.commoninja.com
URL: https://cdn.commoninja.com/sdk/latest/commonninja.js?shop=theheadrestsafe.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d93fa53444bf4fe6023bc57bd13acd75021a68a396d8ffcaddbf06ad0929a374

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:47 GMT
via: 1.1 vegur, 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 855
x-powered-by: Express
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720936652&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=T9rw4B9R1T2FNan5mHDM3y7pauTvad3TVjD8UIDALlA%3D
cf-bgj: minify
server: cloudflare
etag: W/"6e433-9FAsHm5kGlSvto/CMkqrbcEVNok"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720936652&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=T9rw4B9R1T2FNan5mHDM3y7pauTvad3TVjD8UIDALlA%3D"}]}
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
cf-ray: 8a2f5b80c95e3dcd-MIA

GET
H3 200 2542.latest.en.e8b98a9ed829efc0c730.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
960 B 50ms
50ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/2542.latest.en.e8b98a9ed829efc0c730.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 3305731
server-timing: imagery;dur=22.946, imageryFetch;dur=22.768, cfRequestDuration;dur=17.999887
alt-svc: h3=":443"; ma=86400
content-length: 191
x-xss-protection: 1; mode=block
x-request-id: 6ff85dba-ecf0-4e63-aa54-a55ae15e4144-1717628594
last-modified: Wed, 05 Jun 2024 23:03:15 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vXwl6eoMBWYRzk7hCFuxrUqVL6WcFmM7ZtWWoEuiEbUvgPq0Ef9TNQIRTIU%2BKiAfsGKq88En%2FAI8DK8AOBeLncXb0WXSIYpHpOTk33Zh65PkfQBnDr3OEF3qTNsVf9rVGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/2542.latest.en.e8b98a9ed829efc0c730.js>; rel="canonical"
cf-ray: 8a2f5b80cd5fdb11-MIA

GET
H3 200 1662.latest.en.4892ba65f4970525948a.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
24 KB 46ms
45ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/1662.latest.en.4892ba65f4970525948a.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 209888
server-timing: imagery;dur=44.825, imageryFetch;dur=44.492, cfRequestDuration;dur=13.999939
alt-svc: h3=":443"; ma=86400
content-length: 23430
x-xss-protection: 1; mode=block
x-request-id: 38b2afb8-e2fd-4f01-9aaf-9fd4611ad018-1720723887
last-modified: Thu, 11 Jul 2024 18:51:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uXycJsXKEEuJtK9%2BgKILzhrxbzDH62b4elfKyZt46jUH%2FLum3wl9vjq5hzsQ253Y5TVA7g%2BW%2Fi99XBsMqB65SnP9Md%2FggMpTmxnz9k0OrNAxLht3w7RJ8Sw5Ahd8no2khg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/1662.latest.en.4892ba65f4970525948a.js>; rel="canonical"
cf-ray: 8a2f5b812d96db11-MIA

GET
H2 200 translation Show response
hello.zonos.com/api/ 11 KB
4 KB 62ms
61ms XHR
application/json 18.160.41.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.zonos.com/api/translation?c=US&siteKey=1O4BBGCKTSDFK
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.41.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-41-73.iad55.r.cloudfront.net
Software: /
Resource Hash: 3b29434cf6d5650746b13f8d941870f04e7e45abb1fe76f64596e5421b490112

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 05:52:07 GMT
content-encoding: gzip
via: 1.1 35306eb26a83034d2e583f34ce922c08.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
age: 1181
x-amzn-requestid: c4ace856-35f4-4ba4-b2d7-b8011b41ec25
x-amzn-trace-id: Root=1-66936787-707ae976094d391f121160c1;Parent=3dfe66a7ad617ceb;Sampled=0;lineage=94452634:0
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1200
x-amz-apigw-id: a40dPHZ4IAMEFqw=
x-amz-cf-id: Uauyq0vjEKLVGKHEeHhFaackn9ttIvLM_nrKbOT9OumLEnX6VkBgWw==

GET
H2 200 US.png
hello.zonos.com/images/flags/ 10 KB
10 KB 62ms
62ms Image
image/png 18.160.41.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hello.zonos.com/images/flags/US.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.41.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-41-73.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab52068d7e479ae84437eac67509ec7a9ed61d148d25923f42ef20ddd050facc

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 07 Jul 2024 17:27:41 GMT
via: 1.1 8bf94e29f889f8d0076c4502ae008b58.cloudfront.net (CloudFront)
last-modified: Mon, 28 Oct 2019 15:31:28 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 564247
etag: "b40b5746596e65a8dc599de67d4e0381"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
content-length: 10212
x-amz-cf-id: WJ76MoBuP8arMxumXsBCuQjL6xNg19z9StVNf1G32nScSaOLn_CBjQ==

GET
H3 200 8070.latest.en.8ff27283522475e94436.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
32 KB 44ms
43ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/8070.latest.en.8ff27283522475e94436.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 189432
server-timing: imagery;dur=22.794, imageryFetch;dur=22.606, cfRequestDuration;dur=12.000084
alt-svc: h3=":443"; ma=86400
content-length: 31574
x-xss-protection: 1; mode=block
x-request-id: 30b12277-42d6-4b80-894b-c27814c138a1-1720048662
last-modified: Wed, 03 Jul 2024 23:17:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QYyumbgxndzlBfSv2%2BGR%2BjPCnktgZAiruS%2FHT1v774IphEBaXQRCd0YK80rxYg1P1l3CvFFVZcLAcdYHoXHoCD6926ngOjef2XabFYLZDjsNpYrE1FSkrdCxLFBmtmmJcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/8070.latest.en.8ff27283522475e94436.js>; rel="canonical"
cf-ray: 8a2f5b81adfadb11-MIA

GET
H3 200 mwgt_4.1.js Show response
cdn.jst.ai/ 209 KB
52 KB 49ms
49ms Script
application/javascript 104.17.203.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jst.ai/mwgt_4.1.js?v=6.07
Requested by: Host: cdn.jst.ai
URL: https://cdn.jst.ai/vck-shopify.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.203.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ccc85f4f95cde2d446440a8b7bec42e5135328a1a8d328d2bad7c05a4608ccc

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop: miamiUSFL
date: Sun, 14 Jul 2024 06:11:48 GMT
x-amz-version-id: 3LexdNoFtnaIpDs75bK.8is1PPn4tYkj
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: W6FV00TZX5GXH3W1
age: 422726
cf-polished: origSize=284040
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 12873
x-accel-date: 1717701905
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dzZ+udEWUljFRDi08y4Zhz+dg9VqhrQu5Qr8LZlq84YPQ4c4SR/QjsirtT1/Cg9pbejFDgiCD60=
x-77-nzt: EgwBWbutFQH3STIAAAwBuTvfFAHXdMsJAA
x-77-age: 12873
cf-bgj: minify
last-modified: Wed, 29 May 2024 16:56:30 GMT
server: cloudflare
etag: W/"10bbba91e4eaa056b2960c618e865055"
x-77-nzt-ray: 256bf61951351f255a3f626669113c0d
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=700000
cf-ray: 8a2f5b81f96adb2d-MIA
access-control-allow-headers: *
expires: Mon, 22 Jul 2024 08:38:28 GMT

GET
H3 200 2080.latest.en.5117e670600bcaf49bb5.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
926 B 45ms
45ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/2080.latest.en.5117e670600bcaf49bb5.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 229233
server-timing: imagery;dur=31.244, imageryFetch;dur=31.019, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
content-length: 156
x-xss-protection: 1; mode=block
x-request-id: 97116185-20a3-4a33-9200-d8e61f668eef-1719504050
last-modified: Thu, 27 Jun 2024 16:00:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mvnmok6HV0krS9HdM4v62T%2F9vOMYeX%2F0R5yGk7Ip3HhCbn4ASgvEFJPUQY2352NrAIa6heD3ne8OiRVsYKGHtu8Zq0i7I7BKi4zMJ%2FiEUjMrvPxUhwjmnEzBB37S%2BOXPvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/2080.latest.en.5117e670600bcaf49bb5.js>; rel="canonical"
cf-ray: 8a2f5b81fe26db11-MIA

GET
H3 200 8831.latest.en.46f547d10b0c459013c1.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
50 KB 43ms
43ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/8831.latest.en.46f547d10b0c459013c1.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 146658
server-timing: imagery;dur=27.906, imageryFetch;dur=27.628, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
content-length: 50680
x-xss-protection: 1; mode=block
x-request-id: 3f79d3bf-0ce4-4cf5-865b-1e370f4473f1-1720789923
last-modified: Fri, 12 Jul 2024 13:12:03 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aMGqbH0GKOgAzyl2v4P7T0M5iZtbzBzIKaIAYoVx85mxqGFqtfdCbn1R3U4v9q%2BR07mXxm9Przk9f2R1ynq6RpfHzHAK2V2R%2BcxjKsWIn56sEerPBrIqMeZc%2B5mw%2FRNOkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/8831.latest.en.46f547d10b0c459013c1.js>; rel="canonical"
cf-ray: 8a2f5b824e4bdb11-MIA

GET
H3 200 236.latest.en.90053bed5a47c7f366f0.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
27 KB 47ms
46ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/236.latest.en.90053bed5a47c7f366f0.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 136550
server-timing: imagery;dur=45.024, imageryFetch;dur=26.250, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
content-length: 26657
x-xss-protection: 1; mode=block
x-request-id: 8b9c54e5-c432-42fd-84e7-8891b038812c-1720798244
last-modified: Fri, 12 Jul 2024 15:30:44 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H9sxiPRAsgZQ%2BkQmVmI7h5MPCNgVND7vZ5ASsSblfNZPi7KPJOlvQ4pXRnNeMKCpJXjywmPfDZlzhfVTRHoBjKK9xsZyJLh%2FS6v1K8ssozUAUHqnqhJiK0gPTk%2F%2F96ZDzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/236.latest.en.90053bed5a47c7f366f0.js>; rel="canonical"
cf-ray: 8a2f5b829e7ddb11-MIA

GET
H3 200 store_4.1.html
cdn.jst.ai/ Frame E2ED 0
0 83ms
50ms Document
text/html 104.17.203.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jst.ai/store_4.1.html?v=6.07
Requested by: Host: cdn.jst.ai
URL: https://cdn.jst.ai/mwgt_4.1.js?v=6.07
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.203.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.theheadrestsafe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: max-age=700000
cf-cache-status: DYNAMIC
cf-ray: 8a2f5b8338afa56c-MIA
content-encoding: br
content-type: text/html
date: Sun, 14 Jul 2024 06:11:48 GMT
last-modified: Tue, 31 Mar 2020 15:31:26 GMT
server: cloudflare
vary: Accept-Encoding
x-77-age: 435599
x-77-cache: HIT
x-77-nzt: EgwBWbutFQH3j6UGAAwBnJI73wH3EQAAAA
x-77-nzt-ray: 256bf61974cef524246c9366f4586216
x-77-pop: miamiUSFL
x-accel-date: 1720501909
x-accel-date-max: 1717001921
x-age: 435599
x-amz-id-2: Uck8H6Qdo2rEH4kRu9+NWu0RSe4QWsMPBCk7OLiGkuDfwmUDxiO5cwnBhKmWODUNoxGYaIVJnEk=
x-amz-request-id: 3YRXGTZD1PMPG81N
x-amz-version-id: n8._QaxL6VauG4hu9U02QXwqY3LVnM24
x-cache: HIT

GET
H3 200 5718.latest.en.58047917563baf0a16ad.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
23 KB 46ms
45ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/5718.latest.en.58047917563baf0a16ad.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 146658
server-timing: imagery;dur=25.999, imageryFetch;dur=25.798, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
content-length: 22840
x-xss-protection: 1; mode=block
x-request-id: f0a7a026-aa20-4112-aba9-aa45bf712187-1720789923
last-modified: Fri, 12 Jul 2024 13:12:03 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2q6wtmt7gjFoz8TKaKK0Uc4HzpyF7C6NMOcB7jL4DwgNZXxVt4%2FSwapqIWFZ2LNXPARbKT4N8r3vCSb1yHrd7PjLGyc4EMvZdtOhgnavoJPNzpWkp%2BVVYS2y3fjfw8TCbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/5718.latest.en.58047917563baf0a16ad.js>; rel="canonical"
cf-ray: 8a2f5b831ec6db11-MIA

GET
H2 200 checkIp Show response
consentmo-geo.com/users/ 61 B
602 B 318ms
170ms Fetch
application/json 2606:4700:20::681a:c6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://consentmo-geo.com/users/checkIp

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fe4876c6c5260469b3c03e867e282beaeb1f968db15290f71df2020d95f9807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:48 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=86400, enforce
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SJxh5IVFfPoeh8xEVR6tLPA2PW62UAtIolmy1bQgP6CbeB39fQ0rKbxAWQXeOWHW2rhsC%2FcALkD8bqv4SxelW2KCd0OHuyRPSX50HKDUs3LEdv9ErtJ0rj8ATFy9FX34g5CcUfBa72r79NlLv%2FWi"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-ray: 8a2f5b840d265c5f-MIA
x-xss-protection: 1; mode=block

GET
H3 200 2714.latest.en.b174a9855659feaef1f1.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
7 KB 47ms
46ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/2714.latest.en.b174a9855659feaef1f1.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 146658
server-timing: imagery;dur=24.310, imageryFetch;dur=24.035, cfRequestDuration;dur=15.000105
alt-svc: h3=":443"; ma=86400
content-length: 6421
x-xss-protection: 1; mode=block
x-request-id: 97b27ab7-306e-48cd-bbaa-66d35be26589-1720789923
last-modified: Fri, 12 Jul 2024 13:12:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QUr4HmIma84Ipmdx5JWvy%2FQ7%2F5q2mOldZbAgWKCbZv88mcsiD4aF%2Bg9n3ebS5uFnxBLMfSQPdLv40hgId2aNyDCUo0eN%2FkGmsLiiDJOFDj4aXwB8PDlrOD4I9iPNU31J%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/2714.latest.en.b174a9855659feaef1f1.js>; rel="canonical"
cf-ray: 8a2f5b836ef1db11-MIA

GET
H3 200 4619.latest.en.f85e8b5eb0a530d35b33.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
6 KB 43ms
42ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/4619.latest.en.f85e8b5eb0a530d35b33.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 209887
server-timing: imagery;dur=23.561, imageryFetch;dur=23.303, cfRequestDuration;dur=12.000084
alt-svc: h3=":443"; ma=86400
content-length: 5212
x-xss-protection: 1; mode=block
x-request-id: b0743095-2e5f-4d93-870e-37d7daa58c9e-1720724782
last-modified: Thu, 11 Jul 2024 19:06:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r3vTlQXPRUmuUl6UlszWa363Yr8Tkt5H3UjdiRUseVkWwhXQIAqoyeU8h47ZkaRKTE%2BRj7Xg8Hx2OlbG77w73a6uHgHrgonB3MHJjSgu19GVoahd49OHlDPs%2Fl5mKS40wA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/4619.latest.en.f85e8b5eb0a530d35b33.js>; rel="canonical"
cf-ray: 8a2f5b83ff2bdb11-MIA

GET
H3 200 OnePage.latest.en.10a05d1664012d5dba04.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
68 KB 43ms
43ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/OnePage.latest.en.10a05d1664012d5dba04.js

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 119469
server-timing: imagery;dur=21.819, imageryFetch;dur=21.588, cfRequestDuration;dur=12.000084
alt-svc: h3=":443"; ma=86400
content-length: 69245
x-xss-protection: 1; mode=block
x-request-id: cf48f7bc-38c3-4ebc-9579-1a7d84f5d285-1720815309
last-modified: Fri, 12 Jul 2024 20:15:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sSNH%2BguWbLwTwn4ldnwOpRSHzteceXn51uVTkWpOhtb%2FQOk%2Fiuk0Q5pjbDBkt9iP43fFBe3cgidS4D26tVUECEjK8OXKLgjbumC4uA1utgm%2FVDDyfc%2FJdmWywoYM%2FKzNag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/OnePage.latest.en.10a05d1664012d5dba04.js>; rel="canonical"
cf-ray: 8a2f5b843f51db11-MIA

GET
H3 200 1978.latest.en.00125a9524dffa2a513b.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
23 KB 45ms
45ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/1978.latest.en.00125a9524dffa2a513b.css

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 146658
server-timing: imagery;dur=23.182, imageryFetch;dur=22.916, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
content-length: 23008
x-xss-protection: 1; mode=block
x-request-id: 6ae84465-534e-4ce6-ab1a-c0da32f522f9-1720789924
last-modified: Fri, 12 Jul 2024 13:12:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7O%2BSYGJoJIA1Qax%2FVRty116pu%2Fo0IxgEtJDjyA3GJglflvqIDzZQvuchKdHdynnu5hgNCCfkCPiat%2B9c901lBRzEefaXDL3lmaWjMdFZBXia%2BG8vSW2qXd70YDfm7djlGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/1978.latest.en.00125a9524dffa2a513b.css>; rel="canonical"
cf-ray: 8a2f5b84bf9cdb11-MIA

GET
H3 200 app.latest.en.8ae030d5b62ddbf3a670.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
4 KB 44ms
44ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.8ae030d5b62ddbf3a670.css

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 189431
server-timing: imagery;dur=21.013, imageryFetch;dur=20.790, cfRequestDuration;dur=12.000084
alt-svc: h3=":443"; ma=86400
content-length: 3739
x-xss-protection: 1; mode=block
x-request-id: 57e4d59f-b980-429e-8858-b8df9ff30f26-1720632677
last-modified: Wed, 10 Jul 2024 17:31:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XIAJQxkyc2THURjrcYIT6ndJ7Ej4sRER4GnRNLJ5gcJKv0qzZw5NypfAXa4mdqbMjZMjG4aF2XL1OmPh6QAyhrQkV%2FCk8W%2BW5fcAFdvgPfjRhcszsPTwI0SLJ%2BO4dg4%2B4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.8ae030d5b62ddbf3a670.css>; rel="canonical"
cf-ray: 8a2f5b850fd3db11-MIA

GET
H/1.1 200
OK getCookieConsentSettings Show response
gdpr.apps.isenselabs.com/users/ 21 B
267 B 161ms
160ms Fetch
application/json 143.198.251.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr.apps.isenselabs.com/users/getCookieConsentSettings?shop=theheadrestsafe.myshopify.com&sa=0&country=US&state=FL
Requested by: Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.198.251.218 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 38b904a1cf83df048360fb2480571b749fd98d57e11f1afdffb5a74a78166fea

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 14 Jul 2024 06:11:48 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Keep-Alive: timeout=5, max=199
Content-Length: 21

POST
H3 200 graphql.json Show response
www.theheadrestsafe.com/api/unstable/ 527 B
2 KB 96ms
94ms Fetch
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/api/unstable/graphql.json

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

1b5194dc4c64ba6d57e1ef2ef043b3241ea78c13bec0e08971ce0a628ef1b3c7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

x-shopify-storefront-access-token: c165475e96a465cdfa31d427e191d834
Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 14 Jul 2024 06:11:48 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding: gzip
x-shopify-api-version: unstable
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
x-content-type-options: nosniff
x-shopify-with-compliance-stack: 1
x-shopify-nginx-no-cookies: 0
x-permitted-cross-domain-policies: none
server-timing: processing;dur=24, db;dur=5, asn;desc="9009", edge;desc="MIA", country;desc="US", servedBy;desc="zrqf", graphql;desc="storefront/query/other", gqlSelectionNames;desc="sfr/consentManagement", requestID;desc="f545e007-9e36-400c-966a-bc2bd7c184f5-1720937508", cfRequestDuration;dur=59.999943
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 55404494899
x-request-id: f545e007-9e36-400c-966a-bc2bd7c184f5-1720937508
x-shardid: 50
x-storefront-renderer-rendered: 1
server: cloudflare
x-shopid: 55404494899
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theheadrestsafe.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Xle7JMFgVI6U1Gwvq4yoMzUhBffQF20teiyxAwRGycW9%2FLwjVRpn2FS0xgQFDI0PHl5Qis5PYe%2B%2BarFG1V9C9XqFRjcKNaUvFjevLOo%2Fabh65iygoMAdoUmBCtj8%2FkusI2FzXAOD4NX"}],"group":"cf-nel","max_age":604800}
content-language: en-US
access-control-allow-credentials: true
x-download-options: noopen
cf-ray: 8a2f5b862b8ba548-MIA
x-sorting-hat-podid: 50

GET
H3 200 6268.latest.en.3e483127dbf554cf988e.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 0
8 KB 43ms
43ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/6268.latest.en.3e483127dbf554cf988e.css

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 399841
server-timing: imagery;dur=177.725, imageryFetch;dur=18.341, cfRequestDuration;dur=12.000084
alt-svc: h3=":443"; ma=86400
content-length: 7352
x-xss-protection: 1; mode=block
x-request-id: 9f9888ea-dbbb-44d7-ba79-444fac725c75-1720536789
last-modified: Tue, 09 Jul 2024 14:53:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OrfJ7w2eufC6ZwB6F%2F7MdJrTavvmWSSXlQu2B44fdEwkW%2FfSUT7G7r%2BbhqlsNmrseEBviB7XsfVtFGYcXcTeZFs7zFd%2B%2Fk%2BvNACICKwqTAtFFVGUSeZXl1g6VYQYJSXX1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/6268.latest.en.3e483127dbf554cf988e.css>; rel="canonical"
cf-ray: 8a2f5b875907db11-MIA

GET
H3 200 Horizontal_Primary_TM_Logo_x320.png
cdn.shopify.com/s/files/1/0554/0449/4899/files/ 0
11 KB 44ms
44ms Other
image/png 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0554/0449/4899/files/Horizontal_Primary_TM_Logo_x320.png?v=1689091785

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/checkouts/internal/preloads.js?locale=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
Origin: https://www.theheadrestsafe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:49 GMT
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 189432
source-type: image/png
server-timing: imagery;dur=87.372, imageryFetch;dur=50.682, imageryProcess;dur=35.701;desc="image", cfRequestDuration;dur=11.999846
source-length: 10298
content-length: 9892
x-xss-protection: 1; mode=block
x-request-id: 2ca479a0-d9e6-4f3d-b867-fbc35288b609-1715634855
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 May 2024 21:14:15 GMT
server: cloudflare
x-shopid: 55404494899
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Om26z%2Fq1fB%2BRL86eGf1zmdQ7nzwE25iC5ulEXoa1bP4MFDdGPg5RGAT%2B2f%2F2RA78cekaDo0QXiF7H%2BdlWkxwQQEozUzkSz8bgzSpjgt3X%2By7%2FGIylY4dBmzpbZv%2Fyc7MBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0554/0449/4899/files/Horizontal_Primary_TM_Logo_x320.png>; rel="canonical"
cf-ray: 8a2f5b87992edb11-MIA

GET
H3 200 account_config_4.1.html Show response
my.jst.ai/ajax/ 186 B
553 B 100ms
99ms Script
application/json 104.17.203.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.jst.ai/ajax/account_config_4.1.html?callback=jsonCallback&m=0&id=95A39452-BC0A-4ADF-9096-24B5A6FA08A3&p=0&cm=0&pl=25
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.203.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3b9b370864f24dcb9cf2296d438ae04671035284d7b599872e4546f4b4d85e6

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:49 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: EXPIRED
last-modified: Sat, 13 Jul 2024 23:11:49 PST
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; Charset=UTF-8
p3p: CP="CURa ADMa DEVa TAIa CONa OUR BUS DSP NON COR"
cache-control: no-store,private
cf-ray: 8a2f5b893f895c7c-MIA
access-control-allow-headers: X-CSRFToken, x-csrf-token, x-rover-source, X-Requested-With, origin, content-type, accept, Authentication
alt-svc: h3=":443"; ma=86400
expires: Sun, 14 Jul 2024 06:11:49 GMT

GET
H3 200 findp Show response
aly.jst.ai/api/session/ 1 KB
804 B 226ms
88ms Script
application/javascript 104.17.202.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aly.jst.ai/api/session/findp?callback=jsonFindCallback&accid=95A39452-BC0A-4ADF-9096-24B5A6FA08A3&genhash=&device_static_hash=&userid_hash=&pageId=1plsc7&guid=&time=0&segment=0&language=en-US&camefrom=&thisurl=https%3A%2F%2Fwww.theheadrestsafe.com&agent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&sw=1600&sh=1200
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.202.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 558eea7913e40d690e58fc8555512ee0b3af43b9d4cb284ee82eca66c32bfc1a

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 06:11:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: DAV, content-length, Allow
access-control-allow-credentials: true
cf-ray: 8a2f5b8a19b3a4f1-MIA
access-control-allow-headers: X-CSRF-Token, x-rover-source, origin, x-requested-with, content-type, accept, cache-control, Authentication
alt-svc: h3=":443"; ma=86400

POST
H3 200 produce_batch
www.theheadrestsafe.com/.well-known/shopify/monorail/unstable/ 0
781 B 84ms
82ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theheadrestsafe.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: www.theheadrestsafe.com
URL: https://www.theheadrestsafe.com/cdn/wpm/b7b287763w75de8ebep01a2177bme7de4691m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 14 Jul 2024 06:11:49 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=51.000118
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: 6df2012f-d7b0-41db-86be-85a3b0daf092
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tjeb%2B7cFYdzs6%2FY3pXD96pAH9s587eXBm4PClX1NNJnLSBOLYHw8U62%2Fnz0inikKGAzfKoEqeINDA%2BBiuBAG0bl%2BT0Yl%2FxjYoas9pLuQqdEjVot2RPX713tjUJVC9E0UnJhPP9CVmhyB"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.theheadrestsafe.com
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray: 8a2f5b8a5edda548-MIA

GET
H3 200 store_4.1.html
cdn.jst.ai/ Frame C343 0
0 0ms
0ms Document
text/html 104.17.203.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jst.ai/store_4.1.html?v=6.07
Requested by: Host: cdn.jst.ai
URL: https://cdn.jst.ai/mwgt_4.1.js?v=6.07
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.203.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.theheadrestsafe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: max-age=700000
cf-cache-status: DYNAMIC
cf-ray: 8a2f5b8338afa56c-MIA
content-encoding: br
content-type: text/html
date: Sun, 14 Jul 2024 06:11:48 GMT
last-modified: Tue, 31 Mar 2020 15:31:26 GMT
server: cloudflare
vary: Accept-Encoding
x-77-age: 435599
x-77-cache: HIT
x-77-nzt: EgwBWbutFQH3j6UGAAwBnJI73wH3EQAAAA
x-77-nzt-ray: 256bf61974cef524246c9366f4586216
x-77-pop: miamiUSFL
x-accel-date: 1720501909
x-accel-date-max: 1717001921
x-age: 435599
x-amz-id-2: Uck8H6Qdo2rEH4kRu9+NWu0RSe4QWsMPBCk7OLiGkuDfwmUDxiO5cwnBhKmWODUNoxGYaIVJnEk=
x-amz-request-id: 3YRXGTZD1PMPG81N
x-amz-version-id: n8._QaxL6VauG4hu9U02QXwqY3LVnM24
x-cache: HIT

POST
H2 400 matomo.php
uptick.matomo.cloud/ 411 B
525 B 174ms
173ms Ping
text/html 18.157.122.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uptick.matomo.cloud/matomo.php?fa_vid=e8sX8c&fa_lf=email&fa_st=1&fa_ht=0&fa_ts=0&fa_fv=1&ca=1&idsite=2&rec=1&r=298558&h=20&m=11&s=47&url=https%3A%2F%2Fwww.theheadrestsafe.com%2F&_id=aa63241c2e540857&_idn=0&send_image=0&_refts=0&pv_id=KAbRUi&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/uptick.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.157.122.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-122-248.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 8b3870645ef8115a00e25ec8b1c7f303d7faa4b23520792fbaf236151914f19f

Request headers

Referer: https://www.theheadrestsafe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Sun, 14 Jul 2024 06:11:50 GMT
content-encoding: gzip
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.theheadrestsafe.com
access-control-allow-credentials: true
content-length: 280

Verdicts & Comments Add Verdict or Comment

353 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
theheadrestsafe.com/	1969-12-31 23:59:59	Name: receive-cookie-deprecation Value: 1
www.theheadrestsafe.com/	1970-01-20 22:02:19	Name: keep_alive Value: 551c97c2-8c6c-4782-ad05-3aafdd07966f
www.theheadrestsafe.com/	1970-01-21 06:47:53	Name: secure_customer_sig Value:
www.theheadrestsafe.com/	1970-01-21 06:47:53	Name: localization Value: US
www.theheadrestsafe.com/	1970-01-20 22:22:27	Name: cart_currency Value: USD
.theheadrestsafe.com/	1970-01-21 06:47:53	Name: _cmp_a Value: %7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22sale_of_data_region%22%3Afalse%7D
.theheadrestsafe.com/	1970-01-21 06:47:53	Name: _shopify_y Value: aeb0c554-4ebf-47b7-8e0b-6b2cc64d3b27
.theheadrestsafe.com/	1970-01-20 22:22:27	Name: _orig_referrer Value:
.theheadrestsafe.com/	1970-01-20 22:22:27	Name: _landing_page Value: %2F
www.theheadrestsafe.com/	1969-12-31 23:59:59	Name: receive-cookie-deprecation Value: 1
.theheadrestsafe.com/	1970-01-20 22:02:19	Name: _shopify_s Value: 4ff2e89d-4c5c-4d30-ab59-c11f46de7191
.theheadrestsafe.com/	1970-01-20 22:02:19	Name: _shopify_sa_t Value: 2024-07-14T06%3A11%3A45.667Z
.theheadrestsafe.com/	1970-01-20 22:02:19	Name: _shopify_sa_p Value:
.theheadrestsafe.com/	1970-01-21 00:11:53	Name: _gcl_au Value: 1.1.1406228851.1720937506
www.theheadrestsafe.com/	1970-01-20 22:02:21	Name: shopify_pay_redirect Value: pending
www.theheadrestsafe.com/	1970-01-21 07:38:17	Name: __kla_id Value: eyJjaWQiOiJZakl5T0RrNU9XTXROV000TWkwME0yUXdMV0kwTWpFdE1tVmtNR0U0Wmpjd09ETXkiLCIkcmVmZXJyZXIiOnsidHMiOjE3MjA5Mzc1MDYsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3LnRoZWhlYWRyZXN0c2FmZS5jb20vIn0sIiRsYXN0X3JlZmVycmVyIjp7InRzIjoxNzIwOTM3NTA2LCJ2YWx1ZSI6IiIsImZpcnN0X3BhZ2UiOiJodHRwczovL3d3dy50aGVoZWFkcmVzdHNhZmUuY29tLyJ9fQ==
.theheadrestsafe.com/	1970-01-20 22:03:43	Name: _gid Value: GA1.2.19211752.1720937506
.theheadrestsafe.com/	1970-01-20 22:02:17	Name: _gat Value: 1
.theheadrestsafe.com/	1970-01-21 07:28:12	Name: _pk_id.2.4072 Value: aa63241c2e540857.1720937506.
.theheadrestsafe.com/	1970-01-20 22:02:19	Name: _pk_ses.2.4072 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: LdxILirvKPk
.youtube.com/	1970-01-21 02:21:29	Name: VISITOR_INFO1_LIVE Value: NwhhwF82TKg
.youtube.com/	1970-01-21 02:21:29	Name: VISITOR_PRIVACY_METADATA Value: CgJVUxIEGgAgPA%3D%3D
.theheadrestsafe.com/	1970-01-21 07:38:17	Name: _ga_DLVCWEKTJV Value: GS1.1.1720937505.1.0.1720937505.0.0.0
.theheadrestsafe.com/	1970-01-21 07:38:17	Name: _ga Value: GA1.1.1096921383.1720937506
.bing.com/	1970-01-21 07:23:53	Name: MUID Value: 3AA1385F2660629A09822CE3270C6312
.bat.bing.com/	1970-01-20 22:12:22	Name: MR Value: 0
.flowcode.com/	1970-01-20 22:02:19	Name: __cf_bm Value: 1AK9CP0jOM6R6xe3ud6oD3E6awi8xE00ek5mKtoIQPU-1720937505-1.0.1.1-6Ul9jqMAH5mP3e6K_xlVBFkfjNs3sfcsagjAbjia79gqLoTMC_EJgXPiMew6FRc3UUNwMgU1b2E2Mo_4VOFrsA
.flowcode.com/	1969-12-31 23:59:59	Name: _cfuvid Value: NmYoWVbksW2r_DYX54QQBESDpdQQS.xgblHNdmRoWKw-1720937505980-0.0.1.1-604800000
.doubleclick.net/	1970-01-21 07:38:17	Name: IDE Value: AHWqTUn4gQTUBgNpJ9XSYQctqXBVtppEriq5dWVMxvZ51-ghcroLdc3Vj3bl6zrZ
.theheadrestsafe.com/	1970-01-21 07:38:17	Name: _ga_0R9BC4E5ZK Value: GS1.1.1720937506.1.0.1720937506.60.0.0
www.theheadrestsafe.com/	1970-01-20 22:02:19	Name: _sp_ses.0ccb Value: *
www.theheadrestsafe.com/	1970-01-21 07:38:17	Name: _sp_id.0ccb Value: 8f23b44c-c8f8-4374-a8c8-4f50ad71b1c3.1720937506.1.1720937506..3aa3badf-1030-462e-b9d2-77e86ba349a0..c02d14d0-41f1-4f0a-9dfb-3d1ae5303dee.1720937506159.1
.theheadrestsafe.com/	1970-01-21 06:47:53	Name: __rkp Value: fpc=WWffuemTqrgxavTAmBvNs.1720937506236
www.theheadrestsafe.com/	1970-01-20 22:45:29	Name: _vb Value: 0d043ae2-3000-445e-a0db-0e7afe84a4f1
.hsforms.com/	1970-01-20 22:02:19	Name: __cf_bm Value: nOkcRUQ9.qyPcBZFhD9MclT204V5sBLqkgGIcdCoyd0-1720937506-1.0.1.1-qq8yinGoBcoa7xsvjpBMeeXo1QLAbrOwpu7QnsfafsUy1jyc.dPDBGe_xmT2QeQJslMpTHdmcd2Lj7QeZwbrpw
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Gsnl4CkziXoL1XPjeIU8FLq4b7YkKwVDk7woEuzYrXE-1720937506227-0.0.1.1-604800000
.theheadrestsafe.com/	1970-01-21 00:11:53	Name: _fbp Value: fb.1.1720937506260.957868196742854554
.theheadrestsafe.com/	1970-01-20 22:03:43	Name: _uetsid Value: f2baa9c041a711efbd5b45bd2f226087
.theheadrestsafe.com/	1970-01-21 07:23:53	Name: _uetvid Value: f2bad4a041a711ef8a3757456cab87e8
.bing.com/	1970-01-21 07:23:53	Name: MSPTC Value: NXhutyYjHUS-n_FyYrVIJlo13KD_efU_bWDJ9f5A-nQ
collector.flowcode.com/	1970-01-21 06:47:53	Name: sp Value: 03f79b04-d7ca-480a-b1e3-aad265dc6318
.theheadrestsafe.com/	1970-01-21 06:47:53	Name: _hjSessionUser_3218037 Value: eyJpZCI6IjU1OTQ0YjUzLTE1YTEtNTA1Ny04MjAyLTE1OTI3OWEyNmJlOCIsImNyZWF0ZWQiOjE3MjA5Mzc1MDY0OTgsImV4aXN0aW5nIjpmYWxzZX0=
.theheadrestsafe.com/	1970-01-20 22:02:19	Name: _hjSession_3218037 Value: eyJpZCI6IjRmOTYwMjI5LTAwOGUtNGJlMy1hOGQwLTI0NjI4MDFhM2U5MCIsImMiOjE3MjA5Mzc1MDY0OTksInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.w55c.net/	1970-01-21 07:31:41	Name: wfivefivec Value: uVMhJ5Ue1SsSsy2
.w55c.net/	1970-01-20 22:45:29	Name: matchgoogle Value: 2
.theheadrestsafe.com/	1970-01-21 02:21:29	Name: __hstc Value: 246263835.a85319a7d037d324f65e9aae41678076.1720937507494.1720937507494.1720937507494.1
.theheadrestsafe.com/	1970-01-21 02:21:29	Name: hubspotutk Value: a85319a7d037d324f65e9aae41678076
.theheadrestsafe.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.theheadrestsafe.com/	1970-01-20 22:02:19	Name: __hssc Value: 246263835.1.1720937507495
.hubspot.com/	1970-01-20 22:02:19	Name: __cf_bm Value: PQLBjMpAwsSfpkAfmw.CYT_HQB2nScQW3qV3LPYIkUI-1720937507-1.0.1.1-AMXAHyWl_CUIyby9gqXRR8hIkyOO7nLYZ0yOTxQhywvxjlbXe3k5ey2lbSAGP3sAax8U9GfKQavGgecvAiUAOg
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 845tIu9Dkk6xrMq8bj0KLheM__Mmga17DTcwGWog5tc-1720937507639-0.0.1.1-604800000
.theheadrestsafe.com/	1970-01-21 06:47:53	Name: zCountry Value: US
.theheadrestsafe.com/	1970-01-21 06:47:53	Name: zHello Value: 1
my.jst.ai/	1970-01-20 22:02:19	Name: __cflb Value: 04dToS6decDvtn94xCdmQthrL5q991KR8KWqaco1Rb
www.theheadrestsafe.com/	1970-01-20 22:02:19	Name: _ju_v Value: 4.1_6.07
.theheadrestsafe.com/	1970-01-20 22:03:43	Name: _ju_dm Value: cookie
.theheadrestsafe.com/	1970-01-20 22:45:29	Name: _ju_dn Value: 1
.theheadrestsafe.com/	1970-01-21 06:47:53	Name: _tracking_consent Value: %7B%22con%22%3A%7B%22CMP%22%3A%7B%22a%22%3A%221%22%2C%22m%22%3A%221%22%2C%22p%22%3A%221%22%2C%22s%22%3A%22%22%7D%7D%2C%22v%22%3A%222.1%22%2C%22region%22%3A%22USFL%22%2C%22reg%22%3A%22%22%7D
aly.jst.ai/	1970-01-20 22:02:19	Name: __cflb Value: 0H28w1Xe92a6MDGAYhYGQEDF84ZWVCU8QAA96gSpt2Z
.theheadrestsafe.com/	1970-01-21 06:47:53	Name: _ju_dc Value: f4d92f5f-41a7-11ef-93ca-1bf5b014fc8e
.theheadrestsafe.com/	1970-01-20 22:02:19	Name: _ju_pn Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.youtube.com/s/player/8d9f6215/www-widgetapi.vflset/www-widgetapi.js(Line 201) Message: Unrecognized feature: 'web-share'.
network	error	URL: https://uptick.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=HoUVAr&url=https%3A%2F%2Fwww.theheadrestsafe.com%2F Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://uptick.matomo.cloud/matomo.php?action_name=The%20Headrest%20Safe%20%7C%20Discreet%20Vehicle%20Safes%20%7C%20The%20Headrest%20Safe%E2%84%A2%20Co.&idsite=2&rec=1&r=082914&h=20&m=11&s=45&url=https%3A%2F%2Fwww.theheadrestsafe.com%2F&_id=aa63241c2e540857&_idn=1&send_image=0&_refts=0&pv_id=KAbRUi&fa_pv=1&fa_fp[0][fa_vid]=oRaR4j&fa_fp[0][fa_fv]=1&pf_net=167&pf_srv=37&pf_tfr=77&pf_dm1=157&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://uptick.matomo.cloud/matomo.php?fa_vid=e8sX8c&fa_lf=email&fa_st=1&fa_ht=0&fa_ts=0&fa_fv=1&ca=1&idsite=2&rec=1&r=298558&h=20&m=11&s=47&url=https%3A%2F%2Fwww.theheadrestsafe.com%2F&_id=aa63241c2e540857&_idn=0&send_image=0&_refts=0&pv_id=KAbRUi&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.klaviyo.com
ajax.googleapis.com
aly.jst.ai
analytics.google.com
api-na1.hubapi.com
bat.bing.com
cdn.commoninja.com
cdn.flowcode.com
cdn.jsdelivr.net
cdn.jst.ai
cdn.matomo.cloud
cdn.ravm.tv
cdn.shopify.com
cdn.wishpond.net
cdn1.stamped.io
cm.g.doubleclick.net
collector.flowcode.com
connect.facebook.net
consentmo-geo.com
cta-service-cms2.hubspot.com
d1hcrjcdtouu7e.cloudfront.net
d3k81ch9hvuctc.cloudfront.net
fast.a.klaviyo.com
fonts.googleapis.com
forms.hscollectedforms.net
forms.hsforms.com
gdpr.apps.isenselabs.com
googleads.g.doubleclick.net
hello.zonos.com
id-shop.govx.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hscollectedforms.net
js.hubspot.com
monorail-edge.shopifysvc.com
my.jst.ai
perf-na1.hsforms.com
s.vibe.co
script.hotjar.com
scripttags.jst.ai
shop.app
stamped.io
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.hotjar.com
static.klaviyo.com
stats.g.doubleclick.net
t.vibe.co
tags.w55c.net
theheadrestsafe.com
track.hubspot.com
uptick.matomo.cloud
www.carheadrestsafe.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.merchant-center-analytics.goog
www.powr.io
www.theheadrestsafe.com
www.wishpond.com
www.youtube.com
104.17.202.53
104.17.203.53
104.18.80.204
13.224.214.104
142.251.16.156
142.251.163.97
143.198.251.218
151.101.130.133
151.101.193.180
151.101.194.133
151.101.66.133
157.240.229.1
172.217.197.103
172.64.152.29
172.67.5.146
173.194.68.154
18.157.122.248
18.160.41.53
18.160.41.73
18.165.83.17
18.165.83.25
2001:4860:4802:34::181
23.22.104.4
23.227.38.65
23.227.38.74
23.227.60.200
2600:9000:20ed:3200:c:2fdc:1a80:21
2600:9000:2479:c800:c:7d55:b3c0:93a1
2600:9000:25c8:8e00:2:6431:e200:93a1
2600:9000:25c8:c000:2:6431:e200:93a1
2606:4700:10::6816:2192
2606:4700:20::681a:c6a
2606:4700:4400::6812:22e5
2606:4700::6810:6efe
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:89d1
2606:4700::6811:afc9
2606:4700::6812:cf0
2606:4700::6812:f36c
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c09::66
2607:f8b0:400d:c02::88
2607:f8b0:400d:c02::be
2607:f8b0:400d:c04::5f
2607:f8b0:400d:c09::8a
2607:f8b0:400d:c0b::61
2607:f8b0:400d:c0c::9b
2620:127:f00f:e::
2620:127:f00f:ff00::
2620:127:f00f:ff01::
2620:1ec:c11::237
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
2a04:4e42:400::485
3.162.112.127
3.234.132.155
3.33.251.168
34.111.94.218
35.83.196.164
52.85.151.65
54.156.8.121
99.84.191.41
00e3a33ea333cdcd8df32a48876188e9b09294cbc73feb1fa91303a4646d2f3c
016db808289870f376758be40758bb485971e5c890d2b5d6c1d2e4722ba66556
0170197caffee3d73fe659b2b65d4c50b88310d98752d7dba0e7988e7dfe4376
03065511cc61a52fce5ae9399e727b0be8acc72d8580c6785532ef0ce22e2d72
04d9c3a3765152d61f3d225a51a9cbbc1cba8460331f03fe1c597db9bf2ab2eb
06f804c5df076ea4717e858540f3a4fbf4c210ae4a8d32094ef3a931c003cb7b
085d9ae442d664271ecd0b2f7b457a9b8bef3d2828a8cb482c2358019f1c379a
09a5eca447af486a318745722d6cef74794605165d1daf4b598b63ce84e2bce4
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0cfdf75928053dc8776dc45e0f679229b05e8182e8092a5b835c19c9dd840be5
0e9060cded9f171fd71f869970e1e2afa0f7600c13f8fdabc755bc364aed09fe
107dad5add93781ddf6c4562cc6da3dbe5b406bab97930e43df6d6c17a99af26
13b5ffa55013d786e30034e13cc1fc4e3642e9f6bb934193acfd281437557ad9
182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56
19a28a7248efb89bb200cd9512c0d1775eadb527985edf43cf5cb05789a18317
1b5194dc4c64ba6d57e1ef2ef043b3241ea78c13bec0e08971ce0a628ef1b3c7
1b96446df66caea0600cf76337c75d28c8222664d68ae218eb4a98d3e97816b6
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d6dabef2b20716235c21ab2411f82f34d9af49be6ec03f186a4f28ddcabc0a7
21c5e1bba3456d3f721cf00ab1fdcbe8cb7452eb84b3f621e4f7b5c937e84f7f
2222a907ad2fb7ba41f4a997ef171321add118fc95f14be074debc3290e1ac59
223ce47ad1f37b0e8d8d12e8333faa417930d86e8a2b69e932364cd4fa725310
25a2db068c549177333788aefd69394a3f87635c5bfff4e05c35de8f8bab949e
268308d4d336856564e6188606756bcbd7d8b33e1fb352dd047f776dc8eaf3d0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
294f1d012e6ba5066a5f9a28090718f16e436f3b1521920f13fab7b01c549b8c
2b21eaec9b955efeb791c1b49085ad2ca4e47830a58a7535a35be42bfdb77b1d
3087d46d3e5b9dfa894127a74a6c8df8d737e21affd87351dde52330a71c8382
31ad848831e58a121caedeffe3b0934f137ec69ef1670f32ec91c199f0d16f55
329346116705b9b3a98c506a01c0daff5d2070d4a7115b9caef6735be6244680
35d4c57b3c7fce09926ec7d9e4ab388743ac54fdb1d77b728c04ecaa32206285
36c4c126ade9169c1ff72dee0b5c87f0cdcb73d3a412e7e594b39c7a7ce23255
38b904a1cf83df048360fb2480571b749fd98d57e11f1afdffb5a74a78166fea
3b29434cf6d5650746b13f8d941870f04e7e45abb1fe76f64596e5421b490112
3c8bebc5287b11fa97a39721c3b0d97d072d71aba546b011e047ef6ccc4066e2
3f21457744af2be6f9a28913955d4ad9a65a847f194bda00d1a98931445e06dd
41483a98f0282e2a948da3ec49b051e3ba757e3af9cddbde22350489094a880c
4227cff16d692769bf0db4111ddadc4e2379e450d5c4485454e98c79e46004f4
43790849b9c48552f938ea58ff86afbc0a31646ebae387e73e869ba4e722d20f
43c7a1b426e232f59eb45500fbab388e7edff030fee8e8d22e40be040345040a
43f84fc07ca84521ccdd33195be1d62cbe8b43720aecc3e26d859b15061c3b30
468e777478117be830b202b97cdf0304bee6f3d9fd4cb1ce70650ed93b7fa4a1
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
49406c89d61a8ed492f4cca818fcd90d1262c3a69c177f20cbb006ab40a90952
4a9605be20f394b23dbea27e80e6c69fa069b6954ddb9e34a27c09a189dac836
4afcd33fa5a1937f55dbfb233d06e1b4bcac7b6bdb1b8e27e482a1261e2b461b
50484055ebfc53a44e9f8e9811a237b6822db9a801d68f3b7c23378887c56d26
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
542a13b0c6ead28be3b663ebf10f958c02ec2e41b80f91523cac3e49c8ea7b32
558eea7913e40d690e58fc8555512ee0b3af43b9d4cb284ee82eca66c32bfc1a
57dfac79192baf6e9b949a951fece402e23729bf536a44a5511664f907231332
5b7e4f81deb76562b928e45e6033695d3b02ec796adff229eab8cb9fd3128818
5be60d589eb61d7b067a612dcc7f6148b95bce3707b2ee57f53d464c863c4d8b
5fe472bdf55045f666bf8626c01836360643cec1ee087f71f39f14b5bb5572ce
5fe4876c6c5260469b3c03e867e282beaeb1f968db15290f71df2020d95f9807
619530333221c0d6e32af23430839489f314366af5ebea4694024a4a5e7e7173
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
61bb6831df65cccfac27e973629895e49a6965e7f1283a8eebf26f913d01d1cf
61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626
621d3307d6abb417c3190b7116359afb5bc6e4523482803b3cd544dfc7f2f3f8
62aee7541225afd65b410c06e3bde94a416284023bca342474cb67b954fcf8f6
66201a2c86712b41b428533ccfd867f1f83f702c7080371bd91a3e5b85e1b7d4
6a84cddfa540c1de5c3aaab337c71963fe18d3af127cefeab67b0a7bf09d35b4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c99c35f95d220fe98460ccf1f4111e43b4ae2e72c5c6773afdf669ad449a1b8
6ccc85f4f95cde2d446440a8b7bec42e5135328a1a8d328d2bad7c05a4608ccc
7476c88ad10a9327596703327fccfd91c346146716f92f783afbaed0232d88ed
75da86fa256fc51a4bf06238db01b7407d858052f7ecde1d39e00862c12adf42
78728492117ffdd4cd5cf4ffab2a186741f1b09b27206de4b6bb5976fcb3850a
7abc5bad60f3c1a3728640864ab085439d4c492e440bdd89b2d64d613aaf2160
7c15bbada916387381018033bf829b5845ac74c6fb78a6c8be67f0043b4cbb7a
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e1c75bd4ae7a1ee5ff76bb25673634ea075642f67394683f3b833df0102333c
80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8
8a5fd88d95c59c4abaa979775219ba0e13ecfa3170f1a109b6f988b87f5d8eb1
8b3870645ef8115a00e25ec8b1c7f303d7faa4b23520792fbaf236151914f19f
8cd389a67a4abba059d8cd15a1bb0d662061a3134f28776fd7da38effa8b86fe
8e7957d2930152fe815b50b888553d1052e6f08f33a46c970a8b2adce6bf1aa5
8f48cd45b01f4832b0d397faddc762a96a638a9f645b3ddb9d69f2b06ebcf371
9036a4e0240619fc6c09f84d0b4afe868c062a50e8fc727f729e2d4325aa2b17
914f159ab6f0a08a1cec049c6ed2b02c6dce9a3c6a5d7103c1028baf5c6ddfcd
92f2b2887cd9bc5badc90238d8a80ceaf8f906959d4a1c1762ff5182279d9a43
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94ba4d6e35b0ba9ef79a08890cfa5cf8bd0b784872719d61b1c5e1504aecfc42
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
9861864ff7392728fc4f25057ab6383812899db7b7709d48d6f21cc2926e9bc8
9a45c89da6cfa94009a61215c8921175ec1bf18444adb5bcba07e22e9b12954d
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6
a35912346539e4bbb959ccf61c9b89decd7809ce93588f352dca6f6c8f232283
a3b9b370864f24dcb9cf2296d438ae04671035284d7b599872e4546f4b4d85e6
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a5f8ae4e954e3fc812c2252799aed26e143ba968276974c229fe28792d6132be
aa03b89682a1f628e945d75327d8d602161b73c35d7159a34e6b2d01af15e4ca
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab20c632f672a892ab2089c60732aae3ab2dbe42d0c4cbed9db7f4349a78f3b8
ab52068d7e479ae84437eac67509ec7a9ed61d148d25923f42ef20ddd050facc
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
abe04dc73b488f7836f9755b2880974e08d7dbb1443a7f9952dd13f56a8b8255
afb325b8e245ab01418c4a822d65f783849de6dc8888e74891cbfd899335d833
b0af070cfe3f5cf7c92f9e2a5da2665ee07ed2aad63bb408f8d6672f894a5996
b14d1e453214ef22e190e4274a159b3ec5fb06e6abe759e78f8c825392d0deeb
b2041a63eb5aaf5b6e6c32ab81f61144ce170f2ab4dbc2837fa7b08e79f717be
b4c6e27247fbeee03f9b76bc4455a9f236d0127b20d8e66732210a69cb591daa
b4f459599d92979623b52c45d6b3775486f92cb00db55621b43799cfd91bf98f
b5557d5abe402b6563a64e9a6be95d06aa107d1681bc103669cb04c3b2a73388
b565fd07ef48a089c18347801d7671ad2486d665b66e2f0476bfdb76b7996c94
b62f2c5d9c2e7ac0a1a7516459050baf7e42fc95942057819c88950c90f73e51
b904262eaf40598db52480e23551e645f2103b7b6a1b758aa13f772a4e54960b
ba7e9e9042cb20de08cb6a2eb9e6a8274ed3cd9c42d7a9e5b8d7c1b3e4aeee7e
bbb566154b4803835135c8599bcc53a0d422819d6388b437bd9b4408a95739a2
bbc0f7b2f6f9ed404bbd1d58d7a2b6fd2372fd69070a51f418527c31de07108c
bbe99a3dbe3685bbbade15c615c07fd30594743e858e71ca50c392a0523faac7
bd53a8479388645b34d630f2134c4f8117639270188c2ab5223fe2b37f1d9c5c
c0a9caf662f6ac36c25690c76124101ec7ee0d8937734ddf35ffa89dfb7120ad
c0c4dc54f76b3ed86c0ffe83ff98f7d2b0cd8c3de92bca47159b3dd8d948b78a
c286e2728280320f33029ab4c6842fe20e716d0191ba5763d82fb2c6d791606f
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
c894b53906e5fecca9e55a665670443ad5d8afb18f1af140d1739b6152202a38
ca91b86af5588703453571d039dc26ed358d2990614c74ce0cce08635b177a4f
cb34150905a3d5ae56c7b9d66a658a0ed0de85b1e9a41282e2e82c326831aec0
cca55903fc065c308bc958d7cebc0f93c5fdf986deab6c1709d9f63aea917c73
cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709
d10915a9f649491d7ae0785d1563051632e9ec57b48ffd27f8e116b9df364aae
d43fcf82e79a703198813729e16fa7ad798500ea1d9121c3d75e8f2cbf7dbb3a
d58f86b1e008729029696408d6623de88b0f746e53f9a0bb09db956a7ff3089e
d6052f33ace2867b278e88a5aa513b19c68b1ef06d486831588629da47e667f6
d7c60456d27094cf3ae0deb9073e7244413dd2dc9ace879ec928f814cb7efefa
d93fa53444bf4fe6023bc57bd13acd75021a68a396d8ffcaddbf06ad0929a374
d9c0c56b7d0f2c44b63b7a498383c86c71a277e7815072b5da84470bd7fac0b6
dac48c6712fe068634f30f48d32512c78d1c8a993c1e7131e8beec3c5be97fad
daed0b5b9717fd7e469decde44da986ffde74a1125391ddc10040ee5aa55c191
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc80710c31e580b5f51f30637bd60ffe0d6face1370eada77322e67c8852d7a1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df43ed1f6a84a6546f49f6e0ef4932141fcb4d6f42da77ea884bf6d1eb9226f0
dfe1e4ff024a063e1cb56e4278fc052715e09908468ec807d69ef374d03e8ddb
e15c17341c3ab2d7b40ae77693941e098314f330da0ecbc34bfecb6ee5e35578
e166f7414c81efb4397d928034cb2291c1c15e7b7c0ad6add841dba37d327288
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61e17c7280d82614dd947b048c237f69e02463e33c5ed5e60aa59e22be75932
e68cd7af9567cebc5c4ef7c7ceb252d204da72a25c0bd9b92ddd62215441f7a1
e94f0a7150c7650bc12fc1d30d6f28a004d1112fbd2b516b89abf146d1556b10
e9ed10eec2c7d2fd20c76b9c3c1c87208efca459ae79176f7fc4ed9c2cf3d3ca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef48662be834d44e6ea658c62326b3f74bc8ea8a65541c6744f40c2f236e3c71
f04df534457a534497f47669def4b6908be8960ed7b3cdc46204bc194164c7f7
f3a998eb2d1b4ae72a180602f372a600ef9640c810f668213b16cd9e3cc275d9
f8cf7cc54d97087e95eb72cf21ef6f2c464690a798d928b7513e311fe752e575
f8f8c0775cc2ea1769238d75afb9f2af2108e115eadd7e26bdace4e48de9b19b

www.theheadrestsafe.com Open in urlscan Pro 2620:127:f00f:e:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

191 Requests

99 %HTTPS

48 %IPv6

41 Domains

63 Subdomains

61 IPs

5 Countries

3776 kBTransfer

8769 kBSize

62 Cookies

6 Outgoing links

Page URL History

Redirected requests

191 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 19 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.theheadrestsafe.com Open in urlscan Pro
2620:127:f00f:e:: Public Scan

Screenshot
Live screenshot

Full Image

191
Requests

99 %
HTTPS

48 %
IPv6

41
Domains

63
Subdomains

61
IPs

5
Countries

3776 kB
Transfer

8769 kB
Size

62
Cookies

191 HTTP transactions
19 data transactions