urlscan.io logo urlscan.io
SecurityTrails logo

www.lovesac.com Open in urlscan Pro
151.101.1.124  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lovesac.com/
Effective URL: https://www.lovesac.com/
Submission: On December 01 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 1 countries across 21 domains to perform 153 HTTP transactions. The main IP is 151.101.1.124, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.lovesac.com. The Cisco Umbrella rank of the primary domain is 295537.
TLS certificate: Issued by R10 on November 14th 2024. Valid for: 3 months.
This is the only time www.lovesac.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 67 151.101.1.124 54113 (FASTLY)
8 2607:f8b0:400... 15169 (GOOGLE)
4 15 108.138.85.27 16509 (AMAZON-02)
1 2600:1408:ec0... 20940 (AKAMAI-AS...)
2 3.232.49.68 14618 (AMAZON-AES)
1 2600:9000:250... 16509 (AMAZON-02)
3 35.173.45.49 14618 (AMAZON-AES)
3 52.85.151.83 16509 (AMAZON-02)
4 15.197.226.17 ()
2 3.167.112.60 ()
4 2600:9000:27d... ()
1 2607:f8b0:400... ()
1 2606:4700::68... ()
3 2620:1ec:33::10 ()
3 2600:9000:201... ()
1 151.101.2.132 ()
1 5 2607:f8b0:400... ()
1 3 64.233.180.148 ()
6 2607:f8b0:400... ()
1 4 2607:f8b0:400... ()
1 18.160.41.21 ()
1 142.251.167.157 ()
1 2001:4860:480... ()
1 2607:f8b0:400... ()
5 2607:f8b0:400... ()
2 146.75.29.230 ()
4 34.36.178.232 ()
2 104.18.43.135 ()
1 172.64.148.35 ()
4 34.30.149.219 ()
1 151.101.194.132 ()
153 32
67    151.101.1.124 (San Francisco, United States)

ASN54113 (FASTLY, US)
lovesac.com
www.lovesac.com
8    2607:f8b0:4004:c1f::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    108.138.85.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-27.iad12.r.cloudfront.net
j730.lovesac.com
1    2600:1408:ec00:f::1730:cb28 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
a40.usablenet.com
2    3.232.49.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-49-68.compute-1.amazonaws.com
lovesac.blueconic.net
1    2600:9000:2508:1c00:12:1bf:30c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-prod.securiti.ai
3    35.173.45.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-45-49.compute-1.amazonaws.com
share.lovesac.com
3    52.85.151.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-83.iad89.r.cloudfront.net
origin.xtlo.net
4    15.197.226.17 (None, )

ASN- ()
app.securiti.ai
2    3.167.112.60 (None, )

ASN- ()
cdn.noibu.com
4    2600:9000:27d1:a600:d:274d:a6c0:93a1 (None, )

ASN- ()
apps.bazaarvoice.com
1    2607:f8b0:4004:c21::9a (None, )

ASN- ()
pagead2.googlesyndication.com
1    2606:4700::6812:bd5 (None, )

ASN- ()
cdn.quantummetric.com
3    2620:1ec:33::10 (None, )

ASN- ()
bat.bing.com
3    2600:9000:201e:b400:1c:9484:cec0:93a1 (None, )

ASN- ()
cdn.attn.tv
1    151.101.2.132 (None, )

ASN- ()
assets.pixlee.com
5    2607:f8b0:4004:c1d::63 (None, )

ASN- ()
www.google.com
3    64.233.180.148 (None, )

ASN- ()
13921035.fls.doubleclick.net
ad.doubleclick.net
6    2607:f8b0:4004:c21::9b (None, )

ASN- ()
td.doubleclick.net
4    2607:f8b0:4004:c1d::9a (None, )

ASN- ()
googleads.g.doubleclick.net
1    18.160.41.21 (None, )

ASN- ()
network-a.bazaarvoice.com
1    142.251.167.157 (None, )

ASN- ()
www.googleadservices.com
1    2001:4860:4802:34::181 (None, )

ASN- ()
analytics.google.com
1    2607:f8b0:4004:c17::9d (None, )

ASN- ()
stats.g.doubleclick.net
5    2607:f8b0:4004:c1b::5e (None, )

ASN- ()
www.google.ca
2    146.75.29.230 (None, )

ASN- ()
resources.digital-cloud-west.medallia.com
4    34.36.178.232 (None, )

ASN- ()
dcinfos-cache.abtasty.com
ariane.abtasty.com
2    104.18.43.135 (None, )

ASN- ()
lovesac.attn.tv
1    172.64.148.35 (None, )

ASN- ()
events.attentivemobile.com
4    34.30.149.219 (None, )

ASN- ()
ingest.quantummetric.com
1    151.101.194.132 (None, )

ASN- ()
photos.pixlee.co
Domain Requested by
66 www.lovesac.com www.lovesac.com
cdn.noibu.com
15 j730.lovesac.com 4 redirects www.lovesac.com
j730.lovesac.com
8 www.googletagmanager.com www.lovesac.com
www.googletagmanager.com
6 td.doubleclick.net www.googletagmanager.com
5 www.google.ca
5 www.google.com 1 redirects www.googletagmanager.com
4 ingest.quantummetric.com cdn.quantummetric.com
4 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
4 apps.bazaarvoice.com www.googletagmanager.com
apps.bazaarvoice.com
4 app.securiti.ai www.lovesac.com
3 cdn.attn.tv www.googletagmanager.com
cdn.attn.tv
3 bat.bing.com www.googletagmanager.com
bat.bing.com
3 origin.xtlo.net share.lovesac.com
origin.xtlo.net
cdn.quantummetric.com
3 share.lovesac.com www.lovesac.com
share.lovesac.com
2 ariane.abtasty.com cdn.noibu.com
2 lovesac.attn.tv cdn.noibu.com
2 dcinfos-cache.abtasty.com cdn.noibu.com
2 resources.digital-cloud-west.medallia.com www.googletagmanager.com
resources.digital-cloud-west.medallia.com
2 13921035.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 cdn.noibu.com www.googletagmanager.com
cdn.noibu.com
2 lovesac.blueconic.net j730.lovesac.com
1 photos.pixlee.co assets.pixlee.com
1 events.attentivemobile.com cdn.attn.tv
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com cdn.noibu.com
1 www.googleadservices.com www.googletagmanager.com
1 network-a.bazaarvoice.com
1 ad.doubleclick.net
1 assets.pixlee.com www.googletagmanager.com
1 cdn.quantummetric.com www.googletagmanager.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 cdn-prod.securiti.ai www.googletagmanager.com
1 a40.usablenet.com www.lovesac.com
1 lovesac.com 1 redirects
153 34
Subject Issuer Validity Valid
lovesac.com
R10		 2024-11-14 -
2025-02-12		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
j730.lovesac.com
Amazon RSA 2048 M03		 2024-06-23 -
2025-07-21		 a year crt.sh
cert-00022-cdnedge-bluemix.akamaized.net
R11		 2024-11-26 -
2025-02-24		 3 months crt.sh
*.blueconic.net
Amazon RSA 2048 M02		 2024-05-08 -
2025-06-06		 a year crt.sh
app.securiti.ai
Amazon RSA 2048 M03		 2024-03-18 -
2025-04-15		 a year crt.sh
share.lovesac.com
R10		 2024-10-20 -
2025-01-18		 3 months crt.sh
media.extole.com
Amazon RSA 2048 M03		 2024-07-15 -
2025-08-13		 a year crt.sh
cdn.noibu.com
Amazon RSA 2048 M02		 2024-03-08 -
2025-04-05		 a year crt.sh
*.bazaarvoice.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-05 -
2025-05-06		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
quantummetric.com
WE1		 2024-10-10 -
2025-01-08		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
*.attn.tv
Amazon RSA 2048 M02		 2024-04-30 -
2025-05-28		 a year crt.sh
*.pixlee.com
R11		 2024-11-18 -
2025-02-16		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.googleadservices.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.ca
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.digital-cloud-smf1.medallia.com
SSL.com RSA SSL subCA		 2024-10-01 -
2025-10-01		 a year crt.sh
uc-info.abtasty.com
WR3		 2024-11-07 -
2025-02-05		 3 months crt.sh
attn.tv
WE1		 2024-11-25 -
2025-02-23		 3 months crt.sh
attentivemobile.com
WE1		 2024-11-30 -
2025-03-01		 3 months crt.sh
*.quantummetric.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-19 -
2025-02-13		 a year crt.sh
*.pixlee.co
R10		 2024-11-18 -
2025-02-16		 3 months crt.sh
ariane.abtasty.com
WR3		 2024-11-27 -
2025-02-25		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://www.lovesac.com/
Frame ID: DAE44CFB90C1168F10AD9C60A4F71E03
Requests: 142 HTTP requests in this frame

Frame: https://a40.usablenet.com/pt/c/lovesac/switch
Frame ID: 7A09F2DF02A7F0D818C8A90DAAAA31DF
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.lovesac.com
Frame ID: 7B89B0D24D633C8912FB9278FA153AD2
Requests: 1 HTTP requests in this frame

Frame: https://13921035.fls.doubleclick.net/activityi;dc_pre=CMCplNaoh4oDFcY5iAkdXSwtXg;src=13921035;type=gener0;cat=loves0;ord=3855644090127;npa=0;auiddc=1624555720.1733081761;u13=%2F;gdid=dZmIzNT;ps=1;pcor=616404477;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190701376z8831672054za201zb831672054;gcs=G111;gcd=13r3v3r3r5l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.lovesac.com%2F
Frame ID: 67D04A6B4FF3A5F61A22836BDDEFF258
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=13921035;type=gener0;cat=loves0;ord=3855644090127;npa=0;auiddc=1624555720.1733081761;u13=%2F;gdid=dZmIzNT;ps=1;pcor=616404477;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190701376z8831672054za201zb831672054;gcs=G111;gcd=13r3v3r3r5l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.lovesac.com%2F
Frame ID: 32C32BAF5283FB2FD597EBE49ED11800
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16447737171?random=1733081761473&cv=11&fst=1733081761473&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9184202414z8831672054za201&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&value=1&did=dZmIzNT&gdid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dretail
Frame ID: E5D6A0D2C35EB3FB4B101BCDE92DC959
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1061982790?random=1733081761569&cv=11&fst=1733081761569&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9176621486z8831672054za201zb831672054&gcs=G111&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&label=FvhzCPKogMcZEMaksvoD&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&value=0&did=dZmIzNT&gdid=dZmIzNT&edid=dZmIzNT&bttype=purchase&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Frame ID: 62322C3DC4FB211FC71263B21C839DD2
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16447737171?random=1733081761646&cv=11&fst=1733081761646&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9184202414z8831672054za200&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&did=dZmIzNT&gdid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 5AFAD81FF221E68A5B6277C4EF42BBBC
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10826552253?random=1733081761681&cv=11&fst=1733081761681&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9184202414z8831672054za200&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&did=dZmIzNT&gdid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: B23FFB74D7C7FF04FC0BC0C0B428C9D6
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-EE9DYJBNV5&gacid=1066669229.1733081762&gtm=45je4bk0v872365513z8831672054za200zb831672054&dma=0&gcs=G111&gcd=13r3v3r3r5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=391919863
Frame ID: E61C570D1ABCEECBC13D5CD7CDF243CD
Requests: 1 HTTP requests in this frame

Frame: https://origin.xtlo.net/type=core:clientId=1747449748:coreAssetsVersion=183/media/fonts.css
Frame ID: B7964DDFF9CC6358FC46249837D51D03
Requests: 5 HTTP requests in this frame

Frame: https://photos.pixlee.co/getDUH
Frame ID: 13EF954693BFA1331E49ACBBA73D3353
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sectionals & Bean Bags | Modern Furniture Company | Lovesac

Page URL History Show full URLs

  1. http://lovesac.com/ HTTP 307
    https://lovesac.com/ HTTP 301
    https://www.lovesac.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • \.usablenet\.com/pt/

Page Statistics

153
Requests

96 %
HTTPS

45 %
IPv6

21
Domains

34
Subdomains

32
IPs

1
Countries

3106 kB
Transfer

58356 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lovesac.com/ HTTP 307
    https://lovesac.com/ HTTP 301
    https://www.lovesac.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64
  • https://j730.lovesac.com/rest/v2/contentStores/ddf6c1dc-75f4-488b-a8f0-1f1b8be02bf4/items/5Seats(1Deep)5Sides(1Deep)_442/image?etag=1733061603518 HTTP 302
  • https://www.lovesac.com/media/threekit/5Seats5Sides(1Deep)/442/standard/standard/feed.webp
Request Chain 65
  • https://j730.lovesac.com/rest/v2/contentStores/ddf6c1dc-75f4-488b-a8f0-1f1b8be02bf4/items/8Seats10Sides_442/image?etag=1733061603518 HTTP 302
  • https://www.lovesac.com/media/threekit/8Seats10Sides/442/standard/standard/feed.webp
Request Chain 66
  • https://j730.lovesac.com/rest/v2/contentStores/ddf6c1dc-75f4-488b-a8f0-1f1b8be02bf4/items/5Seats(1Deep)5Sides(1Deep)_1940/image?etag=1733061603518 HTTP 302
  • https://www.lovesac.com/media/threekit/5Seats5Sides(1Deep)/1940/standard/standard/feed.webp
Request Chain 67
  • https://j730.lovesac.com/rest/v2/contentStores/ddf6c1dc-75f4-488b-a8f0-1f1b8be02bf4/items/6Seats(1Deep)8Sides(1Deep)_1941/image?etag=1733061603518 HTTP 302
  • https://www.lovesac.com/media/threekit/6Seats8Sides(1Deep)/1941/standard/standard/feed.webp
Request Chain 105
  • https://13921035.fls.doubleclick.net/activityi;src=13921035;type=gener0;cat=loves0;ord=3855644090127;npa=0;auiddc=1624555720.1733081761;u13=%2F;gdid=dZmIzNT;ps=1;pcor=616404477;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190701376z8831672054za201zb831672054;gcs=G111;gcd=13r3v3r3r5l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.lovesac.com%2F HTTP 302
  • https://13921035.fls.doubleclick.net/activityi;dc_pre=CMCplNaoh4oDFcY5iAkdXSwtXg;src=13921035;type=gener0;cat=loves0;ord=3855644090127;npa=0;auiddc=1624555720.1733081761;u13=%2F;gdid=dZmIzNT;ps=1;pcor=616404477;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190701376z8831672054za201zb831672054;gcs=G111;gcd=13r3v3r3r5l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.lovesac.com%2F
Request Chain 134
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1061982790/?random=1616202875&cv=11&fst=1733081761569&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9176621486z8831672054za201zb831672054&gcs=G111&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&label=FvhzCPKogMcZEMaksvoD&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&value=0&did=dZmIzNT&gdid=dZmIzNT&edid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbECSid0cmlnZ2VyPW5hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&eitems=ChAIgK-wugYQ7vvBt43x18QxEh0A4bvkvbwjRVhGbYcaVjNDveYDNhsJwlOhcxrE9Q&pscrd=IhMIoJOm1qiHigMVnBtoCB1dlwg1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhhodHRwczovL3d3dy5sb3Zlc2FjLmNvbS9CWENoRUlnSy13dWdZUWpMZUs1LUNyLTRPTkFSSXRBS1hUVnVKUEt2dm9VMVNORVdvLXhOdlEta19HeTFIYmZBQ191TERLTTZUbzVzVXpCbHh6NVQtdWg1Mmw HTTP 302
  • https://www.google.com/pagead/1p-conversion/1061982790/?random=1616202875&cv=11&fst=1733081761569&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9176621486z8831672054za201zb831672054&gcs=G111&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&label=FvhzCPKogMcZEMaksvoD&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&value=0&did=dZmIzNT&gdid=dZmIzNT&edid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbECSid0cmlnZ2VyPW5hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIoJOm1qiHigMVnBtoCB1dlwg1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhhodHRwczovL3d3dy5sb3Zlc2FjLmNvbS9CWENoRUlnSy13dWdZUWpMZUs1LUNyLTRPTkFSSXRBS1hUVnVKUEt2dm9VMVNORVdvLXhOdlEta19HeTFIYmZBQ191TERLTTZUbzVzVXpCbHh6NVQtdWg1Mmw&is_vtc=1&cid=CAQSKQCa7L7dh2Y8Iv7XWkLU7xS9VN84D1582rnSfqHspeLV2XHEacbm-Wj0&eitems=ChAIgK-wugYQ7vvBt43x18QxEh0A4bvkvVHttLfq2qaL2ri3tdCBtqGN1Ki-VpdPMw&random=3440446276 HTTP 302
  • https://www.google.ca/pagead/1p-conversion/1061982790/?random=1616202875&cv=11&fst=1733081761569&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9176621486z8831672054za201zb831672054&gcs=G111&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&label=FvhzCPKogMcZEMaksvoD&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&value=0&did=dZmIzNT&gdid=dZmIzNT&edid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbECSid0cmlnZ2VyPW5hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIoJOm1qiHigMVnBtoCB1dlwg1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhhodHRwczovL3d3dy5sb3Zlc2FjLmNvbS9CWENoRUlnSy13dWdZUWpMZUs1LUNyLTRPTkFSSXRBS1hUVnVKUEt2dm9VMVNORVdvLXhOdlEta19HeTFIYmZBQ191TERLTTZUbzVzVXpCbHh6NVQtdWg1Mmw&is_vtc=1&cid=CAQSKQCa7L7dh2Y8Iv7XWkLU7xS9VN84D1582rnSfqHspeLV2XHEacbm-Wj0&eitems=ChAIgK-wugYQ7vvBt43x18QxEh0A4bvkvVHttLfq2qaL2ri3tdCBtqGN1Ki-VpdPMw&random=3440446276&ipr=y

153 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.lovesac.com/
Redirect Chain
  • http://lovesac.com/
  • https://lovesac.com/
  • https://www.lovesac.com/
71 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
141f661f28cb7b1815a455ac00e11e68ed628d632b705e5b69707fe7a94be656
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=7200, must-revalidate
content-encoding
br
content-length
6566
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
content-type
text/html; charset=utf-8
date
Sun, 01 Dec 2024 19:35:51 GMT
expect-ct
enforce,max-age=30
last-modified
Thu, 28 Nov 2024 13:21:42 GMT
referrer-policy
origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding,X-Forwarded-Host
x-auth-state
anonymous
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1

Redirect headers

accept-ranges
bytes
content-length
0
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
date
Sun, 01 Dec 2024 19:35:51 GMT
expect-ct
enforce,max-age=30
location
https://www.lovesac.com/
referrer-policy
origin-when-cross-origin
retry-after
0
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1
app-CZkAsSbl.js
www.lovesac.com/assets/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/assets/app-CZkAsSbl.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd598a03572ddc2725d3c12957c99af19901d4b8cb8f3786478cbaa6269394f7
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
etag
"4565dc79bab4ec4087935dd346ae6212"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
access-control-allow-methods
GET,HEAD,POST
date
Sun, 01 Dec 2024 19:35:52 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:15 GMT
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
11960
x-xss-protection
1
x-auth-state
anonymous
app-YwEHJwvD.css
www.lovesac.com/assets/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/assets/app-YwEHJwvD.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
652ed0a23b6fc715a267f34070fcda4f5a3089af73c8ad8da28ee5b5ef93df07
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
etag
"be9cc38f30fcf9b51d5aa253e5d8b900"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
access-control-allow-methods
GET,HEAD,POST
date
Sun, 01 Dec 2024 19:35:52 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:15 GMT
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
2234
x-xss-protection
1
x-auth-state
anonymous
typography-BRptm_J0.css
www.lovesac.com/assets/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/assets/typography-BRptm_J0.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
632ecf3e9fc6e3f7bdc1e11436771e269e2438febfbd58d0eea48389d9c87474
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
etag
"8c7a5c8e32da8d06473882aef7ba4945"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
access-control-allow-methods
GET,HEAD,POST
date
Sun, 01 Dec 2024 19:35:52 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:15 GMT
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
2268
x-xss-protection
1
x-auth-state
anonymous
nav-BooUEfW3.js
www.lovesac.com/assets/blocks/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/assets/blocks/nav-BooUEfW3.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
907125c47c5fabae24ea7b28aae7e2c5c5b35be2c5aa63c92061e8af89f58c7a
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer

Response headers

content-encoding
gzip
etag
"3077d47d22bddb144dd6cd7752700f94"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
access-control-allow-methods
GET,HEAD,POST
date
Sun, 01 Dec 2024 19:35:52 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:15 GMT
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
9978
x-xss-protection
1
x-auth-state
anonymous
utils-n7LrPhQM.js
www.lovesac.com/assets/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/assets/utils-n7LrPhQM.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bf6b951492f3010852adf99ffe098f97dc82fb15158544474cbb09468a329750
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer

Response headers

content-encoding
gzip
etag
"15b984a8a9570038f1e0108b59e72617"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
access-control-allow-methods
GET,HEAD,POST
date
Sun, 01 Dec 2024 19:35:52 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:15 GMT
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
5220
x-xss-protection
1
x-auth-state
anonymous
nav-CWTKGbFg.css
www.lovesac.com/assets/blocks/ 		73 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/assets/blocks/nav-CWTKGbFg.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
78a1cd5a64d4381f715e66a889f76589c7e72670cee22f545e8b44dd954d23b2
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
etag
"2be362ff1550bedd0cf230e3f5557e53"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
access-control-allow-methods
GET,HEAD,POST
date
Sun, 01 Dec 2024 19:35:52 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:15 GMT
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
11854
x-xss-protection
1
x-auth-state
anonymous
FY25-Holiday-New-BFE
www.lovesac.com/is/image/LovesacRender/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/is/image/LovesacRender/FY25-Holiday-New-BFE?fmt=webp,,lossy&qlt=80&wid=1250&cache=on
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1efbdc03b7f3c933dab49d254fb26dc49fe3eb0601d7bf62a3e30da316ea1786
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

etag
"f7dc5ab1b66481ff7e7e409dac5cc892"
age
24785
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
expires
Fri, 22 Nov 2024 21:45:15 GMT
date
Sun, 01 Dec 2024 19:35:52 GMT
last-modified
Tue, 19 Nov 2024 13:22:36 GMT
content-type
image/webp
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
36358
x-xss-protection
1
akamai-grn
0.5f7f3a17.1732283698.1b7aa63b
x-akamai-cache
Hit
FY25-Holiday-New-BFE
www.lovesac.com/is/image/LovesacRender/ 		691 B
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/is/image/LovesacRender/FY25-Holiday-New-BFE?req=set,json,UTF-8&cache=on&handler=s7jsonResponse&id=0
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b2b39f895fa5f1abe641c2161ca910b6d2e9a8a93f73c90e4191ea8ca42af8eb
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
etag
"9e92abea6dbf2f494c2d7faa554b4c79"
age
0
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 17:24:41 GMT
date
Sun, 01 Dec 2024 19:35:52 GMT
last-modified
Tue, 19 Nov 2024 13:22:36 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
316
x-xss-protection
1
akamai-grn
0.6e7f3a17.1733073789.8c9ebb8d
x-akamai-cache
Hit
favicon.ico
www.lovesac.com/ 		66 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
826cc9cec837c31c4bef524800dacb7b1129a992f12f7b6e07ef0be284bf23f2
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
etag
"5086598bd8896b1c76a3b302e35ea1de"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:52 GMT
content-type
image/vnd.microsoft.icon
last-modified
Thu, 28 Nov 2024 13:21:15 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
7999
x-xss-protection
1
x-auth-state
anonymous
content-carousel-ByRW2Uzc.js
www.lovesac.com/assets/blocks/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/assets/blocks/content-carousel-ByRW2Uzc.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ddf7975c4428e42d17fe3e74c90659eec4b2e1a3f5aad40b702aa4beb3cbbe79
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer

Response headers

content-encoding
gzip
etag
"7e4ca8350024533d13cc92459fc994aa"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
access-control-allow-methods
GET,HEAD,POST
date
Sun, 01 Dec 2024 19:35:52 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:15 GMT
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
2355
x-xss-protection
1
x-auth-state
anonymous
content-carousel-BHPt9_0I.css
www.lovesac.com/assets/blocks/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/assets/blocks/content-carousel-BHPt9_0I.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
536f518c3e1681a650b71814f171259b2b8914eaa5c25eb9fa40c63b65b4541a
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
etag
"dc5345d46e13d3c6a006384c0e36d5dc"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
access-control-allow-methods
GET,HEAD,POST
date
Sun, 01 Dec 2024 19:35:52 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:15 GMT
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
1284
x-xss-protection
1
x-auth-state
anonymous
media_19eaccd8509027fe79f49b9fbe16f5cf9cd5bcdbf.webp
www.lovesac.com/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/media_19eaccd8509027fe79f49b9fbe16f5cf9cd5bcdbf.webp?width=750&format=webp&optimize=medium
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4936bc3873310a6ea0d6230dc11f1f4edb5afc563ab259bba75f00fe708a9777
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

fastly-io-info
ifsz=140386 idim=2560x1123 ifmt=webp ofsz=94512 odim=750x329 ofmt=webp
etag
"IRfrSIuWBwHyChbb74m5hCUtQMve90ZZVZ3/kz6/Pao"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:52 GMT
content-type
image/webp
vary
Accept
x-frame-options
SAMEORIGIN
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=2592000, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
94512
x-xss-protection
1
fastly-io-served-by
vpop-kiad7010216
x-auth-state
anonymous
fullwidth-DopLhf-F.css
www.lovesac.com/assets/ 		2 KB
574 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/assets/fullwidth-DopLhf-F.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
707e286141b42df2694f1b63df6d7ac4eae0336dfa86ebcd003046edada0a7b6
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
etag
"b86132d9d760db4d5cf0bdcb4ba49247"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
access-control-allow-methods
GET,HEAD,POST
date
Sun, 01 Dec 2024 19:35:52 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:15 GMT
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
447
x-xss-protection
1
x-auth-state
anonymous
ebc673c0-dd08-44b8-936f-b70abf25ac40.mp4
www.lovesac.com/is/content/LovesacRender/_media_/ebc/ 		36 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/is/content/LovesacRender/_media_/ebc/ebc673c0-dd08-44b8-936f-b70abf25ac40.mp4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.lovesac.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

age
19210
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 23:47:53 GMT
date
Sun, 01 Dec 2024 19:35:52 GMT
content-type
video/mp4
last-modified
Sun, 01 Dec 2024 13:47:53 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Content-Range
bytes 0-69932224/69932225
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
69932225
x-xss-protection
1
akamai-grn
0.6e7f3a17.1733062542.8aeba961
x-akamai-cache
Hit
truncated
/ 		200 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50768ec45bc3f0173d3800e2a4a7bc8505cafeb226cc0e2be5e49ee9efd1a617

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer
https://www.lovesac.com/

Response headers

Content-Type
image/svg+xml
truncated
/ 		197 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f94a619dfe8a6a9f7398dfdc221ed1f7ac66a2943c21f7ebfc47ad9d64c3e51c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer
https://www.lovesac.com/

Response headers

Content-Type
image/svg+xml
media_1e754f6ed3c5f08a89f3a592b06ca52422fc41f1f.jpeg
www.lovesac.com/ 		233 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/media_1e754f6ed3c5f08a89f3a592b06ca52422fc41f1f.jpeg?width=2000&format=webply&optimize=medium
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a6e588906395837b598fd36c8599a11a6d84f33e565ee26adc8be7c2291f087e
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

fastly-io-info
ifsz=2152026 idim=2560x1123 ifmt=jpeg ofsz=238966 odim=2000x877 ofmt=webp
etag
"qQo6/k2E+puYfcVuhFzVYyouehWTLpuPfEMIjo7F3ns"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:52 GMT
content-type
image/webp
vary
Accept
x-frame-options
SAMEORIGIN
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=2592000, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
238966
x-xss-protection
1
fastly-io-served-by
vpop-kiad7010231
x-auth-state
anonymous
media_17056a39f04c52c577693be736d482d8bf36f0be2.jpeg
www.lovesac.com/ 		349 KB
349 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/media_17056a39f04c52c577693be736d482d8bf36f0be2.jpeg?width=2000&format=webply&optimize=medium
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9a22564368caa6c8d7021190559dd6db7e0feb164b2096fd064fbb62c4ad8797
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

fastly-io-info
ifsz=2646335 idim=2560x1123 ifmt=jpeg ofsz=356996 odim=2000x877 ofmt=webp
etag
"ZS3PPuNZbr7EpBIpDNW97ooz2HO0uV2n9SmlaAVQA3k"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:52 GMT
content-type
image/webp
vary
Accept
x-frame-options
SAMEORIGIN
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=2592000, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
356996
x-xss-protection
1
fastly-io-served-by
vpop-kiad7010230
x-auth-state
anonymous
media-Cut26-Jr.css
www.lovesac.com/assets/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/assets/media-Cut26-Jr.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
749e8f967ed79a31bb08b34d10959d8841c5f41bd4ee5d022d32fe3726440b35
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
etag
"a3ccb09ff5fedafdb490c07aee755df6"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
access-control-allow-methods
GET,HEAD,POST
date
Sun, 01 Dec 2024 19:35:52 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:15 GMT
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
699
x-xss-protection
1
x-auth-state
anonymous
media_167955b638062c3cede1691da407d92b7eedbd60e.jpeg
www.lovesac.com/ 		548 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/media_167955b638062c3cede1691da407d92b7eedbd60e.jpeg?width=2000&format=webply&optimize=medium
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
82509bbe5f3eb21a99c2ebcde890ab5f63703902bb6c262a94d2bf868548b9e4
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

fastly-io-info
ifsz=4026 idim=100x75 ifmt=jpeg ofsz=548 odim=100x75 ofmt=webp
etag
"AZoJLhC1Lh4rKRgfy3hvmx3NdVKHykeiD5uVr7AfZkc"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:52 GMT
content-type
image/webp
vary
Accept
x-frame-options
SAMEORIGIN
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=2592000, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
548
x-xss-protection
1
fastly-io-served-by
vpop-kiad7010217
x-auth-state
anonymous
media_105f5d5ef9d7132dcef056a4434a275a5a020ec89.jpeg
www.lovesac.com/ 		376 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/media_105f5d5ef9d7132dcef056a4434a275a5a020ec89.jpeg?width=2000&format=webply&optimize=medium
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f3590fa1ce5eaccbfc888cfeec490ceadbabfbfc60a7aab5766f0d9aaf01ded
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

fastly-io-info
ifsz=3081 idim=100x75 ifmt=jpeg ofsz=376 odim=100x75 ofmt=webp
etag
"E/pFFPJQk/rFmRtVKE3xzQx2ywZHXjwioB8loI76iHs"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:52 GMT
content-type
image/webp
vary
Accept
x-frame-options
SAMEORIGIN
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=2592000, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
376
x-xss-protection
1
fastly-io-served-by
vpop-kiad7010229
x-auth-state
anonymous
media_18e7d131efde95c763aeb924d046f6a743ff0c907.webp
www.lovesac.com/ 		706 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/media_18e7d131efde95c763aeb924d046f6a743ff0c907.webp?width=2000&format=webply&optimize=medium
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c162d20906d0abb78b777b93cdc689b433a58d9cdebbe81faeec092ab99c432
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

fastly-io-info
ifsz=926 idim=100x75 ifmt=webp ofsz=706 odim=100x75 ofmt=webp
etag
"VI32a55Yty3Ux+/prUFaIk/yDpHgSTlHrGjOj9k/2HI"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:53 GMT
content-type
image/webp
vary
Accept
x-frame-options
SAMEORIGIN
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=2592000, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
706
x-xss-protection
1
fastly-io-served-by
vpop-kiad7010226
x-auth-state
anonymous
content-DJ5ElI2P.js
www.lovesac.com/assets/blocks/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/assets/blocks/content-DJ5ElI2P.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
652115436eb0ca7c8d7756224d930606a6ee96775fa3fc629e150bde721e4ece
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer

Response headers

content-encoding
gzip
etag
"86618a6714a55d2da941baf0f4c078a2"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
access-control-allow-methods
GET,HEAD,POST
date
Sun, 01 Dec 2024 19:35:53 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:15 GMT
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
2005
x-xss-protection
1
x-auth-state
anonymous
content-BlEzIEvc.css
www.lovesac.com/assets/blocks/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/assets/blocks/content-BlEzIEvc.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5ee70c314ba5ca66b43716521c62869cfc266c2bec352554dffe739f851dadfa
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
etag
"ce36b2be250dc77257b9d3cbe18d5ddd"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
access-control-allow-methods
GET,HEAD,POST
date
Sun, 01 Dec 2024 19:35:53 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:15 GMT
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
2150
x-xss-protection
1
x-auth-state
anonymous
media_16a2fb6002485e46f653c5d265c0f5318066ec5fa.jpeg
www.lovesac.com/ 		285 KB
285 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/media_16a2fb6002485e46f653c5d265c0f5318066ec5fa.jpeg?width=2000&format=webply&optimize=medium
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/blocks/nav-BooUEfW3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
47316e7b8fe970db4eea43c22c7a0c965d5e09c2fada408f1dc48a223a26206d
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

fastly-io-info
ifsz=2245705 idim=2560x1123 ifmt=jpeg ofsz=291730 odim=2000x877 ofmt=webp
etag
"Oky/ZBSHl9vnZKFramZteFhPpmOM6QdkJJ1JkMBapZE"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:53 GMT
content-type
image/webp
vary
Accept
x-frame-options
SAMEORIGIN
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=2592000, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
291730
x-xss-protection
1
fastly-io-served-by
vpop-kiad7010213
x-auth-state
anonymous
media_15f892ac1a12f0b85112ae3956f1509289df83991.jpeg
www.lovesac.com/ 		202 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/media_15f892ac1a12f0b85112ae3956f1509289df83991.jpeg?width=2000&format=webply&optimize=medium
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/blocks/nav-BooUEfW3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
08ee6caf9b4b4724dff02441afcfa2985137087a3be05abe0304a3763741066e
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

fastly-io-info
ifsz=2325929 idim=2560x1123 ifmt=jpeg ofsz=206522 odim=2000x877 ofmt=webp
etag
"vIDbjlBZS6Vb+yGFyrIgCbEcGuz6Tgy34oVm9EoFrTI"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:53 GMT
content-type
image/webp
vary
Accept
x-frame-options
SAMEORIGIN
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=2592000, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
206522
x-xss-protection
1
fastly-io-served-by
vpop-kiad7010216
x-auth-state
anonymous
blueconic-BCuUY9an.js
www.lovesac.com/assets/blocks/ 		208 B
784 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/assets/blocks/blueconic-BCuUY9an.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
974b56fe68dfaf186ca4ff70bf6c817133519ca6e188c049b1242e0694c7331d
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer

Response headers

content-encoding
gzip
etag
"7d9e23195dd8e2f2f00721f4b5227940"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
access-control-allow-methods
GET,HEAD,POST
date
Sun, 01 Dec 2024 19:35:53 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:15 GMT
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
189
x-xss-protection
1
x-auth-state
anonymous
blueconic-DnV5BaUA.css
www.lovesac.com/assets/blocks/ 		34 B
140 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/assets/blocks/blueconic-DnV5BaUA.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c01cc12832700a18741f7ba22bce9dab71999bfe1a22259005ffa7b4abb6d782
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
etag
"8266f58b71b621cbf8783ab82d5f1053"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
access-control-allow-methods
GET,HEAD,POST
date
Sun, 01 Dec 2024 19:35:53 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:15 GMT
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
54
x-xss-protection
1
x-auth-state
anonymous
fonts.css
www.lovesac.com/styles/ 		5 KB
861 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/styles/fonts.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0e25d51d8622781ad5734779489123fb53654f0f0202447634686c9073f8986a
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
etag
"470c29af4a260b0831339d4b96fe9d6f"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:53 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:15 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
781
x-xss-protection
1
x-auth-state
anonymous
header.plain.html
www.lovesac.com/fragments/ 		44 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/fragments/header.plain.html
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
28e65407085b3df680f15d970ba859af86f32296d4ca298a6a14dc5a9d0a0f4c
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

x-robots-tag
noindex, nofollow
content-encoding
br
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:53 GMT
content-type
text/html; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:42 GMT
vary
Accept-Encoding,X-Forwarded-Host
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
3833
x-xss-protection
1
x-auth-state
anonymous
general-banner.plain.html
www.lovesac.com/fragments/banners/ 		15 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/fragments/banners/general-banner.plain.html
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7de6d0553d348945beaa0c52fb92a1ba443030784627c5f8a261ccd6a5e8f00a
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

x-robots-tag
noindex, nofollow
content-encoding
br
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:53 GMT
content-type
text/html; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:42 GMT
vary
Accept-Encoding,X-Forwarded-Host
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
3907
x-xss-protection
1
x-auth-state
anonymous
config.json
www.lovesac.com/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/config.json
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
89bd87180e2a56128786aefe8795d76f6da9cf46b04ac488dfbf733d595d479b
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:53 GMT
content-type
application/json
last-modified
Tue, 12 Nov 2024 10:08:56 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
1478
x-xss-protection
1
x-auth-state
anonymous
footer.plain.html
www.lovesac.com/fragments/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/fragments/footer.plain.html
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cb99c75b71458f0b137e8867931822c69b509dfd2b50c72f355096a990f159cf
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

x-robots-tag
noindex, nofollow
content-encoding
br
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:53 GMT
content-type
text/html; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:42 GMT
vary
Accept-Encoding,X-Forwarded-Host
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
1584
x-xss-protection
1
x-auth-state
anonymous
p.css
www.lovesac.com/ 		5 B
158 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/p.css?s=1&k=pee8cij&ht=tk&f=2003.2005.2007.2009.29422.29426&a=522117&app=typekit&e=css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/styles/fonts.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/styles/fonts.css

Response headers

etag
"65edab1d-5"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:54 GMT
content-type
text/css
last-modified
Sun, 10 Mar 2024 12:44:13 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
5
x-xss-protection
1
start
www.lovesac.com/pt/c/lovesac/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/pt/c/lovesac/start
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca6b1f55e028d27b589888142f656836ad15c0b0e6b6b8286edd17cb7b696054
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=1693
content-encoding
br
age
916
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
778
date
Sun, 01 Dec 2024 19:35:54 GMT
x-xss-protection
1
content-type
text/javascript;charset=utf-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
gtm.js
www.googletagmanager.com/ 		482 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d78bdebd64cf86d32ca691556c2da2bd31179744e94d2e55e195498e4caca167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sun, 01 Dec 2024 19:35:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 19:35:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 01 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
135362
x-xss-protection
0
server
Google Tag Manager
script.js
j730.lovesac.com/ 		130 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j730.lovesac.com/script.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-27.iad12.r.cloudfront.net
Software
- /
Resource Hash
40fbd618c22e15d07a1b54ef4b180b4a19866345703d783f45467e7952ba9b16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

x-robots-tag
noindex, nofollow
content-encoding
gzip
etag
0665b0687a565d65fb21023a04ab3cf2
age
130
x-permitted-cross-domain-policies
master-only
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 19:43:44 GMT
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
x-amz-cf-id
0JSTGAQ-a_rX6zwZmGjNipmpfdFj3mwMJCax13vdifvS8hMd31XAVQ==
date
Sun, 01 Dec 2024 19:33:44 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sun, 01 Dec 2024 19:33:39 GMT
cache-control
public, no-cache="Set-Cookie", max-age=600
via
1.1 2959f5d118b77b5c8e1e086d4a1147c6.cloudfront.net (CloudFront)
content-length
39979
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD12-P2
server
-
truncated
/ 		425 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b40fbcb2e6bc708898b0bd181ba6906ccd5f3282bc00710e9509eb87bfbb6f18

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

Content-Type
image/svg+xml
l
www.lovesac.com/af/620bf8/00000000000000000000e7fe/27/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/af/620bf8/00000000000000000000e7fe/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/styles/fonts.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6ca123db8c4e1ce21b2eec77f927c0563c64f04d8fc6c94aff8739eef4ebc9af
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer
https://www.lovesac.com/styles/fonts.css

Response headers

etag
"b5e7c2e377d10b344b022d96a04daef295e61ac1"
age
803310
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:54 GMT
content-type
application/font-woff2
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
17052
x-xss-protection
1
l
www.lovesac.com/af/a28b50/00000000000000000000e803/27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/af/a28b50/00000000000000000000e803/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/styles/fonts.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
09244974d9decf20f9cd3402621e4844a454f3ae43cdf509538f43c0456ba6c4
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer
https://www.lovesac.com/styles/fonts.css

Response headers

etag
"a6c1fa20004e862da7c922781204c8a0ef8794a4"
age
803310
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:54 GMT
content-type
application/font-woff2
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
16808
x-xss-protection
1
l
www.lovesac.com/af/e3ca36/00000000000000000000e805/27/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/af/e3ca36/00000000000000000000e805/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/styles/fonts.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
97f752f1bdffe4e12de8fe349f77012495c8926f74f64874a3e740960b365977
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer
https://www.lovesac.com/styles/fonts.css

Response headers

etag
"4577a8003f294766a3a783ec5fba19dc646ecf7c"
age
803310
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:54 GMT
content-type
application/font-woff2
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
17116
x-xss-protection
1
l
www.lovesac.com/af/ee2b06/00000000000000003b9ae133/27/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/af/ee2b06/00000000000000003b9ae133/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/styles/fonts.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5c0c3b3bf32663a4ecf687042363bc1dd97bc8ce8f777e53e7f78aa4fab247fe
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer
https://www.lovesac.com/styles/fonts.css

Response headers

etag
"f56c6b38f211ee8a3e13b32e02d4c042f61723dd"
age
456564
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:54 GMT
content-type
application/font-woff2
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
22824
x-xss-protection
1
media_1155a5bd6956f89fbd737fc955e01943035b93054.svg
www.lovesac.com/fragments/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/fragments/media_1155a5bd6956f89fbd737fc955e01943035b93054.svg?width=2000&format=webply&optimize=medium
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/blocks/nav-BooUEfW3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b299dcdada0c8da285740061362e1d74d1a9daa7eb7c8afe97347b04f8b0dfac
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

etag
"33d8bbfc07a86a204e7e99939fb54e31"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:54 GMT
last-modified
Thu, 23 May 2024 12:56:32 GMT
content-type
image/svg+xml
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=2592000, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
12335
x-xss-protection
1
x-auth-state
anonymous
media_12b97b56fa135b5278adc87fa3cd5f7339158a1c2.svg
www.lovesac.com/fragments/ 		668 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/fragments/media_12b97b56fa135b5278adc87fa3cd5f7339158a1c2.svg?width=2000&format=webply&optimize=medium
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/blocks/nav-BooUEfW3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e7666fce922460a72b0931458d194cbbe0becf81a6ea04b688cf8aefdb9d329b
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

etag
"bf6b4f4f77a263937e22ddc1c6a142e6"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:54 GMT
last-modified
Wed, 24 Jul 2024 10:28:41 GMT
content-type
image/svg+xml
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=2592000, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
668
x-xss-protection
1
x-auth-state
anonymous
media_18171eebbf7a3aac16075344fe0f48b5a830e214e.svg
www.lovesac.com/fragments/ 		564 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/fragments/media_18171eebbf7a3aac16075344fe0f48b5a830e214e.svg?width=2000&format=webply&optimize=medium
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/blocks/nav-BooUEfW3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b7fe6fd480efbe57c71797d42bfc82d2e6a509e0afcee0997d3e163154ed5b88
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

etag
"5d11e7a284206352139ba331e5b585ed"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:54 GMT
last-modified
Thu, 23 May 2024 12:56:32 GMT
content-type
image/svg+xml
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=2592000, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
564
x-xss-protection
1
x-auth-state
anonymous
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78b1f097188ef9c96455015c5b337b216e31b640884ad27cca8bcfa0d8851222

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

Content-Type
image/svg+xml
truncated
/ 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af2be4b5fc5fe55070880b309c632a6b9543a0774680b8012548564a94aaa513

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

Content-Type
image/svg+xml
truncated
/ 		343 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c255f5c90b4fb019031273fac799886558e0782fa7d0e9afd81a702cf19aeda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

Content-Type
image/svg+xml
switch
a40.usablenet.com/pt/c/lovesac/ Frame 7A09 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a40.usablenet.com/pt/c/lovesac/switch
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/pt/c/lovesac/start
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:f::1730:cb28 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.lovesac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=1257
content-encoding
gzip
content-length
596
content-type
text/html;charset=utf-8
date
Sun, 01 Dec 2024 19:35:54 GMT
vary
Accept-Encoding
media_1fdb01ee9ffefe080be2d4cffe7371d8d9f66e8d3.svg
www.lovesac.com/fragments/ 		462 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/fragments/media_1fdb01ee9ffefe080be2d4cffe7371d8d9f66e8d3.svg?width=2000&format=webply&optimize=medium
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40409f5d29e503fd69e3d6b79d1e8dafc5a95ac57716c3bdd5fc9c20a8253c26
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

etag
"f3e46c0d8afd4b020b2d685a2c0e1595"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:54 GMT
last-modified
Thu, 23 May 2024 12:56:34 GMT
content-type
image/svg+xml
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=2592000, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
462
x-xss-protection
1
x-auth-state
anonymous
cs
lovesac.blueconic.net/DG/DEFAULT/ 		16 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lovesac.blueconic.net/DG/DEFAULT/cs?&callback=bc_json274
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.232.49.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-49-68.compute-1.amazonaws.com
Software
- /
Resource Hash
992362972067249866df2ae2e9900b8d7f3eacd9c1da371e8907fbdb828d099a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

x-robots-tag
noindex, nofollow
cache-control
no-cache, no-store, no-transform, must-revalidate, private
content-encoding
gzip
pragma
no-cache
x-permitted-cross-domain-policies
master-only
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
36
p3p
policyref="", CP="DSP"
date
Sun, 01 Dec 2024 19:35:54 GMT
x-xss-protection
1; mode=block
content-type
text/javascript; charset=utf-8
server
-
google_consent_defaults.js
cdn-prod.securiti.ai/consent/cookie_banner/e1a8ebf8-4a85-4570-bcd5-46771853795a/3174b33b-b07d-4e68-96c2-7144c44104e9/ 		370 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-prod.securiti.ai/consent/cookie_banner/e1a8ebf8-4a85-4570-bcd5-46771853795a/3174b33b-b07d-4e68-96c2-7144c44104e9/google_consent_defaults.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2508:1c00:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5038fea22484a20ffc4c647edb2e327079e6c0316d4e8f765279c6a7b45036f5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

x-amz-version-id
Hh7qb2fwJdNFtQfnhKzdosIP1AYPNzZA
etag
"97b5614bedd5b9cdb403d59509a6140e"
age
66748
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
UaW4V3zEtrEoQLtHa_wLgoOC-NoTCZoZ_YWUkHy3JkEb5udmKe3yRA==
date
Sun, 01 Dec 2024 01:03:27 GMT
content-type
text/javascript
last-modified
Wed, 25 Sep 2024 13:47:27 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
cache-control
public,max-age=86400
referrer-policy
no-referrer
via
1.1 45893c5ff2aa24fa7dce9573a0274642.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
370
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD12-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		298 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNGFJS5&l=dataLayer&gtm=45He4bk0v831672054za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
67125309129d12b9c5ebccf5e3db54adb752a6ba2731b2d733f5b2b8f9343c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sun, 01 Dec 2024 19:35:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 19:35:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 01 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
91928
x-xss-protection
0
server
Google Tag Manager
273
j730.lovesac.com/DG/DEFAULT/rest/rpc/ 		61 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://j730.lovesac.com/DG/DEFAULT/rest/rpc/273?referer=https%3A%2F%2Fwww.lovesac.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2024-12-01T11%3A35%3A55-08%3A00&ts=1733081755004
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-27.iad12.r.cloudfront.net
Software
- /
Resource Hash
274ad89821ef2dd0dfb663a7c86e8c39aabb876e7ffa21590fe002a58b4ed385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.lovesac.com/

Response headers

x-robots-tag
noindex, nofollow
content-encoding
gzip
x-permitted-cross-domain-policies
master-only
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
x-amz-cf-id
d0S1ylHUWunhuAUNhbKik6-NxxNGclBjXf1Xbh7O3Wm76tgugqJ8YA==
date
Sun, 01 Dec 2024 19:35:55 GMT
content-type
application/json;charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private
accept-ch
sec-ch-ua-platform-version
pragma
no-cache
access-control-allow-credentials
true
via
1.1 2959f5d118b77b5c8e1e086d4a1147c6.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.lovesac.com
content-length
10356
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD12-P2
server
-
8f6f54f20e04da85af6a702210a4c7cc
j730.lovesac.com/plugin/plugin/ 		141 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j730.lovesac.com/plugin/plugin/8f6f54f20e04da85af6a702210a4c7cc
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-27.iad12.r.cloudfront.net
Software
- /
Resource Hash
5541817cfb0d5b9118de457fd43ecd8b020bfaa787be902ceabe2f13f088cfba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

x-robots-tag
noindex, nofollow
content-encoding
gzip
etag
8f6f54f20e04da85af6a702210a4c7cc
age
1596708
x-permitted-cross-domain-policies
master-only
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 08:04:07 GMT
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
x-amz-cf-id
i_djlRBktenFnad6Z_1oI1NGHKEAC-PYtyS5_CHiGAHz9rps9kLAAA==
date
Wed, 13 Nov 2024 08:04:07 GMT
content-type
text/javascript; charset=utf-8
last-modified
Tue, 12 Nov 2024 08:04:07 GMT
cache-control
public, no-cache="Set-Cookie", max-age=31536000
via
1.1 2959f5d118b77b5c8e1e086d4a1147c6.cloudfront.net (CloudFront)
content-length
34393
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD12-P2
server
-
72abd9d0e1f51684bbeabf0333847b18
j730.lovesac.com/plugin/library/ 		243 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j730.lovesac.com/plugin/library/72abd9d0e1f51684bbeabf0333847b18
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-27.iad12.r.cloudfront.net
Software
- /
Resource Hash
5797e2f2b500433689fb9d46d09a947739ea2c9c0748a0772855efd295d20ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

x-robots-tag
noindex, nofollow
content-encoding
gzip
etag
72abd9d0e1f51684bbeabf0333847b18
age
1596708
x-permitted-cross-domain-policies
master-only
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 08:04:07 GMT
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
x-amz-cf-id
aJoMZcz4v8c2i8UwoEAWK0gMJcxZ2Dj-ZCagi-QCZ5h2Xk8pbe9ZyQ==
date
Wed, 13 Nov 2024 08:04:07 GMT
content-type
text/javascript; charset=utf-8
last-modified
Tue, 12 Nov 2024 08:04:07 GMT
cache-control
public, no-cache="Set-Cookie", max-age=31536000
via
1.1 2959f5d118b77b5c8e1e086d4a1147c6.cloudfront.net (CloudFront)
content-length
73529
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD12-P2
server
-
LB-Zone-1
j730.lovesac.com/DG/DEFAULT/rest/rpc/273/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://j730.lovesac.com/DG/DEFAULT/rest/rpc/273/LB-Zone-1?referer=https%3A%2F%2Fwww.lovesac.com%2F&bcsessionid=&bctempid=d1b35baf-c705-43ea-a6a2-cd327513a428&overruleReferrer=&time=2024-12-01T11%3A35%3A55-08%3A00&ts=1733081755301
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-27.iad12.r.cloudfront.net
Software
- /
Resource Hash
1a331a6eb0eea523d0b27c76fa58fe74fc323e4be8e01e83a86d0011226fe11c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.lovesac.com/

Response headers

x-robots-tag
noindex, nofollow
content-encoding
gzip
x-permitted-cross-domain-policies
master-only
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
x-amz-cf-id
h7Xg26EecJMmFcibblOXhcnJ_H6nbzTHDUt8MhRjZo0h1WWhvlMonQ==
date
Sun, 01 Dec 2024 19:35:55 GMT
content-type
application/json;charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private
accept-ch
sec-ch-ua-platform-version
pragma
no-cache
access-control-allow-credentials
true
via
1.1 2959f5d118b77b5c8e1e086d4a1147c6.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.lovesac.com
content-length
708
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD12-P2
server
-
cs
lovesac.blueconic.net/DG/DEFAULT/ 		66 B
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lovesac.blueconic.net/DG/DEFAULT/cs?bcsessionid=d1b35baf-c705-43ea-a6a2-cd327513a428&&callback=bc_json275
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.232.49.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-49-68.compute-1.amazonaws.com
Software
- /
Resource Hash
97c4036cb78cbe1bc98ff5416e91da246c8ffdf28ac76ec21b2297ce7c6c6aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

x-robots-tag
noindex, nofollow
cache-control
no-cache, no-store, no-transform, must-revalidate, private
content-encoding
gzip
pragma
no-cache
x-permitted-cross-domain-policies
master-only
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
85
p3p
policyref="", CP="DSP"
date
Sun, 01 Dec 2024 19:35:55 GMT
x-xss-protection
1; mode=block
content-type
text/javascript; charset=utf-8
server
-
218dc5a1689ce7b6edd304a04ca64d6d
j730.lovesac.com/templates/ 		262 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j730.lovesac.com/templates/218dc5a1689ce7b6edd304a04ca64d6d
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-27.iad12.r.cloudfront.net
Software
- /
Resource Hash
9e527c0e0050e352eab309b30b2301013481bd423685e8312215324fb76267d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

x-robots-tag
noindex, nofollow
content-encoding
gzip
etag
218dc5a1689ce7b6edd304a04ca64d6d
age
1747621
x-permitted-cross-domain-policies
master-only
x-content-type-options
nosniff
expires
Tue, 11 Nov 2025 14:08:54 GMT
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
x-amz-cf-id
7iJnPHV1Q6zvsEvlERaYAZlNHRudU0c9cy-2jWdcJaa16SHgyj2viQ==
date
Mon, 11 Nov 2024 14:08:54 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sun, 10 Nov 2024 14:08:54 GMT
cache-control
public, no-cache="Set-Cookie", max-age=31536000
via
1.1 2959f5d118b77b5c8e1e086d4a1147c6.cloudfront.net (CloudFront)
content-length
31136
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD12-P2
server
-
273
j730.lovesac.com/DG/DEFAULT/rest/rpc/ 		188 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://j730.lovesac.com/DG/DEFAULT/rest/rpc/273?referer=https%3A%2F%2Fwww.lovesac.com%2F&bcsessionid=d1b35baf-c705-43ea-a6a2-cd327513a428&bctempid=&overruleReferrer=&time=2024-12-01T11%3A35%3A55-08%3A00&ts=1733081755436
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-27.iad12.r.cloudfront.net
Software
- /
Resource Hash
d2f2f392f6cab000785e13a6bf77649f5c5d130cc22a0d8f19e3b2df3d95123a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.lovesac.com/

Response headers

x-robots-tag
noindex, nofollow
content-encoding
gzip
x-permitted-cross-domain-policies
master-only
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
x-amz-cf-id
RHolZ9KVUs5pOqZWTTYYIm9yRwAk6Kwi8YeIEo9ig_PPrKa3U4vXDQ==
date
Sun, 01 Dec 2024 19:35:55 GMT
content-type
application/json;charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private
accept-ch
sec-ch-ua-platform-version
pragma
no-cache
access-control-allow-credentials
true
via
1.1 2959f5d118b77b5c8e1e086d4a1147c6.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.lovesac.com
content-length
151
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD12-P2
server
-
273
j730.lovesac.com/DG/DEFAULT/rest/rpc/ 		553 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://j730.lovesac.com/DG/DEFAULT/rest/rpc/273?referer=https%3A%2F%2Fwww.lovesac.com%2F&bcsessionid=d1b35baf-c705-43ea-a6a2-cd327513a428&bctempid=&overruleReferrer=&time=2024-12-01T11%3A35%3A55-08%3A00&ts=1733081755471
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-27.iad12.r.cloudfront.net
Software
- /
Resource Hash
adb589dbcbb0f9990150311a0cd3516d7f3b2024da40747fb06760e1e9f84a2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.lovesac.com/

Response headers

x-robots-tag
noindex, nofollow
content-encoding
gzip
x-permitted-cross-domain-policies
master-only
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
x-amz-cf-id
T5KIaENlV04RVAshz2SL9-_Wsz37HrACsu0Ys5lEPSmFdaj_iGkgUw==
date
Sun, 01 Dec 2024 19:35:55 GMT
content-type
application/json;charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private
accept-ch
sec-ch-ua-platform-version
pragma
no-cache
access-control-allow-credentials
true
via
1.1 2959f5d118b77b5c8e1e086d4a1147c6.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.lovesac.com
content-length
178
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD12-P2
server
-
273
j730.lovesac.com/DG/DEFAULT/rest/rpc/ 		185 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://j730.lovesac.com/DG/DEFAULT/rest/rpc/273?referer=https%3A%2F%2Fwww.lovesac.com%2F&bcsessionid=d1b35baf-c705-43ea-a6a2-cd327513a428&bctempid=&overruleReferrer=&time=2024-12-01T11%3A35%3A55-08%3A00&ts=1733081755471
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-27.iad12.r.cloudfront.net
Software
- /
Resource Hash
0891be2ab8cf22e5481e092e0e8f1a8ed20a6703fc5dfab3425598d1946f0195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.lovesac.com/

Response headers

x-robots-tag
noindex, nofollow
content-encoding
gzip
x-permitted-cross-domain-policies
master-only
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
x-amz-cf-id
qxuIzRuwvOSCzj_5Ix6JwOQvXXh49WksOZdKDuThzkR2ejzrKU4v0w==
date
Sun, 01 Dec 2024 19:35:55 GMT
content-type
application/json;charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private
accept-ch
sec-ch-ua-platform-version
pragma
no-cache
access-control-allow-credentials
true
via
1.1 2959f5d118b77b5c8e1e086d4a1147c6.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.lovesac.com
content-length
165
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD12-P2
server
-
273
j730.lovesac.com/DG/DEFAULT/rest/rpc/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://j730.lovesac.com/DG/DEFAULT/rest/rpc/273?referer=https%3A%2F%2Fwww.lovesac.com%2F&bcsessionid=d1b35baf-c705-43ea-a6a2-cd327513a428&bctempid=&overruleReferrer=&time=2024-12-01T11%3A35%3A55-08%3A00&ts=1733081755479
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-27.iad12.r.cloudfront.net
Software
- /
Resource Hash
345a1b5381db7c7137ca06bdf7c3aee35db234f57909435053a6e84af8bb9415
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.lovesac.com/

Response headers

x-robots-tag
noindex, nofollow
content-encoding
gzip
x-permitted-cross-domain-policies
master-only
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
x-amz-cf-id
1jmjrX_C6CXbTtOrJY03kJPd47x5muaMF4a5Q7e3rK9gTiJ4fKsGmw==
date
Sun, 01 Dec 2024 19:35:55 GMT
content-type
application/json;charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private
accept-ch
sec-ch-ua-platform-version
pragma
no-cache
access-control-allow-credentials
true
via
1.1 2959f5d118b77b5c8e1e086d4a1147c6.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.lovesac.com
content-length
1628
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD12-P2
server
-
recommendations
j730.lovesac.com/rest/v2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j730.lovesac.com/rest/v2/recommendations?storeId=ddf6c1dc-75f4-488b-a8f0-1f1b8be02bf4&profileId=d1b35baf-c705-43ea-a6a2-cd327513a428&itemId=www.lovesac.com%2F&request=%5B%7B%22id%22%3A1724340340792%2C%22filters%22%3A%5B%22IN_STOCK%22%2C%22!category%3A%5C%22BigOne%20-%20Grapemist%20Marble%20Phur%5C%22%22%2C%22!category%3A%5C%22PillowSac%20-%20Blush%20Galaxy%20Phur%5C%22%22%2C%22!category%3A%5C%226%20Seats%20(1%20Deep)%20%2B%208%20Sides%20(1%20Deep)%20Sactional%20-%20Coastal%20White%20Brushed%20Weave%5C%22%22%2C%22!category%3A%5C%228%20Seats%20%2B%2010%20Sides%20Sactional%20-%20Coastal%20White%20Brushed%20Weave%5C%22%22%2C%22!category%3A%5C%228%20Seats%20%2B%2010%20Sides%20Sactional%20-%20Jute%20Brushed%20Weave%5C%22%22%2C%22!category%3A%5C%22Sactionals%20Table%3A%20Hickory%5C%22%22%2C%22!category%3A%5C%22Save%20when%20you%20bundle%20up%20and%20pick%20the%20Sac%20Bundle%20combination%20that%27s%20best%20for%20you!%5C%22%22%2C%22!category%3A%5C%22Save%20when%20you%20bundle%20up%20and%20pick%20the%20Sac%20Bundle%20combination%20that%26%23039%5C%22%22%5D%2C%22boosts%22%3A%5B%7B%22value%22%3A10%2C%22algorithm%22%3A%22RECENT_VIEW%22%7D%5D%2C%22count%22%3A4%7D%5D&&callback=bc_json276
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-27.iad12.r.cloudfront.net
Software
- /
Resource Hash
cf549fd066928bf8b091a4850bb5ee30e963f42481cfa88fc363d96800586686
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

x-robots-tag
noindex, nofollow
content-encoding
gzip
x-permitted-cross-domain-policies
master-only
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
x-amz-cf-id
af2wLCnmFxVTfq86l-V51s8EKWAKWeqAwFjaXwqcgWRf31opyFUCQA==
date
Sun, 01 Dec 2024 19:35:55 GMT
content-type
text/javascript;charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private
pragma
no-cache
via
1.1 2959f5d118b77b5c8e1e086d4a1147c6.cloudfront.net (CloudFront)
content-length
758
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD12-P2
server
-
feed.webp
www.lovesac.com/media/threekit/5Seats5Sides(1Deep)/442/standard/standard/
Redirect Chain
  • https://j730.lovesac.com/rest/v2/contentStores/ddf6c1dc-75f4-488b-a8f0-1f1b8be02bf4/items/5Seats(1Deep)5Sides(1Deep)_442/image?etag=1733061603518
  • https://www.lovesac.com/media/threekit/5Seats5Sides(1Deep)/442/standard/standard/feed.webp
23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/media/threekit/5Seats5Sides(1Deep)/442/standard/standard/feed.webp
Protocol
H2
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ad92e69533bfd2c140ca832ad3ffca90b226a3475ac4e3c8fccfe1e42c5c4eab
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

fastly-io-info
ifsz=74926 idim=1560x990 ifmt=webp ofsz=24022 odim=1560x990 ofmt=webp
etag
"JkWWI8/DsgUdVlPCK7grXp1pzGuiITYBy2bPJ0hRmas"
age
804358
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:55 GMT
content-type
image/webp
vary
Accept
x-frame-options
SAMEORIGIN
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=31536000
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
24022
fastly-io-served-by
vpop-haf2300710
x-xss-protection
1

Redirect headers

x-robots-tag
noindex, nofollow
x-permitted-cross-domain-policies
master-only
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
x-amz-cf-id
-yck329fSJWiGkeWTT13L4_Ga3R7axzNvCRj5e0W96bpkwxEbEZXcQ==
date
Sun, 01 Dec 2024 19:35:55 GMT
cache-control
no-cache, no-store, no-transform, must-revalidate, private
location
https://www.lovesac.com/media/threekit/5Seats5Sides(1Deep)/442/standard/standard/feed.webp
pragma
no-cache
via
1.1 2959f5d118b77b5c8e1e086d4a1147c6.cloudfront.net (CloudFront)
content-length
0
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD12-P2
server
-
feed.webp
www.lovesac.com/media/threekit/8Seats10Sides/442/standard/standard/
Redirect Chain
  • https://j730.lovesac.com/rest/v2/contentStores/ddf6c1dc-75f4-488b-a8f0-1f1b8be02bf4/items/8Seats10Sides_442/image?etag=1733061603518
  • https://www.lovesac.com/media/threekit/8Seats10Sides/442/standard/standard/feed.webp
32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/media/threekit/8Seats10Sides/442/standard/standard/feed.webp
Protocol
H2
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
78d528b87ed5de3d96dbf6f38c6a5ff7132532df2955afd1a5cfdf93784cb741
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

fastly-io-info
ifsz=107066 idim=1560x990 ifmt=webp ofsz=32820 odim=1560x990 ofmt=webp
etag
"af9jJvgmOhU0SgyzcxOnFil+eBxza/8BTtqLathcokg"
age
804358
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:55 GMT
content-type
image/webp
vary
Accept
x-frame-options
SAMEORIGIN
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=31536000
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
32820
fastly-io-served-by
vpop-haf2300703
x-xss-protection
1

Redirect headers

x-robots-tag
noindex, nofollow
x-permitted-cross-domain-policies
master-only
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
x-amz-cf-id
szjSsUBAQNQMpC2255OFlDZV6XwTscpBauwa2BGYTAyjvm6P6at1jA==
date
Sun, 01 Dec 2024 19:35:55 GMT
cache-control
no-cache, no-store, no-transform, must-revalidate, private
location
https://www.lovesac.com/media/threekit/8Seats10Sides/442/standard/standard/feed.webp
pragma
no-cache
via
1.1 2959f5d118b77b5c8e1e086d4a1147c6.cloudfront.net (CloudFront)
content-length
0
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD12-P2
server
-
feed.webp
www.lovesac.com/media/threekit/5Seats5Sides(1Deep)/1940/standard/standard/
Redirect Chain
  • https://j730.lovesac.com/rest/v2/contentStores/ddf6c1dc-75f4-488b-a8f0-1f1b8be02bf4/items/5Seats(1Deep)5Sides(1Deep)_1940/image?etag=1733061603518
  • https://www.lovesac.com/media/threekit/5Seats5Sides(1Deep)/1940/standard/standard/feed.webp
18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/media/threekit/5Seats5Sides(1Deep)/1940/standard/standard/feed.webp
Protocol
H2
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
132c92ebb14b7dbf4669c61fec107aa001273bf5e5eecb33c74caebe84c68b59
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

fastly-io-info
ifsz=50936 idim=1560x990 ifmt=webp ofsz=18404 odim=1560x990 ofmt=webp
etag
"k+77Pkmz9bq0OyWa74pri4bqjSLb+7cqMmzdCldmbO4"
age
804358
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:55 GMT
content-type
image/webp
vary
Accept
x-frame-options
SAMEORIGIN
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=31536000
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
18404
fastly-io-served-by
vpop-haf2300706
x-xss-protection
1

Redirect headers

x-robots-tag
noindex, nofollow
x-permitted-cross-domain-policies
master-only
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
x-amz-cf-id
6aMuW1Tp2sIiZ6jdefUdkgtwKPdaDskc64FnTeR2ERybyEM92i-ffg==
date
Sun, 01 Dec 2024 19:35:55 GMT
cache-control
no-cache, no-store, no-transform, must-revalidate, private
location
https://www.lovesac.com/media/threekit/5Seats5Sides(1Deep)/1940/standard/standard/feed.webp
pragma
no-cache
via
1.1 2959f5d118b77b5c8e1e086d4a1147c6.cloudfront.net (CloudFront)
content-length
0
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD12-P2
server
-
feed.webp
www.lovesac.com/media/threekit/6Seats8Sides(1Deep)/1941/standard/standard/
Redirect Chain
  • https://j730.lovesac.com/rest/v2/contentStores/ddf6c1dc-75f4-488b-a8f0-1f1b8be02bf4/items/6Seats(1Deep)8Sides(1Deep)_1941/image?etag=1733061603518
  • https://www.lovesac.com/media/threekit/6Seats8Sides(1Deep)/1941/standard/standard/feed.webp
36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/media/threekit/6Seats8Sides(1Deep)/1941/standard/standard/feed.webp
Protocol
H2
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1964bb1f24fe7a882c3a568aa373bec00456a1d6f9de3c726fba1b638ee90065
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

fastly-io-info
ifsz=116368 idim=1560x990 ifmt=webp ofsz=37156 odim=1560x990 ofmt=webp
etag
"a1qToAiBblU9+KL5YmwVuUBfhIAt+xn91FVfZUItGCo"
age
804357
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:35:55 GMT
content-type
image/webp
vary
Accept
x-frame-options
SAMEORIGIN
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=31536000
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
37156
fastly-io-served-by
vpop-haf2300709
x-xss-protection
1

Redirect headers

x-robots-tag
noindex, nofollow
x-permitted-cross-domain-policies
master-only
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
x-amz-cf-id
5L09K0SDp70UG7ls5SQfvVbiKtZ96YfTQIHJwCcZad58v-EcpaSuwQ==
date
Sun, 01 Dec 2024 19:35:55 GMT
cache-control
no-cache, no-store, no-transform, must-revalidate, private
location
https://www.lovesac.com/media/threekit/6Seats8Sides(1Deep)/1941/standard/standard/feed.webp
pragma
no-cache
via
1.1 2959f5d118b77b5c8e1e086d4a1147c6.cloudfront.net (CloudFront)
content-length
0
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD12-P2
server
-
delayed-gEayzQQ0.js
www.lovesac.com/assets/ 		764 B
571 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/assets/delayed-gEayzQQ0.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8fba8aa752c52faf3f65498ce0e4d67d8e613659fdb6e37f3c4ed6844e882276
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer

Response headers

content-encoding
gzip
etag
"e02dd0ab797a40ff2aee262142990751"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
access-control-allow-methods
GET,HEAD,POST
date
Sun, 01 Dec 2024 19:35:57 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:15 GMT
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
480
x-xss-protection
1
x-auth-state
anonymous
delayed-vLIItAMI.css
www.lovesac.com/assets/ 		2 KB
974 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/assets/delayed-vLIItAMI.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
577b7100c896afb832459546dd22660ff7ec595426c4bc095d11b6711c808897
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
etag
"e175ce4035d818a51bb53e4b59525cd2"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
access-control-allow-methods
GET,HEAD,POST
date
Sun, 01 Dec 2024 19:35:57 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 28 Nov 2024 13:21:15 GMT
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=7200, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
747
x-xss-protection
1
x-auth-state
anonymous
cookie-consent-latest.css
www.lovesac.com/consent/ 		63 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/consent/cookie-consent-latest.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d19345402a80151ddd1caa1ed515d15bf5a016639f9e91daf172f7967f8c4a98
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
x-amz-version-id
3DATuLLZoqMx88GzR6HPBvgiEfkB.uTJ
etag
"f2f7a4049ac967442b3f13b55b41b9a0"
age
1452
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
x-amz-cf-id
jIBny4IzH2JY0WI2E9T8QsE_-q-yUSiqeBY8yi0p0VE9EApVsEcTmg==
date
Sun, 01 Dec 2024 19:35:57 GMT
content-type
text/css
last-modified
Tue, 26 Nov 2024 23:35:32 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=300
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
9753
x-xss-protection
1
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
core.js
share.lovesac.com/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://share.lovesac.com/core.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.173.45.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-45-49.compute-1.amazonaws.com
Software
Extole /
Resource Hash
1de566eb19a090ec99e340fac533704d4c309f6861d6828b9f590d057fac7d15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
3600
access-control-expose-headers
X-Extole-Token
cache-control
no-transform, max-age=3600
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-length
15085
p3p
CP="Please see our privacy policy"
date
Sun, 01 Dec 2024 19:35:58 GMT
content-type
application/javascript
vary
Origin, Accept-Encoding
server
Extole
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
cookie-consent-sdk-latest.js
www.lovesac.com/consent/ 		417 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/consent/cookie-consent-sdk-latest.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5dd10a11fa87b8e404b309646a3c6a1db05cac521920f21aab6575fd8cd86ba5
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
x-amz-version-id
uex5_F2gCxOYrl3aZTGlzmqCk2bSbzxR
etag
"4d823ba2574975e8973cb5c7ada74a6e"
age
1566
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
x-amz-cf-id
wnvJW8iuzuJ9WzyjPdytBCYsaOVKrvfgo8YEftb-ah-5jCsqxmXUGg==
date
Sun, 01 Dec 2024 19:35:57 GMT
content-type
text/javascript
last-modified
Tue, 26 Nov 2024 23:35:29 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=300
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
81024
x-xss-protection
1
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
overlay
share.lovesac.com/zones/ 		54 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://share.lovesac.com/zones/overlay
Requested by
Host: share.lovesac.com
URL: https://share.lovesac.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.173.45.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-45-49.compute-1.amazonaws.com
Software
Extole /
Resource Hash
c37762e739678fd4adb5306de4d606d5a2347485d146a8c5b623744f73221bb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded
Referer
https://www.lovesac.com/

Response headers

access-control-expose-headers
X-Extole-Token
content-encoding
gzip
x-extole-token
1RRGQGQLSUQK0SGE85HPASVNGD
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
expires
Sun, 01 Dec 2024 19:35:57 GMT
p3p
CP="Please see our privacy policy"
date
Sun, 01 Dec 2024 19:35:58 GMT
content-type
text/javascript
vary
Origin, Accept-Encoding
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache
access-control-allow-credentials
true
x-extole-cookie-consent
YEAR
access-control-allow-origin
https://www.lovesac.com
content-length
12155
server
Extole
global_footer
share.lovesac.com/zones/ 		28 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://share.lovesac.com/zones/global_footer
Requested by
Host: share.lovesac.com
URL: https://share.lovesac.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.173.45.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-45-49.compute-1.amazonaws.com
Software
Extole /
Resource Hash
a860ced46975e49ce6174796c586624fba4ac8aac87405fa49012105225b95ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded
Referer
https://www.lovesac.com/

Response headers

access-control-expose-headers
X-Extole-Token
content-encoding
gzip
x-extole-token
1RRGQGQLSUQK0SGE85HPASVNGD
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
expires
Sun, 01 Dec 2024 19:35:57 GMT
p3p
CP="Please see our privacy policy"
date
Sun, 01 Dec 2024 19:35:58 GMT
content-type
text/javascript
vary
Origin, Accept-Encoding
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache
access-control-allow-credentials
true
x-extole-cookie-consent
YEAR
access-control-allow-origin
https://www.lovesac.com
content-length
9045
server
Extole
fonts.css
origin.xtlo.net/type=core:clientId=1747449748:coreAssetsVersion=183/media/ 		6 KB
836 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origin.xtlo.net/type=core:clientId=1747449748:coreAssetsVersion=183/media/fonts.css
Requested by
Host: share.lovesac.com
URL: https://share.lovesac.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-83.iad89.r.cloudfront.net
Software
Extole /
Resource Hash
83409f35570c92abdfb7fe8044dc4b5c49a949cc65fc3f0fdbf76c059b3e24eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

access-control-max-age
2592000
cache-control
no-transform, max-age=2592000
content-encoding
gzip
age
1592472
via
1.1 47c0295005ec7d8570406951491004c2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
455
x-amz-cf-id
5bVS1efjMaIZc5O1VTBh1n-5ntddnjZf_ql6GwKc927u3pcQC7dvTw==
date
Wed, 13 Nov 2024 09:14:46 GMT
content-type
text/css
last-modified
Wed, 13 Nov 2024 09:14:46 GMT
server
Extole
x-amz-cf-pop
IAD89-C3
vary
Accept-Encoding
museosans-500.otf
origin.xtlo.net/type=core:clientId=1747449748:coreAssetsVersion=183/media/ 		61 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://origin.xtlo.net/type=core:clientId=1747449748:coreAssetsVersion=183/media/museosans-500.otf
Requested by
Host: origin.xtlo.net
URL: https://origin.xtlo.net/type=core:clientId=1747449748:coreAssetsVersion=183/media/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-83.iad89.r.cloudfront.net
Software
Extole /
Resource Hash
46428f2c539eecc8b06fecb7ea74dc8f945fd9ab25b8b4cabba1aa55f6d91239

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer
https://origin.xtlo.net/type=core:clientId=1747449748:coreAssetsVersion=183/media/fonts.css

Response headers

access-control-max-age
2592000
cache-control
no-transform, max-age=2592000
content-encoding
gzip
age
1666350
via
1.1 de2ed3c94563fee614f35f9bc3f52d1c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
0xYpjJGQrbJv3SMLsKqRBjP9QItf4c0gwlPdSsxiMchi1dRa6zSfPA==
date
Tue, 12 Nov 2024 12:43:28 GMT
content-type
application/x-font-otf
last-modified
Tue, 12 Nov 2024 12:43:28 GMT
server
Extole
x-amz-cf-pop
IAD89-C3
vary
Accept-Encoding
config_active.json
www.lovesac.com/consent/cookie_banner/e1a8ebf8-4a85-4570-bcd5-46771853795a/3174b33b-b07d-4e68-96c2-7144c44104e9/ 		311 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/consent/cookie_banner/e1a8ebf8-4a85-4570-bcd5-46771853795a/3174b33b-b07d-4e68-96c2-7144c44104e9/config_active.json
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/consent/cookie-consent-sdk-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5b907e1fb8c65299ddca13753c134676a4c4944ade4d21cb240ac6de4bb2345d
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
etag
"fabec7ea47174d33b573f138a7f5b201"
x-amz-version-id
B.nXV3SXb.NNovD7J_H6DuQ833CxwI8w
age
17350
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
x-amz-cf-id
4xbK5mZ3JWM_56p8oqk9bngor9kpHw91NXMDyVTvaiYrZls7wrDWQg==
date
Sun, 01 Dec 2024 19:35:59 GMT
content-type
application/json
last-modified
Wed, 25 Sep 2024 13:47:28 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=300
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
168
x-xss-protection
1
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
en.json
www.lovesac.com/consent/cookie_banner/e1a8ebf8-4a85-4570-bcd5-46771853795a/3174b33b-b07d-4e68-96c2-7144c44104e9/ 		870 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/consent/cookie_banner/e1a8ebf8-4a85-4570-bcd5-46771853795a/3174b33b-b07d-4e68-96c2-7144c44104e9/en.json
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/consent/cookie-consent-sdk-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
15c73b24c8a7671cc829fe8c6a6d0477e7455bb0b5cd2a04326894e08f11d07e
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
etag
"b378f57fd893a02b9992a9901708d412"
x-amz-version-id
.BmaAMka.V0RKyjq78vvtsjdNwDE6VCF
age
11239
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
x-amz-cf-id
QL4SgEfhq0YNy7lCJ1v2F4OpGcw6Vi4TgHnyFGswUyQfrADTH1MbGQ==
date
Sun, 01 Dec 2024 19:35:59 GMT
content-type
application/json
last-modified
Wed, 25 Sep 2024 13:47:53 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=300
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
31024
x-xss-protection
1
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
location
app.securiti.ai/core/v1/utils/geo/ 		839 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.securiti.ai/core/v1/utils/geo/location
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/consent/cookie-consent-sdk-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.226.17 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b88975a2f2f99d11a2360ce6fb178682989a522cdfead6559520e998d02c82a3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

strict-transport-security
max-age=315360000
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://www.lovesac.com
content-length
839
date
Sun, 01 Dec 2024 19:36:00 GMT
x-xss-protection
1; mode=block
content-type
application/json; charset=utf-8
x-frame-options
DENY
ebc673c0-dd08-44b8-936f-b70abf25ac40.mp4
www.lovesac.com/is/content/LovesacRender/_media_/ebc/ 		13 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/is/content/LovesacRender/_media_/ebc/ebc673c0-dd08-44b8-936f-b70abf25ac40.mp4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.lovesac.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=37585084-

Response headers

age
19210
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 23:47:53 GMT
date
Sun, 01 Dec 2024 19:36:00 GMT
content-type
video/mp4
last-modified
Sun, 01 Dec 2024 13:47:53 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Content-Range
bytes 37585084-69932224/69932225
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
32347141
x-xss-protection
1
akamai-grn
0.6e7f3a17.1733062542.8aeba961
x-akamai-cache
Hit
singleupload
app.securiti.ai/privaci/v1/consent/cookie/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.securiti.ai/privaci/v1/consent/cookie/singleupload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.226.17 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-auth-token
Access-Control-Request-Method
POST
Origin
https://www.lovesac.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,content-type,x-request-id,x-correlation-id,X-Xsrftoken,X-Auth-Token,X-User-Auth-Token,X-Tenant-Id,X-CMP-UUID,x-xsrf-token,X-DSP-USERID,X-CMP-DOMAIN-ID,X-CMP-FORM-ID,isotype,X-CMP-PrefCenter-Id,X-ORG-ID,x-api-secret,x-tident,x-api-key,X-USER-TOKEN,Authorization,X-Email-Id
access-control-allow-origin
https://www.lovesac.com
access-control-request-method
POST
content-length
0
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
date
Sun, 01 Dec 2024 19:36:00 GMT
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
singleupload
app.securiti.ai/privaci/v1/consent/cookie/ 		67 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.securiti.ai/privaci/v1/consent/cookie/singleupload
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/consent/cookie-consent-sdk-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.226.17 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1e25328be62ee5aca4777d33ecfbaf64a502f80dac2008bd7197e236cac8dc7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-Auth-Token
15274b0f-6921-4cc0-9047-1e2e11249587
Referer
https://www.lovesac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/json

Response headers

strict-transport-security
max-age=315360000
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://www.lovesac.com
content-length
67
date
Sun, 01 Dec 2024 19:36:00 GMT
x-xss-protection
1; mode=block
content-type
application/json; charset=utf-8
x-frame-options
DENY
collect.js
cdn.noibu.com/ 		235 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.noibu.com/collect.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.112.60 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
ec4ecc3ba36245e1fdbc2ab31ab7f9a79ae9ef00208661fff2d4e9bb8c20383e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

cache-control
max-age=1800
content-encoding
gzip
age
805
via
1.1 f96e72cfd61c675b75ea8547da63de24.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
74432
x-amz-cf-id
WhNmEXaIfTFzSfYq4xpY4pHDZHFrSv0UtUuCvu-Sq1ZGpOqMksdo0A==
date
Sun, 01 Dec 2024 19:22:35 GMT
content-type
application/javascript
x-amz-cf-pop
IAD55-P8
server
CloudFront
bv.js
apps.bazaarvoice.com/deployments/lovesac/main_site/production/en_US/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.bazaarvoice.com/deployments/lovesac/main_site/production/en_US/bv.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27d1:a600:d:274d:a6c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
361bd1354a237ffa90d8729c03116ec5c33b7319f40b4a49c5a4f4afe38020ca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
x-amz-version-id
vJXOICLFwO354rl5X1LTVQkYjCwF90P5
etag
"085e194b2773457bde2c8bcc17a5119d"
age
248
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
dGytcYpAD-AJyLwgz3xjgvYZoSGnUtnQyGQl77Oizhj-md0IyyB67w==
date
Sun, 01 Dec 2024 19:31:53 GMT
content-type
text/javascript;charset=UTF-8
vary
accept-encoding, Origin
last-modified
Wed, 16 Oct 2024 19:02:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-replication-status
COMPLETED
cache-control
max-age=300
via
1.1 cc5a019539e6efe2b661a72253272ed6.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
27642
x-amz-cf-pop
IAD55-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
l
www.lovesac.com/af/635674/00000000000000000000e800/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/af/635674/00000000000000000000e800/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n1&v=3
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/styles/fonts.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7cc2e9383273604c39b525dc366bb6467ea148236649caa15e1e7c2dc6c052c0
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer
https://www.lovesac.com/styles/fonts.css

Response headers

etag
"aba4b344d0cef3fdee56ee0775c652fa5c0cf812"
age
803316
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:36:00 GMT
content-type
application/font-woff2
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
17944
x-xss-protection
1
singleupload
app.securiti.ai/privaci/v1/consent/cookie/ 		67 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.securiti.ai/privaci/v1/consent/cookie/singleupload
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/consent/cookie-consent-sdk-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.226.17 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1e25328be62ee5aca4777d33ecfbaf64a502f80dac2008bd7197e236cac8dc7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-Auth-Token
15274b0f-6921-4cc0-9047-1e2e11249587
Referer
https://www.lovesac.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/json

Response headers

strict-transport-security
max-age=315360000
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://www.lovesac.com
content-length
67
date
Sun, 01 Dec 2024 19:36:00 GMT
x-xss-protection
1; mode=block
content-type
application/json; charset=utf-8
x-frame-options
DENY
b2c1b5f5cb8bdd60aa3b033176d1ae56.js
www.lovesac.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/b2c1b5f5cb8bdd60aa3b033176d1ae56.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/assets/app-CZkAsSbl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
21e6dc91dcf43fa33a4341eec74aed1bafa7fa2bac66c8b06e91c37681f39ac1
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
etag
W/"9871942e7fc04dd1374e4e07c3d06bb0"
x-amz-version-id
_AWU9dSXMC7lcgdnGGZnQvGQ0aQqaUyP
age
27256
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
x-amz-cf-id
nKneuT_h3VlqpBlQbPCIyr0wyPEmgJoEPSVQ0ura7qBBuqO6qZrZxg==
date
Sun, 01 Dec 2024 19:36:00 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 23 Nov 2024 12:00:31 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=300
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
2556
x-xss-protection
1
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
collect
pagead2.googlesyndication.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.lovesac.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1774106054.1733081761&npa=1&gtm=45He4bk0v831672054za200&gcs=G101&gcd=13p3t3p3p5l1&dma_cps=-&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1733081760879&tfd=9577&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c21::9a -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers
js
www.googletagmanager.com/gtag/ 		257 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16447737171&l=dataLayer&cx=c&gtm=45He4bk0v831672054za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
96f0906923661f0d17a14750a37f9f15c55babe3b896b35970a9b621963ed443
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 01 Dec 2024 19:36:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 19:36:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 01 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
93623
x-xss-protection
0
server
Google Tag Manager
quantum-lovesac.js
cdn.quantummetric.com/qscripts/ 		251 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.quantummetric.com/qscripts/quantum-lovesac.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bd5 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
bd74ad53158df6a52c5e2926201b84117fac3d7a4c3f81eaba74b685d5ab2af4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options no-sniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
etag
W/"172254275825817297098687321733043605641"
age
120
x-content-type-options
no-sniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 01 Dec 2024 19:36:01 GMT
content-type
text/javascript
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
strict-transport-security
max-age=31536000
cache-control
public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
cf-ray
8eb5860ecb2a15d7-EWR
access-control-allow-origin
*
server
cloudflare
destination
www.googletagmanager.com/gtag/ 		228 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-13921035&l=dataLayer&cx=c&gtm=45He4bk0v831672054za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b79f350c0d6aa0d1dd037fdab2d99020b0673470847523198d0ad1a4a72f6616
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Sun, 01 Dec 2024 19:36:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 19:36:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 01 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83705
x-xss-protection
0
server
Google Tag Manager
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EAF3C4343E604E5C83EA5E4DE2807E30 Ref B: YMQ01EDGE0414 Ref C: 2024-12-01T19:36:01Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Sun, 01 Dec 2024 19:36:00 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
destination
www.googletagmanager.com/gtag/ 		289 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-1061982790&l=dataLayer&cx=c&gtm=45He4bk0v831672054za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a9a3b62d9490a1c9a6dfb6fb2637a4e23e26da2558ee8521f6973f9ba426f27a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Sun, 01 Dec 2024 19:36:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 19:36:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 01 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101036
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		397 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EE9DYJBNV5&l=dataLayer&cx=c&gtm=45He4bk0v831672054za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a71f37d0054e69c9933de07bb6da3601fa5b802591e65caafc4df479a2253168
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 01 Dec 2024 19:36:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 19:36:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
131643
x-xss-protection
0
server
Google Tag Manager
dtag.js
cdn.attn.tv/lovesac/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.attn.tv/lovesac/dtag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201e:b400:1c:9484:cec0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3fac54c924f87067bfbab0253927c39abadc306a65de1135b88c31ccd47aa9c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

vary
Accept-Encoding, Origin
x-amz-replication-status
COMPLETED
cache-control
public, max-age=120
content-encoding
gzip
x-amz-version-id
YuTPESOvAvLxx9tntwKO9tyhm6ER14IP
etag
W/"d7d4f3490df1990912a22073b4dca5b8"
via
1.1 368146333bf1a1071e8432a7d4e41e1a.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
gu9xhqg5ukZ_leX415b4lG15pcH79euqwE0UGCFoemaYSWPS11nmjA==
date
Sun, 01 Dec 2024 19:36:02 GMT
content-type
text/javascript
last-modified
Mon, 04 Nov 2024 19:10:12 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
pixlee_events.js
assets.pixlee.com/assets/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pixlee.com/assets/pixlee_events.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10004a31dfbef9d083b3bde79ccd4e9ad4d9d70efea0df3dfbd27485325ee635

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
etag
"8e661df9287a2100808c495b6f68ef35"
x-amz-version-id
null
age
362739
expires
Fri, 22 Nov 2024 06:17:41 GMT
x-cache
HIT, HIT
date
Sun, 01 Dec 2024 19:36:01 GMT
last-modified
Thu, 21 Nov 2024 20:20:41 GMT
content-type
application/javascript
x-served-by
cache-iad-kcgs7200021-IAD, cache-yul1970046-YUL
x-cache-hits
441, 10064
x-amz-id-2
g07CX7yS5bK56chBvre/KJqg/Kxv5phdvmaOVdNjsXl9zaQsp7UUUbQpdXKSZXh+83ILcbOMes8=
vary
Accept-Encoding
cache-control
max-age=26280000,s-maxage=2628000,immutable
x-timer
S1733081761.204457,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-amz-request-id
CVSWP07NS1H3Z2ZD
accept-ranges
bytes
access-control-allow-origin
*
content-length
16809
server
AmazonS3
x-amz-server-side-encryption
AES256
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 7B89 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.lovesac.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
290995
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Nov 2024 10:46:06 GMT
expires
Fri, 28 Nov 2025 10:46:06 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
destination
www.googletagmanager.com/gtag/ 		257 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-16447737171&l=dataLayer&cx=c&gtm=45He4bk0v831672054za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de34497bee9b40997625934cd62c7be64cb29166d9a3815860494b52b18116fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Sun, 01 Dec 2024 19:36:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 19:36:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 01 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
93576
x-xss-protection
0
server
Google Tag Manager
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=consent_update&dl=https%3A%2F%2Fwww.lovesac.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1774106054.1733081761&npa=0&gcu=1&auid=1624555720.1733081761&gtm=45He4bk0v831672054za200&gcs=G111&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1733081760990&tfd=9688&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::63 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers
collect-worker.js
cdn.noibu.com/ 		11 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.noibu.com/collect-worker.js
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.112.60 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
893e612b6646a59145690c318149fe53708691ca1418a90683455b23d470e2ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

cache-control
max-age=1800
content-encoding
gzip
age
815
via
1.1 46ac2c9f87eca5473c2cb27cfe0168a4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
5071
x-amz-cf-id
M2qonCQMAZW6UKOvC1kaPn8exnNBYbHoDLqKhp40r6JvCrCAyweYtA==
date
Sun, 01 Dec 2024 19:22:26 GMT
content-type
application/javascript
x-amz-cf-pop
IAD55-P8
server
CloudFront
api-0.8.2.js
apps.bazaarvoice.com/apps/api/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.bazaarvoice.com/apps/api/api-0.8.2.js
Requested by
Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27d1:a600:d:274d:a6c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dccfc3418e69f6ca37f92a3459c360d871b36744be9a4e2b96bbe3ae4e45e4fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
etag
"86a440b08f71ad9de17500c8946fa7a1"
x-amz-version-id
kvnMIwPjpbNt45nTgF9mmYA0x1y87znz
age
7793908
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
z19v2Lgjhxy-ak35A20EMDB-VJ-5y96-lrfrQF4PJkU7BGmNNMrprA==
date
Mon, 02 Sep 2024 14:37:33 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Tue, 28 Jun 2022 11:19:05 GMT
vary
Origin
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-replication-status
COMPLETED
cache-control
max-age=31536000
via
1.1 cc5a019539e6efe2b661a72253272ed6.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
10599
x-amz-cf-pop
IAD55-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
api-config.js
apps.bazaarvoice.com/deployments/lovesac/main_site/production/en_US/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.bazaarvoice.com/deployments/lovesac/main_site/production/en_US/api-config.js
Requested by
Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27d1:a600:d:274d:a6c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9aa6273c7c6e36d2b2320eba7dd0f69784c7e77e0684040a7c767f9b84228acd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
x-amz-version-id
HcX8ZZ3eYgqWYWEqb80OpPh_YhIqOXXR
etag
"64d29e9a8895690f07f3706d7a746c7b"
age
200
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
oCXdrHm15NlJcwnsf6ekacYI0Gv4_mZYxHwR-YI1IemF10rw6xaPJQ==
date
Sun, 01 Dec 2024 19:32:42 GMT
content-type
text/javascript;charset=UTF-8
vary
accept-encoding, Origin
last-modified
Wed, 16 Oct 2024 19:02:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-replication-status
COMPLETED
cache-control
max-age=300
via
1.1 cc5a019539e6efe2b661a72253272ed6.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
840
x-amz-cf-pop
IAD55-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
bv-analytics.js
apps.bazaarvoice.com/analytics/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.bazaarvoice.com/analytics/bv-analytics.js
Requested by
Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27d1:a600:d:274d:a6c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d22f48243f28ae0d3cfbbc0ec1919450e5249f32645dfdf104c83d0b5cfd00c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
etag
"d30320dafbb1e585d933d2657267b544"
x-amz-version-id
bpPpZ5pM20Ya_S0L3_fvvcnrkhtTNNfQ
age
487918
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
vrGkjAYnF9cNkwycoCjjUdbYn6v6JNwJ3g2IAr6Yv9BfVL1ng-mmaQ==
date
Tue, 26 Nov 2024 04:04:04 GMT
content-type
application/javascript
last-modified
Tue, 28 Feb 2023 07:25:25 GMT
vary
Origin
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-replication-status
COMPLETED
cache-control
max-age=604800
via
1.1 cc5a019539e6efe2b661a72253272ed6.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
12865
x-amz-cf-pop
IAD55-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
4001819.js
bat.bing.com/p/action/ 		364 B
411 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/4001819.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cce2184ec089babc70ded47b8474c543f6a5ff013e4bfd9dbae8689489bb13ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CCB462A243454C2EB8F670E0E45F7F06 Ref B: YMQ01EDGE0414 Ref C: 2024-12-01T19:36:01Z
x-cache
CONFIG_NOCACHE
date
Sun, 01 Dec 2024 19:36:00 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
activityi;dc_pre=CMCplNaoh4oDFcY5iAkdXSwtXg;src=13921035;type=gener0;cat=loves0;ord=3855644090127;npa=0;auiddc=1624555720.1733081761;u13=%2F;gdid=dZmIzNT;ps=1;pcor=616404477;uaa=;uab=;uafvl=;uamb=0...
13921035.fls.doubleclick.net/ Frame 67D0
Redirect Chain
  • https://13921035.fls.doubleclick.net/activityi;src=13921035;type=gener0;cat=loves0;ord=3855644090127;npa=0;auiddc=1624555720.1733081761;u13=%2F;gdid=dZmIzNT;ps=1;pcor=616404477;uaa=;uab=;uafvl=;uam...
  • https://13921035.fls.doubleclick.net/activityi;dc_pre=CMCplNaoh4oDFcY5iAkdXSwtXg;src=13921035;type=gener0;cat=loves0;ord=3855644090127;npa=0;auiddc=1624555720.1733081761;u13=%2F;gdid=dZmIzNT;ps=1;p...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://13921035.fls.doubleclick.net/activityi;dc_pre=CMCplNaoh4oDFcY5iAkdXSwtXg;src=13921035;type=gener0;cat=loves0;ord=3855644090127;npa=0;auiddc=1624555720.1733081761;u13=%2F;gdid=dZmIzNT;ps=1;pcor=616404477;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190701376z8831672054za201zb831672054;gcs=G111;gcd=13r3v3r3r5l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.lovesac.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-13921035&l=dataLayer&cx=c&gtm=45He4bk0v831672054za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.180.148 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lovesac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Dec 2024 19:36:01 GMT
expires
Sun, 01 Dec 2024 19:36:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Dec 2024 19:36:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://13921035.fls.doubleclick.net/activityi;dc_pre=CMCplNaoh4oDFcY5iAkdXSwtXg;src=13921035;type=gener0;cat=loves0;ord=3855644090127;npa=0;auiddc=1624555720.1733081761;u13=%2F;gdid=dZmIzNT;ps=1;pcor=616404477;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190701376z8831672054za201zb831672054;gcs=G111;gcd=13r3v3r3r5l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.lovesac.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=13921035;type=gener0;cat=loves0;ord=3855644090127;npa=0;auiddc=1624555720.1733081761;u13=%2F;gdid=dZmIzNT;ps=1;pcor=616404477;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ps...
td.doubleclick.net/td/fls/rul/ Frame 32C3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=13921035;type=gener0;cat=loves0;ord=3855644090127;npa=0;auiddc=1624555720.1733081761;u13=%2F;gdid=dZmIzNT;ps=1;pcor=616404477;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190701376z8831672054za201zb831672054;gcs=G111;gcd=13r3v3r3r5l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.lovesac.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-13921035&l=dataLayer&cx=c&gtm=45He4bk0v831672054za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::9b -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lovesac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Dec 2024 19:36:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=13921035;type=gener0;cat=loves0;ord=3855644090127;npa=0;auiddc=1624555720.1733081761;u13=%2F;gdid=dZmIzNT;ps=1;pcor=616404477;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=13921035;type=gener0;cat=loves0;ord=3855644090127;npa=0;auiddc=1624555720.1733081761;u13=%2F;gdid=dZmIzNT;ps=1;pcor=616404477;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190701376z8831672054za201zb831672054;gcs=G111;gcd=13r3v3r3r5l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.lovesac.com%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.148 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sun, 01 Dec 2024 19:36:01 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"17933201273523817958"}],"aggregatable_trigger_data":[{"filters":[{"14":["38246311"]}],"key_piece":"0xab4ae6185bf64bee","source_keys":["12","13","14","15","16","17","18","19","20","21","27141560","27141561","27141562","27141563","628562432","628562433","628562434","628562435","628622320","628622321","628622322","628622323","628648364","628648365","628648366","628648367","642006120","642006121","642006122","642006123"]},{"key_piece":"0xb243befd65fc0786","not_filters":{"14":["38246311"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","27141560","27141561","27141562","27141563","628562432","628562433","628562434","628562435","628622320","628622321","628622322","628622323","628648364","628648365","628648366","628648367","642006120","642006121","642006122","642006123"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"27141560":109,"27141561":109,"27141562":109,"27141563":10594,"628562432":32,"628562433":32,"628562434":32,"628562435":3177,"628622320":32,"628622321":32,"628622322":32,"628622323":3177,"628648364":32,"628648365":32,"628648366":32,"628648367":3177,"642006120":72,"642006121":72,"642006122":72,"642006123":7062},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"9519536792831051869","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"17933201273523817958","filters":[{"14":["38246311"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"17933201273523817958","filters":[{"14":["38246311"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"17933201273523817958","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"17933201273523817958","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["13921035"]}}
content-type
image/png
x-xss-protection
0
server
cafe
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16447737171/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16447737171/?random=1733081761473&cv=11&fst=1733081761473&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9184202414z8831672054za201&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&value=1&did=dZmIzNT&gdid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dretail&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16447737171&l=dataLayer&cx=c&gtm=45He4bk0v831672054za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e821eb94353bd6c5a2b856282d481640c370f08cf96df433d98e8f193e523c18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2407
date
Sun, 01 Dec 2024 19:36:01 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16447737171
td.doubleclick.net/td/rul/ Frame E5D6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/16447737171?random=1733081761473&cv=11&fst=1733081761473&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9184202414z8831672054za201&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&value=1&did=dZmIzNT&gdid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dretail
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16447737171&l=dataLayer&cx=c&gtm=45He4bk0v831672054za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::9b -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lovesac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Dec 2024 19:36:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
a.gif
network-a.bazaarvoice.com/ 		43 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://network-a.bazaarvoice.com/a.gif?loadId=7deae9513abd764a&BVBRANDID=4fbb12ff-dd76-4a27-99d7-148dedd6730d&BVBRANDSID=1a05c68d-9ca0-41f8-a2b1-b77f5bff03e9&tz=480&sourceVersion=3.17.2&magpieJsVersion=3.17.2&source=bv-loader&environment=prod&client=lovesac&dc=22461&host=www.lovesac.com&r_batch=!((bvProduct:bv-loader,bvProductVersion:%2713.25.17%27,cl:Diagnostic,deploymentZone:main_site,elapsedMs:%272.1000%27,endTime:%279893.7000%27,locale:en_US,name:timeToRunScout,startTime:%279891.6000%27,type:Performance))&_=3geism
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.21 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

cache-control
no-cache, no-transform, must-revalidate, max-age=0
via
1.1 68fbda872a4e92e0774a97bdd960d43a.cloudfront.net (CloudFront)
expires
-1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
content-length
43
date
Sun, 01 Dec 2024 19:36:01 GMT
content-type
image/gif
x-amz-cf-pop
IAD55-P1
server
nginx
x-amz-cf-id
Mruazmi4vbrUsUPC8EWLr4ilqLugsBaClDRBhlYAx_nQvg8nG6p7jg==
/
www.googleadservices.com/pagead/conversion/1061982790/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1061982790/?random=1733081761569&cv=11&fst=1733081761569&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9176621486z8831672054za201zb831672054&gcs=G111&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&label=FvhzCPKogMcZEMaksvoD&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&value=0&did=dZmIzNT&gdid=dZmIzNT&edid=dZmIzNT&bttype=purchase&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1061982790&l=dataLayer&cx=c&gtm=45He4bk0v831672054za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e16609a1f7ec5045a285e16ae59dcabfd28a6ad40803c1dec8fcdfa1cd4516f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2746
date
Sun, 01 Dec 2024 19:36:01 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
1061982790
td.doubleclick.net/td/rul/ Frame 6232 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/1061982790?random=1733081761569&cv=11&fst=1733081761569&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9176621486z8831672054za201zb831672054&gcs=G111&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&label=FvhzCPKogMcZEMaksvoD&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&value=0&did=dZmIzNT&gdid=dZmIzNT&edid=dZmIzNT&bttype=purchase&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1061982790&l=dataLayer&cx=c&gtm=45He4bk0v831672054za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::9b -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lovesac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Dec 2024 19:36:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16447737171/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16447737171/?random=1733081761646&cv=11&fst=1733081761646&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9184202414z8831672054za200&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&did=dZmIzNT&gdid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-16447737171&l=dataLayer&cx=c&gtm=45He4bk0v831672054za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
351e345e65a3749d653d3c764ba314e68608554ea1bf335c8c53873435c14833
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2381
date
Sun, 01 Dec 2024 19:36:01 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16447737171
td.doubleclick.net/td/rul/ Frame 5AFA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/16447737171?random=1733081761646&cv=11&fst=1733081761646&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9184202414z8831672054za200&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&did=dZmIzNT&gdid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-16447737171&l=dataLayer&cx=c&gtm=45He4bk0v831672054za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::9b -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lovesac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Dec 2024 19:36:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10826552253/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10826552253/?random=1733081761681&cv=11&fst=1733081761681&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9184202414z8831672054za200&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&did=dZmIzNT&gdid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-16447737171&l=dataLayer&cx=c&gtm=45He4bk0v831672054za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
975d9684f91874c61af70660d7f2c3c97edd9ab02f48c3a3f7c18ec099bb099a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2378
date
Sun, 01 Dec 2024 19:36:01 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
10826552253
td.doubleclick.net/td/rul/ Frame B23F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/10826552253?random=1733081761681&cv=11&fst=1733081761681&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9184202414z8831672054za200&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&did=dZmIzNT&gdid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-16447737171&l=dataLayer&cx=c&gtm=45He4bk0v831672054za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::9b -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lovesac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Dec 2024 19:36:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
554 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-EE9DYJBNV5&gtm=45je4bk0v872365513z8831672054za200zb831672054&_p=1733081752073&_gaz=1&gcs=G111&gcd=13r3v3r3r5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&gdid=dZmIzNT&cid=1066669229.1733081762&ecid=560851970&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1733081761&sct=1&seg=0&dl=https%3A%2F%2Fwww.lovesac.com%2F&dt=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_type=hero&ep.page_name=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&tfd=10451
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.lovesac.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 19:36:01 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
554 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EE9DYJBNV5&cid=1066669229.1733081762&gtm=45je4bk0v872365513z8831672054za200zb831672054&aip=1&dma=0&gcs=G111&gcd=13r3v3r3r5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EE9DYJBNV5&l=dataLayer&cx=c&gtm=45He4bk0v831672054za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9d -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.lovesac.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 19:36:01 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame E61C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-EE9DYJBNV5&gacid=1066669229.1733081762&gtm=45je4bk0v872365513z8831672054za200zb831672054&dma=0&gcs=G111&gcd=13r3v3r3r5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=391919863
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EE9DYJBNV5&l=dataLayer&cx=c&gtm=45He4bk0v831672054za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::9b -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lovesac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Dec 2024 19:36:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EE9DYJBNV5&cid=1066669229.1733081762&gtm=45je4bk0v872365513z8831672054za200zb831672054&aip=1&dma=0&gcs=G111&gcd=13r3v3r3r5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1304309670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 01 Dec 2024 19:36:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
0
bat.bing.com/action/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4001819&tm=gtm002&Ver=2&mid=4787e581-9f87-4d8d-b4bd-e2a2ab21137a&bo=1&sid=7f5df880b01b11ef98ae2dddcadee7a0&vid=7f5df040b01b11efab3e5336b4be978a&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&kw=Lovesac%20Sectional,%20Lovesac%20couch,%20lovesac%20furniture,%20furniture%20lovesac,%20Lovesac%20sofa,%20sectional,%20sectional%20sofa,%20modular%20sectional,%20sectional%20pieces,%20couch,%20sofa,%20long%20sofa,%20modular%20furniture,%20rearrangeable%20furniture,%20rearrangeable%20couch,%20adaptable%20couch,%20couch%20that%20comes%20apart,%20configurable%20couch,%20couch%20with%20storage,%20living%20room%20seating,%20living%20room%20furniture,%20best%20couches,%20best%20sectional,%20best%20couch%20for%20families,%20washable%20couch,%20expandable%20couch,%20durable%20couch,%20sactional,%20lovesac%20sactional,%20lovesac%20com%20sactional,%20love%20sac%20sactional,%20sectional%20covers,%20custom%20sofa,%20custom%20couch,%20discover%20sectional,%20discover%20sactional,%20learn%20sectional,%20learn%20sactional,%20durable%20sofa,%20lovesac%20Beanbag,%20Lovesac%20Bean%20Bag,%20Lovesac%20Beanbag%20Chair,%20Lovesac%20Bean%20Bag%20Chair,%20Lovesac%20Chair,%20Lovesac,%20Large%20Lovesac,%20Beanbag,%20Bean%20Bag,%20Beanbag%20Chair,%20Bean%20Bag%20Chair,%20Large%20Beanbag,%20Small%20Beanbag,%20Extra%20Large%20Beanbag,%20XL%20Beanbag,%20comfortable%20seating,%20comfortable%20bean%20bag,%20comfortable%20beanbag,%20furniture%20for%20kids,%20foam%20chair,%20foam%20beanbag,%20foam%20bean%20bag&p=https%3A%2F%2Fwww.lovesac.com%2F&r=&lt=831&evt=pageLoad&sv=1&cdb=AQAQ&rn=495146
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 190323A5BBE74F3BAB9CE3234A7DF81B Ref B: YMQ01EDGE0414 Ref C: 2024-12-01T19:36:01Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sun, 01 Dec 2024 19:36:01 GMT
embed.js
resources.digital-cloud-west.medallia.com/wdcwest/541901/onsite/ 		1 KB
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.digital-cloud-west.medallia.com/wdcwest/541901/onsite/embed.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.29.230 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc92e938f4a514712281a775e02eed4106200becaa0a1060575eb468a1bf31e7
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
etag
"9fab510e55d30f80eb16ac29940295a7"
x-amz-version-id
v4ehE60bmm9iGczKHlpX5b7yLsiALtzR
age
477708
x-cache
HIT
date
Sun, 01 Dec 2024 19:36:02 GMT
last-modified
Wed, 20 Nov 2024 15:51:54 GMT
x-served-by
cache-iad-kiad7000094-IAD
x-cache-hits
400
content-type
application/javascript
x-amz-id-2
648KyHYq84dw900ipssbFctf8Fm6xB4l3ha0t7+8bF2B5ghKqJfCtdq6VBrEpdgs/WBcK9+YJ0Y=
strict-transport-security
max-age=31557600
vary
Accept-Encoding
cache-control
max-age=0,must-revalidate
x-timer
S1733081763.594115,VS0,VE0
via
1.1 varnish
x-amz-request-id
H7NBTKJQXTTRHJ6N
accept-ranges
bytes
access-control-allow-origin
*
content-length
533
server
AmazonS3
x-amz-server-side-encryption
AES256
commons.9b20dd57c6f12e1beb80.js
www.lovesac.com/shared/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/shared/commons.9b20dd57c6f12e1beb80.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/b2c1b5f5cb8bdd60aa3b033176d1ae56.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
618ad76495dd6d322f6e225fd6bee12db7ad4479d7e0aaf39cd76e0a368342ac
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
etag
W/"26c3c284edadc317106c9358baf83ab5"
x-amz-version-id
JpMKeELJQIowRAsNUME4tu5mgg8PRDn1
age
6964928
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
x-amz-cf-id
69HOksYxuOinVZWNstHos3kkC35j5SIIW3l5GbWDm_FtagOh3dIwTQ==
date
Sun, 01 Dec 2024 19:36:01 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 12 Sep 2024 04:51:30 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=300
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
2794
x-xss-protection
1
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
main.f9e13369eb72b4abdb3a.js
www.lovesac.com/b2c1b5f5cb8bdd60aa3b033176d1ae56/ 		324 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/b2c1b5f5cb8bdd60aa3b033176d1ae56/main.f9e13369eb72b4abdb3a.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/b2c1b5f5cb8bdd60aa3b033176d1ae56.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
edef0cc7fb4555bb220f3494fb766d39b549a14d5f7f07f895edbd66e5ae5f03
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
etag
W/"462d0d2366b992431fd6dd66d54e9c85"
x-amz-version-id
lkltfduA.BdXxM1XL9FrKBVm98wHt4VG
age
718463
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
x-amz-cf-id
ldV9aMvybpUG32JGFsoowW8bEOJ_jATfDqb99eiBPLmeQVrbow8h3A==
date
Sun, 01 Dec 2024 19:36:01 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 23 Nov 2024 12:00:31 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=300
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
73944
x-xss-protection
1
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
me.95e8bf721a20e70b0d1a.js
www.lovesac.com/shared/ 		26 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/shared/me.95e8bf721a20e70b0d1a.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/b2c1b5f5cb8bdd60aa3b033176d1ae56.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7b88851071652c16727c30f78dee657dc1e2739750fb3f077f03ff9868e3224d
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
etag
W/"486069f519602cd7a85210eeef214c3f"
x-amz-version-id
PrbQbFGtIMwIo_l2wLEEWUBOpqNcJ45x
age
2265267
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
x-amz-cf-id
MftjUyQ7qKRIU0o5AC0ytAz6FW4wQLlRXbGeEP4vnJSIYp4XSP9k9w==
date
Sun, 01 Dec 2024 19:36:01 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 05 Nov 2024 14:21:14 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=300
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
5375
x-xss-protection
1
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
unified-tag.js
cdn.attn.tv/tag/4-latest/ 		128 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_a40d7b9a50
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/lovesac/dtag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201e:b400:1c:9484:cec0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
feafb996d8e599ac428fb377b05a770972f988e0caaba05d7a1e666b64f60c6f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
x-amz-version-id
QWeT6MT0YQSr0DTuV1O0HynLe3srYWhT
etag
W/"026f7d01ddd61542393d4d1ab186791f"
age
135
x-cache
Hit from cloudfront
x-amz-cf-id
KKKMiPd_aSjGFjPj2dge8CqvMjbF3b7ANlR1X9Eq13FocY14cO9EBA==
date
Sun, 01 Dec 2024 19:33:56 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Thu, 07 Nov 2024 20:10:56 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=300
via
1.1 368146333bf1a1071e8432a7d4e41e1a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
4745a47a-d2cf-4989-879e-58fb89527431
https://www.lovesac.com/ Frame 		0
0
/
www.google.com/pagead/1p-user-list/16447737171/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/16447737171/?random=1733081761646&cv=11&fst=1733079600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9184202414z8831672054za200&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&did=dZmIzNT&gdid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dr1dxeCibiHJLEx7X6S5CwN5CSamQGw&random=877182266&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::63 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 01 Dec 2024 19:36:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/16447737171/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/16447737171/?random=1733081761646&cv=11&fst=1733079600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9184202414z8831672054za200&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&did=dZmIzNT&gdid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dr1dxeCibiHJLEx7X6S5CwN5CSamQGw&random=877182266&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 01 Dec 2024 19:36:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/10826552253/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10826552253/?random=1733081761681&cv=11&fst=1733079600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9184202414z8831672054za200&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&did=dZmIzNT&gdid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dLw_qhPSR8NX8cAak2F0Cl0reB6AiZQ&random=792315712&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::63 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 01 Dec 2024 19:36:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/10826552253/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/10826552253/?random=1733081761681&cv=11&fst=1733079600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9184202414z8831672054za200&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&did=dZmIzNT&gdid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dLw_qhPSR8NX8cAak2F0Cl0reB6AiZQ&random=792315712&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 01 Dec 2024 19:36:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/16447737171/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/16447737171/?random=1733081761473&cv=11&fst=1733079600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9184202414z8831672054za201&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&value=1&did=dZmIzNT&gdid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dretail&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dAYF9WXmdJD7-PWmi_mMQQvRI6CexxQ&random=232694649&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::63 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 01 Dec 2024 19:36:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/16447737171/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/16447737171/?random=1733081761473&cv=11&fst=1733079600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9184202414z8831672054za201&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&value=1&did=dZmIzNT&gdid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dretail&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dAYF9WXmdJD7-PWmi_mMQQvRI6CexxQ&random=232694649&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 01 Dec 2024 19:36:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-conversion/1061982790/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1061982790/?random=1616202875&cv=11&fst=1733081761569&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9176621486z8831672054za201zb831672054&g...
  • https://www.google.com/pagead/1p-conversion/1061982790/?random=1616202875&cv=11&fst=1733081761569&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9176621486z8831672054za201zb831672054&gcs=G111&gcd=13r3v3r3r...
  • https://www.google.ca/pagead/1p-conversion/1061982790/?random=1616202875&cv=11&fst=1733081761569&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9176621486z8831672054za201zb831672054&gcs=G111&gcd=13r3v3r3r5...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-conversion/1061982790/?random=1616202875&cv=11&fst=1733081761569&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9176621486z8831672054za201zb831672054&gcs=G111&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&label=FvhzCPKogMcZEMaksvoD&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&value=0&did=dZmIzNT&gdid=dZmIzNT&edid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbECSid0cmlnZ2VyPW5hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIoJOm1qiHigMVnBtoCB1dlwg1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhhodHRwczovL3d3dy5sb3Zlc2FjLmNvbS9CWENoRUlnSy13dWdZUWpMZUs1LUNyLTRPTkFSSXRBS1hUVnVKUEt2dm9VMVNORVdvLXhOdlEta19HeTFIYmZBQ191TERLTTZUbzVzVXpCbHh6NVQtdWg1Mmw&is_vtc=1&cid=CAQSKQCa7L7dh2Y8Iv7XWkLU7xS9VN84D1582rnSfqHspeLV2XHEacbm-Wj0&eitems=ChAIgK-wugYQ7vvBt43x18QxEh0A4bvkvVHttLfq2qaL2ri3tdCBtqGN1Ki-VpdPMw&random=3440446276&ipr=y
Protocol
H3
Server
2607:f8b0:4004:c1b::5e -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 01 Dec 2024 19:36:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.ca/pagead/1p-conversion/1061982790/?random=1616202875&cv=11&fst=1733081761569&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9176621486z8831672054za201zb831672054&gcs=G111&gcd=13r3v3r3r5l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lovesac.com%2F&label=FvhzCPKogMcZEMaksvoD&hn=www.googleadservices.com&frm=0&tiba=Sectionals%20%26%20Bean%20Bags%20%7C%20Modern%20Furniture%20Company%20%7C%20Lovesac&value=0&did=dZmIzNT&gdid=dZmIzNT&edid=dZmIzNT&npa=0&pscdl=noapi&auid=1624555720.1733081761&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBsQIIscOxAgiKxbECCMLJsQII68axAgjTxbECSid0cmlnZ2VyPW5hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIoJOm1qiHigMVnBtoCB1dlwg1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhhodHRwczovL3d3dy5sb3Zlc2FjLmNvbS9CWENoRUlnSy13dWdZUWpMZUs1LUNyLTRPTkFSSXRBS1hUVnVKUEt2dm9VMVNORVdvLXhOdlEta19HeTFIYmZBQ191TERLTTZUbzVzVXpCbHh6NVQtdWg1Mmw&is_vtc=1&cid=CAQSKQCa7L7dh2Y8Iv7XWkLU7xS9VN84D1582rnSfqHspeLV2XHEacbm-Wj0&eitems=ChAIgK-wugYQ7vvBt43x18QxEh0A4bvkvVHttLfq2qaL2ri3tdCBtqGN1Ki-VpdPMw&random=3440446276&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 01 Dec 2024 19:36:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
analytics.e55f8e8767441c3ca490.js
www.lovesac.com/shared/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/shared/analytics.e55f8e8767441c3ca490.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/b2c1b5f5cb8bdd60aa3b033176d1ae56.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3c9a51765c0e8383265a4f71bec21a153c4e9eea9e00941482e47d5e7f3f20d3
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
etag
W/"84ad235c695a317733d5fc56990a5cf9"
x-amz-version-id
3SCiVaxQ0DXtTjoL8xqYsA.NctUxgBiu
age
1395041
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
x-amz-cf-id
UErshnl5GoVnn1sFOGP-Dzo3ohnuvVjAELZnaibbBfhk4ACj3kbkGQ==
date
Sun, 01 Dec 2024 19:36:02 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 15 Nov 2024 16:05:15 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=300
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
7068
x-xss-protection
1
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
ua-parser
dcinfos-cache.abtasty.com/v1/ 		84 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dcinfos-cache.abtasty.com/v1/ua-parser
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.178.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8dc65058e5e2b9b189b8122a1fb8d01a486488a62c08993042029116fc451064
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
via
1.1 google
access-control-allow-origin
https://www.lovesac.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 19:36:01 GMT
content-type
application/json
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers,User-Agent,origin
geoip
dcinfos-cache.abtasty.com/v1/ 		410 B
531 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dcinfos-cache.abtasty.com/v1/geoip?weather=false
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.178.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8993cda6095aaccfd6693a7e013b1d3bb1c6a886712ec3193a63ea1a73da4a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=600
via
1.1 google
access-control-allow-origin
https://www.lovesac.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Dec 2024 19:36:02 GMT
content-type
application/json
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers,origin
1081254.1341214.json
www.lovesac.com/b2c1b5f5cb8bdd60aa3b033176d1ae56/ 		72 B
299 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/b2c1b5f5cb8bdd60aa3b033176d1ae56/1081254.1341214.json?9cf0dedaed7d3365a284035155615a47
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0229eef105ca13b03a86ef33165b59513556ab5b0247d15a4cd1ef42f3d11c9f
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
etag
"137dd16d676d2ff65527224bbb91ff57"
x-amz-version-id
geh4EIP9NAO79FKRtXoY1UqO_GFG4s2T
age
406910
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
x-amz-cf-id
aR_3QAvUhVmaNb09ueivzKPcbR9PxpfSvx-ME0V99JyxDCEKYnXrtg==
date
Sun, 01 Dec 2024 19:36:02 GMT
content-type
application/json; charset=utf-8
last-modified
Sat, 23 Nov 2024 12:00:26 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=300
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
71
x-xss-protection
1
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
/
lovesac.attn.tv/d/ 		5 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lovesac.attn.tv/d/?attn_vid=45d5de8d3fe344cdb0fc959fd89e689b
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.43.135 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
3
cf-ray
8eb586181fb7aba2-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 19:36:02 GMT
content-type
application/json
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server
cloudflare
e
events.attentivemobile.com/ 		0
290 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.attentivemobile.com/e?v=4.38.0_175b3ca305&pd=https%3A%2F%2Fwww.lovesac.com%2F&u=45d5de8d3fe344cdb0fc959fd89e689b&c=lovesac&ceid=SPo&lt=1733081762079&tag=modern&cs=1190518629&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1733081762087
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_a40d7b9a50
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.35 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
access-control-expose-headers
Set-Cookie, X-Count, X-Token
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
x-content-type-options
nosniff
cf-ray
8eb586182e9a36b7-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 01 Dec 2024 19:36:02 GMT
x-xss-protection
1; mode=block
server
cloudflare
priority
u=4,i
x-frame-options
DENY
1303244.1615128.json
www.lovesac.com/b2c1b5f5cb8bdd60aa3b033176d1ae56/ 		4 KB
879 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/b2c1b5f5cb8bdd60aa3b033176d1ae56/1303244.1615128.json?a614907617d830720a8e754e76039f56
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9b40df9c86afcf752e6a9f7952f1eb25f25a36232bbec7b31dc7b6a1ee1b724c
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
etag
W/"052865d2c11a38744fc51a7deb3f57a0"
x-amz-version-id
NrBLCDuzd.e32aJIDgJ2tN_.2Ey7R5Rx
age
274702
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
x-amz-cf-id
75PxHO_KKctQ7rJGLFLst3uXR529c_Ic01oy73PPR2QtSjTajPhWig==
date
Sun, 01 Dec 2024 19:36:02 GMT
content-type
application/json; charset=utf-8
last-modified
Sat, 23 Nov 2024 12:00:28 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=300
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
702
x-xss-protection
1
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
1336258.1656192.json
www.lovesac.com/b2c1b5f5cb8bdd60aa3b033176d1ae56/ 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/b2c1b5f5cb8bdd60aa3b033176d1ae56/1336258.1656192.json?939b6c1d0552598deca59ce9c4ddc713
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
721a4d3204db2aabafd88eae68fd12aef14e6ac0169b01615e01ed61ff4f63e3
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
etag
W/"3e9a8def900a990f7aba591172a4963e"
x-amz-version-id
j4VstdNdQE4wZHtANRsvMnyem.3_eRce
age
475565
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
x-amz-cf-id
tQ0zJ8FCUtWPUe33P8vxaUErDsh9VzlixWWqJpsqjb-hsafvl_ENnA==
date
Sun, 01 Dec 2024 19:36:02 GMT
content-type
application/json; charset=utf-8
last-modified
Sat, 23 Nov 2024 12:00:30 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=300
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
566
x-xss-protection
1
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
SPo.js
cdn.attn.tv/growth-tag-assets/client-configs/ 		379 B
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.attn.tv/growth-tag-assets/client-configs/SPo.js
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_a40d7b9a50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201e:b400:1c:9484:cec0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b16e35f8e00776e41006c00e1bad964d33c4e7f82e8bb8121469342b822f5bad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

x-amz-version-id
ORJ4T3n5PRr465MYrrvSyoCwXPhate1e
etag
"55d920d87c628781808019dad0fd7a1e"
age
109
x-cache
Hit from cloudfront
x-amz-cf-id
Ot9Qcg1lEn5Fp7cX3HbOaBh0JCQINXdNlpZfqf47nyZIU7vZbEN1Sg==
date
Sun, 01 Dec 2024 19:34:14 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Mon, 14 Oct 2024 17:46:33 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=120
via
1.1 368146333bf1a1071e8432a7d4e41e1a.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
379
x-amz-cf-pop
IAD89-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
unrenderedCreative
lovesac.attn.tv/ 		0
207 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lovesac.attn.tv/unrenderedCreative?v=4.38.0&r=&id=45d5de8d3fe344cdb0fc959fd89e689b&pv=1&l=https%3A%2F%2Fwww.lovesac.com%2F&w=1600&h=1200&ss_ref=ORGANIC&f=2
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.43.135 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.lovesac.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
13
cf-ray
8eb586181fbdaba2-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 01 Dec 2024 19:36:02 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server
cloudflare
media_159e9566b1e7abd0c69a2e5199f1d11ad850bcc8e.webp
www.lovesac.com/ 		818 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/media_159e9566b1e7abd0c69a2e5199f1d11ad850bcc8e.webp?width=2000&format=webply&optimize=medium
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c05eb3df24831f21a6184a099b0f6ad08247afea73996c4d6d67557efc9069a7
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

fastly-io-info
ifsz=816 idim=100x75 ifmt=webp ofsz=818 odim=100x75 ofmt=webp
etag
"RhL2mEteZbAoHmJRI+6hctUg186uH7sxdIZwz5MzJMg"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:36:02 GMT
content-type
image/webp
vary
Accept
x-frame-options
SAMEORIGIN
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=2592000, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
818
x-xss-protection
1
fastly-io-served-by
vpop-kiad7010213
x-auth-state
anonymous
media_16db774baccdbe66de332bc77379acb51328220e9.webp
www.lovesac.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/media_16db774baccdbe66de332bc77379acb51328220e9.webp?width=2000&format=webply&optimize=medium
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cda7d701307690d91df3ad182e2132289471c47568f898d97af3cf08d2e273da
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

fastly-io-info
ifsz=1766 idim=100x75 ifmt=webp ofsz=1360 odim=100x75 ofmt=webp
etag
"nNbn/YJIu+YHS4QvMq5rB355yp4qUjbhOsL3tYSD2NI"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:36:02 GMT
content-type
image/webp
vary
Accept
x-frame-options
SAMEORIGIN
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=2592000, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
1360
x-xss-protection
1
fastly-io-served-by
vpop-kiad7010211
x-auth-state
anonymous
media_114078248d668b1892ad7846462dcb66a41cfb456.webp
www.lovesac.com/ 		824 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lovesac.com/media_114078248d668b1892ad7846462dcb66a41cfb456.webp?width=2000&format=webply&optimize=medium
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2b0f7f8c8d3a50efb38a74e65f124bb5b220c9afaa160eda84d038683bc93dea
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

fastly-io-info
ifsz=1104 idim=100x75 ifmt=webp ofsz=824 odim=100x75 ofmt=webp
etag
"845142TEZF09RnobKHFdc8N+XdnnGwHab30FURC0pxs"
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
date
Sun, 01 Dec 2024 19:36:02 GMT
content-type
image/webp
vary
Accept
x-frame-options
SAMEORIGIN
fastly-stats
io=1
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
max-age=2592000, must-revalidate
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
content-length
824
x-xss-protection
1
fastly-io-served-by
vpop-kiad7010249
x-auth-state
anonymous
fonts.css
origin.xtlo.net/type=core:clientId=1747449748:coreAssetsVersion=183/media/ Frame B796 		6 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origin.xtlo.net/type=core:clientId=1747449748:coreAssetsVersion=183/media/fonts.css
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-lovesac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-83.iad89.r.cloudfront.net
Software
Extole /
Resource Hash
83409f35570c92abdfb7fe8044dc4b5c49a949cc65fc3f0fdbf76c059b3e24eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.lovesac.com
Referer

Response headers

access-control-max-age
2592000
cache-control
no-transform, max-age=2592000
content-encoding
gzip
age
1592472
via
1.1 47c0295005ec7d8570406951491004c2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
455
x-amz-cf-id
5bVS1efjMaIZc5O1VTBh1n-5ntddnjZf_ql6GwKc927u3pcQC7dvTw==
date
Wed, 13 Nov 2024 09:14:46 GMT
content-type
text/css
last-modified
Wed, 13 Nov 2024 09:14:46 GMT
server
Extole
x-amz-cf-pop
IAD89-C3
vary
Accept-Encoding
lovesac
ingest.quantummetric.com/horizon/ Frame B796 		90 B
245 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ingest.quantummetric.com/horizon/lovesac?T=B&u=https%3A%2F%2Fwww.lovesac.com%2F&t=1733081762147&v=1733081762707&S=0&N=0&P=0&z=1
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-lovesac.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.30.149.219 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
75b4b9a1fca668c8d1ae4c1752e8f7684746ddea2fb77f0bfd14a7dcd05d1b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.lovesac.com
content-length
90
date
Sun, 01 Dec 2024 19:36:03 GMT
content-type
application/json
access-control-allow-credentials
true
1340119.1661124.json
www.lovesac.com/b2c1b5f5cb8bdd60aa3b033176d1ae56/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lovesac.com/b2c1b5f5cb8bdd60aa3b033176d1ae56/1340119.1661124.json?cb975ecdc6798ebc1ddf30f12aeec3e8
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
79a2c1bf75f0621de3a8e1cffef0d1ae509f81837ef53633a914d5f7720fa066
Security Headers
Name Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
br
etag
W/"5f67771a1ebf4ec1ccfd3b58e56669f9"
x-amz-version-id
02RnMW5ffmQR1nLJdU39OLHqjaXccpq_
age
364196
expect-ct
enforce,max-age=30
x-content-type-options
nosniff
x-amz-cf-id
eC7_FhTPYruw6ZnozIWtusJQFZ9b4MUnHqyWIyeA5ISAiUuvW4_Ssg==
date
Sun, 01 Dec 2024 19:36:02 GMT
content-type
application/json; charset=utf-8
last-modified
Sat, 23 Nov 2024 12:00:30 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
cache-control
public, max-age=300
referrer-policy
origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
503
x-xss-protection
1
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
getDUH
photos.pixlee.co/ Frame 13EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://photos.pixlee.co/getDUH
Requested by
Host: assets.pixlee.com
URL: https://assets.pixlee.com/assets/pixlee_events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src http: https:;script-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.feedshop.net *.pxlecdn.com *.pixlee.gallery *.pixleeteam.com data: *.nanovisor.io http://photos.test localhost:8000 http://photos.pixlee.test *.pixlee.com *.pixlee.co *.pixlee.io https://cdn.ravenjs.com https://browser.sentry-cdn.com cdnjs.cloudflare.com https://*.cloudfront.net *.pusher.com *.pinterest.com *.googleapis.com https://api-ssl.bitly.com *.google-analytics.com graph.instagram.com connect.facebook.net googletagmanager.com pixlee.gallery https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com 'unsafe-inline' 'unsafe-eval' photos.pixlee.com;style-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.pixleeteam.com http://photos.test localhost:8000 http://photos.pixlee.test *.pixlee.com *.pixlee.co *.pixlee.io *.pxlecdn.com https://cdnjs.cloudflare.com fonts.googleapis.com graph.instagram.com https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com 'unsafe-inline' photos.pixlee.com;font-src http: https: data:;img-src *.kube.pixlee.io *.pixleeteam.com android-webview-video-poster: *.pixlee.com *.pixlee.co *.pixlee.io *.pxlecdn.com http: https: data: blob:;connect-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.feedshop.net *.pxlecdn.com *.pixlee.gallery *.pixleeteam.com *.nanovisor.io *.pixlee.com *.pixlee.co *.pixlee.io *.pixlee.test localhost:8000 distillery.test photos.test *.pixleeteam.com:9000 *.pixleeteam.com:9001 ws://*.pixlee.com wss://*.pixlee.com ws://*.pixlee.co wss://*.pixlee.co ws://*.pxlecdn.com wss://*.pxlecdn.com *.pusherapp.com ws://*.pusherapp.com wss://*.pusherapp.com https://api-ssl.bitly.com *.facebook.com pixlee-staging-distillery.herokuapp.com s3.amazonaws.com youtube.com sentry.io code.jquery.com *.googleapis.com pixlee-backstage-analytics.herokuapp.com https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com ws://localhost:3036 photos.pixlee.com;report-to csp;report-uri https://sentry.io/api/1227414/security/?sentry_key=a8d877c6035547e193eff7baa44c7501
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.lovesac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
280
cache-control
max-age=300,s-maxage=300
content-encoding
gzip
content-length
1250
content-security-policy
default-src http: https:;script-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.feedshop.net *.pxlecdn.com *.pixlee.gallery *.pixleeteam.com data: *.nanovisor.io http://photos.test localhost:8000 http://photos.pixlee.test *.pixlee.com *.pixlee.co *.pixlee.io https://cdn.ravenjs.com https://browser.sentry-cdn.com cdnjs.cloudflare.com https://*.cloudfront.net *.pusher.com *.pinterest.com *.googleapis.com https://api-ssl.bitly.com *.google-analytics.com graph.instagram.com connect.facebook.net googletagmanager.com pixlee.gallery https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com 'unsafe-inline' 'unsafe-eval' photos.pixlee.com;style-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.pixleeteam.com http://photos.test localhost:8000 http://photos.pixlee.test *.pixlee.com *.pixlee.co *.pixlee.io *.pxlecdn.com https://cdnjs.cloudflare.com fonts.googleapis.com graph.instagram.com https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com 'unsafe-inline' photos.pixlee.com;font-src http: https: data:;img-src *.kube.pixlee.io *.pixleeteam.com android-webview-video-poster: *.pixlee.com *.pixlee.co *.pixlee.io *.pxlecdn.com http: https: data: blob:;connect-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.feedshop.net *.pxlecdn.com *.pixlee.gallery *.pixleeteam.com *.nanovisor.io *.pixlee.com *.pixlee.co *.pixlee.io *.pixlee.test localhost:8000 distillery.test photos.test *.pixleeteam.com:9000 *.pixleeteam.com:9001 ws://*.pixlee.com wss://*.pixlee.com ws://*.pixlee.co wss://*.pixlee.co ws://*.pxlecdn.com wss://*.pxlecdn.com *.pusherapp.com ws://*.pusherapp.com wss://*.pusherapp.com https://api-ssl.bitly.com *.facebook.com pixlee-staging-distillery.herokuapp.com s3.amazonaws.com youtube.com sentry.io code.jquery.com *.googleapis.com pixlee-backstage-analytics.herokuapp.com https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com ws://localhost:3036 photos.pixlee.com;report-to csp;report-uri https://sentry.io/api/1227414/security/?sentry_key=a8d877c6035547e193eff7baa44c7501
content-type
text/html; charset=utf-8
date
Sun, 01 Dec 2024 19:36:02 GMT
etag
W/"171c382729f4b448d9f7b0f6b49a2033"
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
referrer-policy
strict-origin-when-cross-origin
report-to
{ "group": "csp", "max-age": 10886400, "endpoints": [{ "url": "https://sentry.io/api/1227414/security/?sentry_key=a8d877c6035547e193eff7baa44c7501;" }] }
strict-transport-security
max-age=31557600
true-client-ip
166.0.205.185
vary
Origin, Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, HIT, HIT
x-cache-hits
0, 608, 32
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
9ea115a436eef5986d00bb54c3493036
x-runtime
0.003491
x-served-by
cache-iad-kiad7000093-IAD, cache-iad-kiad7000093-IAD, cache-yul1970029-YUL
x-timer
S1733081763.990385,VS0,VE0
x-xss-protection
1; mode=block
generic1732117913095.js
resources.digital-cloud-west.medallia.com/wdcwest/541901/onsite/ 		403 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.digital-cloud-west.medallia.com/wdcwest/541901/onsite/generic1732117913095.js
Requested by
Host: resources.digital-cloud-west.medallia.com
URL: https://resources.digital-cloud-west.medallia.com/wdcwest/541901/onsite/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.29.230 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f32127777b2046c60b806447bc64a7fba5cba5c8571b20b8a29f002c88a8418e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/

Response headers

content-encoding
gzip
etag
"701fce7c2c31d4ab3b8152593f0b38ed"
x-amz-version-id
T.74f0_EBwN8CkOuip3w99Wetpl4KXzh
age
963848
x-cache
HIT
date
Sun, 01 Dec 2024 19:36:02 GMT
last-modified
Wed, 20 Nov 2024 15:51:54 GMT
x-served-by
cache-iad-kiad7000094-IAD
x-cache-hits
17
content-type
application/javascript
x-amz-id-2
NgtePaASyYRkvPzdQRZzo1srNXK776xKGtFeoDUlJmYZQg3kPjmrGbc9hyUKf2FX+BY0db5m11s=
strict-transport-security
max-age=31557600
vary
Accept-Encoding
cache-control
max-age=2592000
x-timer
S1733081763.777462,VS0,VE0
via
1.1 varnish
x-amz-request-id
H7N91SDEX96WBTQV
accept-ranges
bytes
access-control-allow-origin
*
content-length
89973
server
AmazonS3
x-amz-server-side-encryption
AES256
/
ariane.abtasty.com/ 		43 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ariane.abtasty.com/
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.178.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://www.lovesac.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
must-revalidate, no-cache, private
x-envoy-decorator-operation
entrypoint.workload.svc.cluster.local:8080/*
via
1.1 google
access-control-allow-origin
https://www.lovesac.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Sun, 01 Dec 2024 19:36:03 GMT
content-type
image/gif
lovesac
ingest.quantummetric.com/horizon/ Frame B796 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ingest.quantummetric.com/horizon/lovesac?T=B&u=https%3A%2F%2Fwww.lovesac.com%2F&t=1733081762147&v=1733081763577&H=a3ba4c675dbae749bacca74c&s=993a2c1a9626ff29089777d6d2ce5eba&Q=1&Y=1&X=1166060be0ea4593502a81dce1fc8e55&z=1
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-lovesac.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.30.149.219 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.lovesac.com
content-length
0
date
Sun, 01 Dec 2024 19:36:03 GMT
content-type
application/json
access-control-allow-credentials
true
lovesac
ingest.quantummetric.com/horizon/ Frame B796 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ingest.quantummetric.com/horizon/lovesac?T=B&u=https%3A%2F%2Fwww.lovesac.com%2F&t=1733081762147&v=1733081763585&H=a3ba4c675dbae749bacca74c&s=993a2c1a9626ff29089777d6d2ce5eba&U=5e8b1bc63d08b0b0eb52290cb31f00e9&Q=2&S=0&N=0&z=1
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-lovesac.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.30.149.219 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.lovesac.com
content-length
0
date
Sun, 01 Dec 2024 19:36:03 GMT
content-type
application/json
access-control-allow-credentials
true
/
ariane.abtasty.com/ 		43 B
95 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ariane.abtasty.com/
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.178.232 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://www.lovesac.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
must-revalidate, no-cache, private
x-envoy-decorator-operation
entrypoint.workload.svc.cluster.local:8080/*
via
1.1 google
access-control-allow-origin
https://www.lovesac.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Sun, 01 Dec 2024 19:36:03 GMT
content-type
image/gif
lovesac
ingest.quantummetric.com/horizon/ Frame B796 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ingest.quantummetric.com/horizon/lovesac?T=B&u=https%3A%2F%2Fwww.lovesac.com%2F&t=1733081762147&v=1733081763785&H=a3ba4c675dbae749bacca74c&s=993a2c1a9626ff29089777d6d2ce5eba&S=4853&N=29&P=1&z=1
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-lovesac.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.30.149.219 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.lovesac.com
content-length
0
date
Sun, 01 Dec 2024 19:36:03 GMT
content-type
application/json
access-control-allow-credentials
true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.lovesac.com
URL
blob:https://www.lovesac.com/4745a47a-d2cf-4989-879e-58fb89527431

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| s7jsonResponse boolean| hlxLoaded string| RUM_BASE object| hlx object| dataLayer object| adobeDataLayer function| enableUsableNetAssistive function| disableUsableNetAssistive object| blueConicPreListeners function| BCClass object| blueConicClient object| google_tag_manager object| google_tag_data function| __privaci_gtag function| __privaci_gcm_set_consent function| InteractionTypeImpl function| $ object| _bcp object| Mustache function| BlueConicMetaDataService function| RuleService function| FormRuleService function| BlueConicEngagement object| justDetectAdblock object| bcConnectionUtil function| BlueConicDataLayerUtility function| md5 object| bc number| 9ca0f631-6a7d-4379-99b8-c72c4301f2f8_1628789858964_8644745103_lastDataLayerIndex object| GCMUtils object| TCFUtils function| ARIAtabs object| bannerConfigUtils object| bannerGenerator object| commonConstants object| commonUtils object| consentBannerUtils object| consentTuningUtils object| cookieconsent object| getterUtils object| GPPBannerGeneration object| GPPUtils function| registerSrtiCookieSDKEvents function| setConsentBannerParams function| showConsentPreferencesPopup function| overrideThemeMatching function| initCmp object| preferenceCenterGeneration object| regeneratorRuntime object| extole

9 Cookies

Domain/Path Name / Value
j730.lovesac.com/DG/DEFAULT Name: BCSessionID
Value: d1b35baf-c705-43ea-a6a2-cd327513a428
lovesac.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: d1b35baf-c705-43ea-a6a2-cd327513a428
www.lovesac.com/ Name: BCSessionID
Value: d1b35baf-c705-43ea-a6a2-cd327513a428
lovesac.blueconic.net/ Name: AWSALBCORS
Value: zwxiYn6jm99QNE2jcBVQvRIm8IuFxEw6v/MggpRlJxdsk382eXv4pNBs2Q+9gEYVlLpoFlVLUcIP4AQgDGoYLVnr4Vb4bFqZ/8Zv5NmfaEnGiEVqnrBhK918b0+c
j730.lovesac.com/ Name: AWSALB
Value: 4+xEJ8pzBL1nkR9CrMfARWv6nGFpAGICD7gNKRroaL6f1gqN03M10U3ptjedKWljRLnEwqe9YwNR821+5u7WRhnFFWkB1irxgBiTMifPyvNWVBhQ3WGbn7rFflrY
j730.lovesac.com/ Name: AWSALBCORS
Value: 4+xEJ8pzBL1nkR9CrMfARWv6nGFpAGICD7gNKRroaL6f1gqN03M10U3ptjedKWljRLnEwqe9YwNR821+5u7WRhnFFWkB1irxgBiTMifPyvNWVBhQ3WGbn7rFflrY
.share.lovesac.com/ Name: xtl_bid
Value: 7443529473886732584
.share.lovesac.com/ Name: extole_token
Value: 1RRGQGQLSUQK0SGE85HPASVNGD
www.lovesac.com/ Name: extole_access_token
Value: 1RRGQGQLSUQK0SGE85HPASVNGD

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy font-src 'self' data: *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com; form-action 'self' *.syfpos.com *.syfpayments.com *.amazon.com; frame-src https://*; img-src https://* data: blob:; script-src https://* 'unsafe-inline' 'unsafe-eval' blob:; style-src https://* 'unsafe-inline'; connect-src https://* wss://* data:; media-src 'self' s7d4.scene7.com; default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13921035.fls.doubleclick.net
a40.usablenet.com
ad.doubleclick.net
analytics.google.com
app.securiti.ai
apps.bazaarvoice.com
ariane.abtasty.com
assets.pixlee.com
bat.bing.com
cdn-prod.securiti.ai
cdn.attn.tv
cdn.noibu.com
cdn.quantummetric.com
dcinfos-cache.abtasty.com
events.attentivemobile.com
googleads.g.doubleclick.net
ingest.quantummetric.com
j730.lovesac.com
lovesac.attn.tv
lovesac.blueconic.net
lovesac.com
network-a.bazaarvoice.com
origin.xtlo.net
pagead2.googlesyndication.com
photos.pixlee.co
resources.digital-cloud-west.medallia.com
share.lovesac.com
stats.g.doubleclick.net
td.doubleclick.net
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.lovesac.com
www.lovesac.com
104.18.43.135
108.138.85.27
142.251.167.157
146.75.29.230
15.197.226.17
151.101.1.124
151.101.194.132
151.101.2.132
172.64.148.35
18.160.41.21
2001:4860:4802:34::181
2600:1408:ec00:f::1730:cb28
2600:9000:201e:b400:1c:9484:cec0:93a1
2600:9000:2508:1c00:12:1bf:30c0:93a1
2600:9000:27d1:a600:d:274d:a6c0:93a1
2606:4700::6812:bd5
2607:f8b0:4004:c17::9d
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1d::63
2607:f8b0:4004:c1d::9a
2607:f8b0:4004:c1f::61
2607:f8b0:4004:c21::9a
2607:f8b0:4004:c21::9b
2620:1ec:33::10
3.167.112.60
3.232.49.68
34.30.149.219
34.36.178.232
35.173.45.49
52.85.151.83
64.233.180.148
0229eef105ca13b03a86ef33165b59513556ab5b0247d15a4cd1ef42f3d11c9f
0891be2ab8cf22e5481e092e0e8f1a8ed20a6703fc5dfab3425598d1946f0195
08ee6caf9b4b4724dff02441afcfa2985137087a3be05abe0304a3763741066e
09244974d9decf20f9cd3402621e4844a454f3ae43cdf509538f43c0456ba6c4
0c255f5c90b4fb019031273fac799886558e0782fa7d0e9afd81a702cf19aeda
0e25d51d8622781ad5734779489123fb53654f0f0202447634686c9073f8986a
10004a31dfbef9d083b3bde79ccd4e9ad4d9d70efea0df3dfbd27485325ee635
132c92ebb14b7dbf4669c61fec107aa001273bf5e5eecb33c74caebe84c68b59
141f661f28cb7b1815a455ac00e11e68ed628d632b705e5b69707fe7a94be656
15c73b24c8a7671cc829fe8c6a6d0477e7455bb0b5cd2a04326894e08f11d07e
1964bb1f24fe7a882c3a568aa373bec00456a1d6f9de3c726fba1b638ee90065
1a331a6eb0eea523d0b27c76fa58fe74fc323e4be8e01e83a86d0011226fe11c
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1de566eb19a090ec99e340fac533704d4c309f6861d6828b9f590d057fac7d15
1efbdc03b7f3c933dab49d254fb26dc49fe3eb0601d7bf62a3e30da316ea1786
21e6dc91dcf43fa33a4341eec74aed1bafa7fa2bac66c8b06e91c37681f39ac1
274ad89821ef2dd0dfb663a7c86e8c39aabb876e7ffa21590fe002a58b4ed385
28e65407085b3df680f15d970ba859af86f32296d4ca298a6a14dc5a9d0a0f4c
2b0f7f8c8d3a50efb38a74e65f124bb5b220c9afaa160eda84d038683bc93dea
345a1b5381db7c7137ca06bdf7c3aee35db234f57909435053a6e84af8bb9415
351e345e65a3749d653d3c764ba314e68608554ea1bf335c8c53873435c14833
361bd1354a237ffa90d8729c03116ec5c33b7319f40b4a49c5a4f4afe38020ca
3c9a51765c0e8383265a4f71bec21a153c4e9eea9e00941482e47d5e7f3f20d3
3fac54c924f87067bfbab0253927c39abadc306a65de1135b88c31ccd47aa9c3
40409f5d29e503fd69e3d6b79d1e8dafc5a95ac57716c3bdd5fc9c20a8253c26
40fbd618c22e15d07a1b54ef4b180b4a19866345703d783f45467e7952ba9b16
46428f2c539eecc8b06fecb7ea74dc8f945fd9ab25b8b4cabba1aa55f6d91239
47316e7b8fe970db4eea43c22c7a0c965d5e09c2fada408f1dc48a223a26206d
4936bc3873310a6ea0d6230dc11f1f4edb5afc563ab259bba75f00fe708a9777
5038fea22484a20ffc4c647edb2e327079e6c0316d4e8f765279c6a7b45036f5
50768ec45bc3f0173d3800e2a4a7bc8505cafeb226cc0e2be5e49ee9efd1a617
536f518c3e1681a650b71814f171259b2b8914eaa5c25eb9fa40c63b65b4541a
5541817cfb0d5b9118de457fd43ecd8b020bfaa787be902ceabe2f13f088cfba
577b7100c896afb832459546dd22660ff7ec595426c4bc095d11b6711c808897
5797e2f2b500433689fb9d46d09a947739ea2c9c0748a0772855efd295d20ec4
5b907e1fb8c65299ddca13753c134676a4c4944ade4d21cb240ac6de4bb2345d
5c0c3b3bf32663a4ecf687042363bc1dd97bc8ce8f777e53e7f78aa4fab247fe
5dd10a11fa87b8e404b309646a3c6a1db05cac521920f21aab6575fd8cd86ba5
5ee70c314ba5ca66b43716521c62869cfc266c2bec352554dffe739f851dadfa
618ad76495dd6d322f6e225fd6bee12db7ad4479d7e0aaf39cd76e0a368342ac
632ecf3e9fc6e3f7bdc1e11436771e269e2438febfbd58d0eea48389d9c87474
652115436eb0ca7c8d7756224d930606a6ee96775fa3fc629e150bde721e4ece
652ed0a23b6fc715a267f34070fcda4f5a3089af73c8ad8da28ee5b5ef93df07
67125309129d12b9c5ebccf5e3db54adb752a6ba2731b2d733f5b2b8f9343c37
6c162d20906d0abb78b777b93cdc689b433a58d9cdebbe81faeec092ab99c432
6ca123db8c4e1ce21b2eec77f927c0563c64f04d8fc6c94aff8739eef4ebc9af
707e286141b42df2694f1b63df6d7ac4eae0336dfa86ebcd003046edada0a7b6
721a4d3204db2aabafd88eae68fd12aef14e6ac0169b01615e01ed61ff4f63e3
749e8f967ed79a31bb08b34d10959d8841c5f41bd4ee5d022d32fe3726440b35
75b4b9a1fca668c8d1ae4c1752e8f7684746ddea2fb77f0bfd14a7dcd05d1b6c
78a1cd5a64d4381f715e66a889f76589c7e72670cee22f545e8b44dd954d23b2
78b1f097188ef9c96455015c5b337b216e31b640884ad27cca8bcfa0d8851222
78d528b87ed5de3d96dbf6f38c6a5ff7132532df2955afd1a5cfdf93784cb741
79a2c1bf75f0621de3a8e1cffef0d1ae509f81837ef53633a914d5f7720fa066
7b88851071652c16727c30f78dee657dc1e2739750fb3f077f03ff9868e3224d
7cc2e9383273604c39b525dc366bb6467ea148236649caa15e1e7c2dc6c052c0
7d22f48243f28ae0d3cfbbc0ec1919450e5249f32645dfdf104c83d0b5cfd00c
7de6d0553d348945beaa0c52fb92a1ba443030784627c5f8a261ccd6a5e8f00a
82509bbe5f3eb21a99c2ebcde890ab5f63703902bb6c262a94d2bf868548b9e4
826cc9cec837c31c4bef524800dacb7b1129a992f12f7b6e07ef0be284bf23f2
83409f35570c92abdfb7fe8044dc4b5c49a949cc65fc3f0fdbf76c059b3e24eb
893e612b6646a59145690c318149fe53708691ca1418a90683455b23d470e2ef
89bd87180e2a56128786aefe8795d76f6da9cf46b04ac488dfbf733d595d479b
8dc65058e5e2b9b189b8122a1fb8d01a486488a62c08993042029116fc451064
8fba8aa752c52faf3f65498ce0e4d67d8e613659fdb6e37f3c4ed6844e882276
907125c47c5fabae24ea7b28aae7e2c5c5b35be2c5aa63c92061e8af89f58c7a
96f0906923661f0d17a14750a37f9f15c55babe3b896b35970a9b621963ed443
974b56fe68dfaf186ca4ff70bf6c817133519ca6e188c049b1242e0694c7331d
975d9684f91874c61af70660d7f2c3c97edd9ab02f48c3a3f7c18ec099bb099a
97c4036cb78cbe1bc98ff5416e91da246c8ffdf28ac76ec21b2297ce7c6c6aa3
97f752f1bdffe4e12de8fe349f77012495c8926f74f64874a3e740960b365977
992362972067249866df2ae2e9900b8d7f3eacd9c1da371e8907fbdb828d099a
9a22564368caa6c8d7021190559dd6db7e0feb164b2096fd064fbb62c4ad8797
9aa6273c7c6e36d2b2320eba7dd0f69784c7e77e0684040a7c767f9b84228acd
9b40df9c86afcf752e6a9f7952f1eb25f25a36232bbec7b31dc7b6a1ee1b724c
9e527c0e0050e352eab309b30b2301013481bd423685e8312215324fb76267d6
9f3590fa1ce5eaccbfc888cfeec490ceadbabfbfc60a7aab5766f0d9aaf01ded
a6e588906395837b598fd36c8599a11a6d84f33e565ee26adc8be7c2291f087e
a71f37d0054e69c9933de07bb6da3601fa5b802591e65caafc4df479a2253168
a860ced46975e49ce6174796c586624fba4ac8aac87405fa49012105225b95ea
a9a3b62d9490a1c9a6dfb6fb2637a4e23e26da2558ee8521f6973f9ba426f27a
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ad92e69533bfd2c140ca832ad3ffca90b226a3475ac4e3c8fccfe1e42c5c4eab
adb589dbcbb0f9990150311a0cd3516d7f3b2024da40747fb06760e1e9f84a2c
af2be4b5fc5fe55070880b309c632a6b9543a0774680b8012548564a94aaa513
b16e35f8e00776e41006c00e1bad964d33c4e7f82e8bb8121469342b822f5bad
b299dcdada0c8da285740061362e1d74d1a9daa7eb7c8afe97347b04f8b0dfac
b2b39f895fa5f1abe641c2161ca910b6d2e9a8a93f73c90e4191ea8ca42af8eb
b40fbcb2e6bc708898b0bd181ba6906ccd5f3282bc00710e9509eb87bfbb6f18
b79f350c0d6aa0d1dd037fdab2d99020b0673470847523198d0ad1a4a72f6616
b7fe6fd480efbe57c71797d42bfc82d2e6a509e0afcee0997d3e163154ed5b88
b88975a2f2f99d11a2360ce6fb178682989a522cdfead6559520e998d02c82a3
bd74ad53158df6a52c5e2926201b84117fac3d7a4c3f81eaba74b685d5ab2af4
bf6b951492f3010852adf99ffe098f97dc82fb15158544474cbb09468a329750
c01cc12832700a18741f7ba22bce9dab71999bfe1a22259005ffa7b4abb6d782
c05eb3df24831f21a6184a099b0f6ad08247afea73996c4d6d67557efc9069a7
c37762e739678fd4adb5306de4d606d5a2347485d146a8c5b623744f73221bb6
c8993cda6095aaccfd6693a7e013b1d3bb1c6a886712ec3193a63ea1a73da4a3
ca6b1f55e028d27b589888142f656836ad15c0b0e6b6b8286edd17cb7b696054
cb99c75b71458f0b137e8867931822c69b509dfd2b50c72f355096a990f159cf
cce2184ec089babc70ded47b8474c543f6a5ff013e4bfd9dbae8689489bb13ba
cda7d701307690d91df3ad182e2132289471c47568f898d97af3cf08d2e273da
cf549fd066928bf8b091a4850bb5ee30e963f42481cfa88fc363d96800586686
d19345402a80151ddd1caa1ed515d15bf5a016639f9e91daf172f7967f8c4a98
d2f2f392f6cab000785e13a6bf77649f5c5d130cc22a0d8f19e3b2df3d95123a
d78bdebd64cf86d32ca691556c2da2bd31179744e94d2e55e195498e4caca167
dccfc3418e69f6ca37f92a3459c360d871b36744be9a4e2b96bbe3ae4e45e4fd
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd598a03572ddc2725d3c12957c99af19901d4b8cb8f3786478cbaa6269394f7
ddf7975c4428e42d17fe3e74c90659eec4b2e1a3f5aad40b702aa4beb3cbbe79
de34497bee9b40997625934cd62c7be64cb29166d9a3815860494b52b18116fa
e16609a1f7ec5045a285e16ae59dcabfd28a6ad40803c1dec8fcdfa1cd4516f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7666fce922460a72b0931458d194cbbe0becf81a6ea04b688cf8aefdb9d329b
e821eb94353bd6c5a2b856282d481640c370f08cf96df433d98e8f193e523c18
ec4ecc3ba36245e1fdbc2ab31ab7f9a79ae9ef00208661fff2d4e9bb8c20383e
edef0cc7fb4555bb220f3494fb766d39b549a14d5f7f07f895edbd66e5ae5f03
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e25328be62ee5aca4777d33ecfbaf64a502f80dac2008bd7197e236cac8dc7
f32127777b2046c60b806447bc64a7fba5cba5c8571b20b8a29f002c88a8418e
f94a619dfe8a6a9f7398dfdc221ed1f7ac66a2943c21f7ebfc47ad9d64c3e51c
fc92e938f4a514712281a775e02eed4106200becaa0a1060575eb468a1bf31e7
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
feafb996d8e599ac428fb377b05a770972f988e0caaba05d7a1e666b64f60c6f