Submitted URL: http://www.lovesac.com/
Effective URL: https://www.lovesac.com/
Submission: On April 10 via api from US — Scanned from DE

Summary

This website contacted 100 IPs in 8 countries across 78 domains to perform 241 HTTP transactions. The main IP is 151.101.193.124, located in United States and belongs to FASTLY, US. The main domain is www.lovesac.com. The Cisco Umbrella rank of the primary domain is 394851.
TLS certificate: Issued by R3 on March 20th 2024. Valid for: 3 months.
This is the only time www.lovesac.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
37 151.101.193.124 54113 (FASTLY)
7 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 169.47.214.218 36351 (SOFTLAYER)
15 18.245.86.97 16509 (AMAZON-02)
12 2606:4700:10:... 13335 (CLOUDFLAR...)
6 2600:9000:264... 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 34.249.143.0 16509 (AMAZON-02)
1 6 2600:9000:272... 16509 (AMAZON-02)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2.17.190.22 16625 (AKAMAI-AS)
1 104.18.10.207 13335 (CLOUDFLAR...)
4 151.101.194.132 54113 (FASTLY)
2 35.175.156.69 14618 (AMAZON-AES)
3 151.101.130.132 54113 (FASTLY)
5 15.197.226.17 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 54.204.188.67 14618 (AMAZON-AES)
2 13.32.121.79 16509 (AMAZON-02)
4 2600:9000:26e... 16509 (AMAZON-02)
1 54.235.91.184 14618 (AMAZON-AES)
1 104.17.24.14 13335 (CLOUDFLAR...)
7 18.172.112.60 16509 (AMAZON-02)
2 2600:9000:20e... 16509 (AMAZON-02)
3 216.58.206.72 15169 (GOOGLE)
1 172.67.20.158 13335 (CLOUDFLAR...)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a04:4e42:8e::84 54113 (FASTLY)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 108.138.7.55 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
5 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:9000:21f... 16509 (AMAZON-02)
1 143.204.207.250 16509 (AMAZON-02)
1 13.32.27.28 16509 (AMAZON-02)
5 104.126.37.129 20940 (AKAMAI-ASN1)
1 23.215.22.232 16625 (AKAMAI-AS)
1 2600:9000:236... 16509 (AMAZON-02)
2 146.75.121.230 54113 (FASTLY)
1 2001:4860:480... 15169 (GOOGLE)
1 18.172.103.101 16509 (AMAZON-02)
1 52.86.11.20 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
3 143.204.215.90 16509 (AMAZON-02)
3 34.36.178.232 396982 (GOOGLE-CL...)
3 151.101.192.84 54113 (FASTLY)
1 34.234.6.154 14618 (AMAZON-AES)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
1 2 142.250.184.198 15169 (GOOGLE)
5 35.190.43.134 15169 (GOOGLE)
1 2600:9000:272... 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 157.240.252.13 32934 (FACEBOOK)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 2 178.250.1.9 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
1 18.172.112.82 16509 (AMAZON-02)
1 52.87.59.181 14618 (AMAZON-AES)
1 20.40.202.0 8075 (MICROSOFT...)
1 35.156.226.249 16509 (AMAZON-02)
1 172.217.16.211 15169 (GOOGLE)
1 54.210.74.8 14618 (AMAZON-AES)
2 104.18.43.135 13335 (CLOUDFLAR...)
1 104.18.39.221 13335 (CLOUDFLAR...)
1 3.220.94.22 14618 (AMAZON-AES)
1 2.19.216.231 16625 (AKAMAI-AS)
1 142.250.185.226 15169 (GOOGLE)
1 35.214.149.91 15169 (GOOGLE)
2 3 37.252.172.123 29990 (ASN-APPNEX)
1 2.19.216.27 16625 (AKAMAI-AS)
1 69.173.144.138 26667 (RUBICONPR...)
1 81.17.55.172 60781 (LEASEWEB-...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 2.19.217.101 16625 (AKAMAI-AS)
1 76.223.111.18 16509 (AMAZON-02)
1 23.48.23.22 20940 (AKAMAI-ASN1)
1 3 37.157.6.233 198622 (ADFORM)
1 185.255.84.153 200271 (IGUANE-)
1 2 104.18.36.155 13335 (CLOUDFLAR...)
1 2 52.17.32.208 16509 (AMAZON-02)
1 162.19.138.83 16276 (OVH)
1 54.217.116.3 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 18.197.235.123 16509 (AMAZON-02)
1 34.238.18.43 14618 (AMAZON-AES)
1 64.202.112.223 22075 (AS-OUTBRAIN)
1 198.47.127.205 62713 (AS-PUBMATIC)
1 35.156.148.181 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 85.215.5.31 6786 (CRONON-BE...)
1 184.30.17.243 16625 (AKAMAI-AS)
1 54.229.129.177 16509 (AMAZON-02)
1 52.59.89.164 16509 (AMAZON-02)
1 3.33.220.150 16509 (AMAZON-02)
1 142.250.186.110 15169 (GOOGLE)
1 1 151.101.66.132 54113 (FASTLY)
1 35.241.45.82 15169 (GOOGLE)
1 2620:100:a001... 19750 (AS-CRITEO)
4 34.29.182.184 396982 (GOOGLE-CL...)
241 100
Apex Domain
Subdomains
Transfer
55 lovesac.com
www.lovesac.com — Cisco Umbrella Rank: 394851
j730.lovesac.com — Cisco Umbrella Rank: 438100
share.lovesac.com — Cisco Umbrella Rank: 704666
3 MB
12 klevu.com
js.klevu.com — Cisco Umbrella Rank: 17286
196 KB
11 securiti.ai
cdn-prod.securiti.ai — Cisco Umbrella Rank: 22711
app.securiti.ai — Cisco Umbrella Rank: 37853
167 KB
10 abtasty.com
try.abtasty.com — Cisco Umbrella Rank: 7733
dcinfos-cache.abtasty.com — Cisco Umbrella Rank: 10721
ariane.abtasty.com — Cisco Umbrella Rank: 9632
66 KB
7 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1014
p.typekit.net — Cisco Umbrella Rank: 1457
92 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 99
region1.google-analytics.com — Cisco Umbrella Rank: 1879
21 KB
6 lightboxcdn.com
www.lightboxcdn.com — Cisco Umbrella Rank: 7393
api.lightboxcdn.com — Cisco Umbrella Rank: 8919
146 KB
6 gladly.com
cdn.gladly.com — Cisco Umbrella Rank: 12588
102 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 984
tr6.snapchat.com — Cisco Umbrella Rank: 1424
787 B
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 646
sslwidget.criteo.com — Cisco Umbrella Rank: 2722
widget.us.criteo.com — Cisco Umbrella Rank: 27204
dis.criteo.com — Cisco Umbrella Rank: 1029
9 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 849
155 KB
5 attn.tv
cdn.attn.tv — Cisco Umbrella Rank: 5062
lovesac.attn.tv
48 KB
5 quantummetric.com
cdn.quantummetric.com — Cisco Umbrella Rank: 2784
ingest.quantummetric.com — Cisco Umbrella Rank: 3595
77 KB
5 bazaarvoice.com
apps.bazaarvoice.com — Cisco Umbrella Rank: 3865
network-a.bazaarvoice.com — Cisco Umbrella Rank: 5687
50 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
479 KB
4 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 1184
5 KB
4 pixlee.com
assets.pixlee.com — Cisco Umbrella Rank: 22661
photos.pixlee.com — Cisco Umbrella Rank: 43172
42 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1334
59 KB
3 adform.net
cm.adform.net — Cisco Umbrella Rank: 1599
c1.adform.net — Cisco Umbrella Rank: 965
1 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 365
3 KB
3 boomtrain.com
cdn.boomtrain.com — Cisco Umbrella Rank: 7694
people.api.boomtrain.com — Cisco Umbrella Rank: 8295
events.api.boomtrain.com — Cisco Umbrella Rank: 9196
30 KB
3 doubleclick.net
13921035.fls.doubleclick.net — Cisco Umbrella Rank: 660295
cm.g.doubleclick.net — Cisco Umbrella Rank: 349
1 KB
3 xtlo.net
origin.xtlo.net — Cisco Umbrella Rank: 48991
31 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 248
73 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 623
14 KB
3 pixlee.co
photos.pixlee.co — Cisco Umbrella Rank: 19493
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 316
1 KB
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 2824
1 KB
2 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 2522
insight.adsrvr.org — Cisco Umbrella Rank: 985
4 KB
2 safevisit.online
safevisit.online — Cisco Umbrella Rank: 22005
ghs4.safevisit.online — Cisco Umbrella Rank: 29452
2 KB
2 medallia.com
resources.digital-cloud-west.medallia.com — Cisco Umbrella Rank: 5028
86 KB
2 mplat-ppcprotect.com
client.prod.mplat-ppcprotect.com — Cisco Umbrella Rank: 28374
click.prod.mplat-ppcprotect.com — Cisco Umbrella Rank: 30321
28 KB
2 sundaysky.com
cdn1-res.sundaysky.com — Cisco Umbrella Rank: 49818
s-vop.sundaysky.com — Cisco Umbrella Rank: 27977
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 919
csm.va.us.criteo.net — Cisco Umbrella Rank: 3111
16 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1359
20 KB
2 mczbf.com
www.mczbf.com — Cisco Umbrella Rank: 6925
14 KB
2 noibu.com
cdn.noibu.com — Cisco Umbrella Rank: 18387
66 KB
2 blueconic.net
lovesac.blueconic.net
2 KB
2 syfpos.com
pdpone.syfpos.com — Cisco Umbrella Rank: 121245
70 KB
2 ksearchnet.com
visitor.service.ksearchnet.com — Cisco Umbrella Rank: 22094
466 B
2 scene7.com
s7d4.scene7.com — Cisco Umbrella Rank: 66628
24 MB
2 usablenet.com
lovesac.usablenet.com — Cisco Umbrella Rank: 745810
1 KB
1 kampyle.com
udc-neb.kampyle.com — Cisco Umbrella Rank: 3811
318 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 3295
44 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3805
38 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 5015
235 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 25379
153 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3636
400 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 827
35 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 1495
225 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 1397
218 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1652
422 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 2134
878 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 11188
265 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 1013
199 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 732
1 KB
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1119
342 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 1349
319 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 751
140 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 3468
163 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 2272
99 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1020
163 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 641
239 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 1135
812 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 644
235 B
1 attentivemobile.com
events.attentivemobile.com — Cisco Umbrella Rank: 4786
1 rkdms.com
track.sv.rkdms.com — Cisco Umbrella Rank: 12685
24 KB
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 947
507 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
274 B
1 adxcel-ec2.com
data.adxcel-ec2.com — Cisco Umbrella Rank: 8559
131 B
1 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 1471
1 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2195
1 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1104
19 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 381
23 KB
1 adobedtm.com
commerce.adobedtm.com — Cisco Umbrella Rank: 57140
8 KB
1 pxlecdn.com
assets.pxlecdn.com — Cisco Umbrella Rank: 28428
131 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1847
7 KB
0 syfpayments.com Failed
widgets.syfpayments.com Failed
241 78
Domain Requested by
37 www.lovesac.com www.lovesac.com
15 j730.lovesac.com www.lovesac.com
j730.lovesac.com
cdn.noibu.com
12 js.klevu.com www.lovesac.com
js.klevu.com
7 try.abtasty.com www.lovesac.com
try.abtasty.com
cdn.noibu.com
6 cdn.gladly.com 1 redirects www.lovesac.com
cdn.gladly.com
6 cdn-prod.securiti.ai www.lovesac.com
cdn-prod.securiti.ai
cdn.quantummetric.com
6 use.typekit.net www.lovesac.com
use.typekit.net
5 analytics.tiktok.com www.lovesac.com
analytics.tiktok.com
5 www.lightboxcdn.com www.googletagmanager.com
www.lovesac.com
www.lightboxcdn.com
5 app.securiti.ai cdn-prod.securiti.ai
cdn.noibu.com
5 www.googletagmanager.com www.lovesac.com
www.googletagmanager.com
4 ingest.quantummetric.com cdn.noibu.com
4 tr.snapchat.com sc-static.net
4 ct.pinterest.com cdn.noibu.com
s.pinimg.com
4 www.google-analytics.com www.googletagmanager.com
cdn.noibu.com
www.lovesac.com
4 apps.bazaarvoice.com www.googletagmanager.com
apps.bazaarvoice.com
4 unpkg.com 2 redirects www.lovesac.com
3 ib.adnxs.com 2 redirects
3 origin.xtlo.net share.lovesac.com
origin.xtlo.net
cdn.quantummetric.com
3 cdn.attn.tv www.googletagmanager.com
cdn.attn.tv
3 connect.facebook.net www.lovesac.com
connect.facebook.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.lovesac.com
3 share.lovesac.com www.lovesac.com
cdn.noibu.com
3 photos.pixlee.co assets.pxlecdn.com
assets.pixlee.com
3 assets.pixlee.com assets.pxlecdn.com
www.lovesac.com
www.googletagmanager.com
2 c1.adform.net 1 redirects
2 dpm.demdex.net 1 redirects
2 r.casalemedia.com 1 redirects
2 lovesac.attn.tv cdn.noibu.com
2 region1.google-analytics.com www.googletagmanager.com
2 13921035.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 gum.criteo.com 1 redirects static.criteo.net
2 ariane.abtasty.com cdn.noibu.com
2 resources.digital-cloud-west.medallia.com www.googletagmanager.com
resources.digital-cloud-west.medallia.com
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 www.mczbf.com www.lovesac.com
cdn.noibu.com
2 cdn.noibu.com www.googletagmanager.com
cdn.noibu.com
2 lovesac.blueconic.net j730.lovesac.com
2 pdpone.syfpos.com www.lovesac.com
pdpone.syfpos.com
2 visitor.service.ksearchnet.com js.klevu.com
2 s7d4.scene7.com www.lovesac.com
2 lovesac.usablenet.com www.lovesac.com
lovesac.usablenet.com
1 csm.va.us.criteo.net
1 udc-neb.kampyle.com
1 photos.pixlee.com 1 redirects
1 insight.adsrvr.org js.adsrvr.org
1 e1.emxdgt.com
1 sync-criteo.ads.yieldmo.com
1 ad.yieldlab.net
1 a.twiago.com
1 criteo-partners.tremorhub.com
1 match.sharethrough.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 jadserve.postrelease.com
1 exchange.mediavine.com
1 matching.ivitrack.com
1 ad.360yield.com
1 id5-sync.com
1 visitor.omnitagjs.com
1 cm.adform.net
1 hb.yahoo.net
1 eb2.3lift.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 pixel.rubiconproject.com
1 contextual.media.net
1 dis.criteo.com
1 x.bidswitch.net
1 cm.g.doubleclick.net
1 events.api.boomtrain.com cdn.noibu.com
1 events.attentivemobile.com cdn.attn.tv
1 track.sv.rkdms.com safevisit.online
1 ghs4.safevisit.online safevisit.online
1 aa.agkn.com safevisit.online
1 api.lightboxcdn.com www.lightboxcdn.com
1 people.api.boomtrain.com cdn.noibu.com
1 tr6.snapchat.com sc-static.net
1 cdn.boomtrain.com www.lovesac.com
1 widget.us.criteo.com www.lovesac.com
1 sslwidget.criteo.com 1 redirects
1 www.facebook.com www.lovesac.com
1 click.prod.mplat-ppcprotect.com cdn.noibu.com
1 s-vop.sundaysky.com www.lovesac.com
1 dcinfos-cache.abtasty.com cdn.noibu.com
1 data.adxcel-ec2.com www.lovesac.com
1 js.adsrvr.org www.googletagmanager.com
1 safevisit.online www.googletagmanager.com
1 client.prod.mplat-ppcprotect.com www.lovesac.com
1 servedby.flashtalking.com www.googletagmanager.com
1 live.rezync.com www.lovesac.com
1 sc-static.net www.lovesac.com
1 cdn1-res.sundaysky.com www.googletagmanager.com
1 static.criteo.net www.googletagmanager.com
1 cdn.quantummetric.com www.googletagmanager.com
1 cdnjs.cloudflare.com www.lovesac.com
1 network-a.bazaarvoice.com www.lovesac.com
1 commerce.adobedtm.com www.lovesac.com
1 assets.pxlecdn.com www.lovesac.com
1 maxcdn.bootstrapcdn.com www.lovesac.com
1 p.typekit.net use.typekit.net
0 widgets.syfpayments.com Failed pdpone.syfpos.com
241 103
Subject Issuer Validity Valid
lovesac.com
R3
2024-03-20 -
2024-06-18
3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-01 -
2025-03-03
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.usablenet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-13 -
2024-12-13
a year crt.sh
j730.lovesac.com
Amazon RSA 2048 M02
2023-07-24 -
2024-08-21
a year crt.sh
*.klevu.com
Sectigo RSA Organization Validation Secure Server CA
2023-05-09 -
2024-05-18
a year crt.sh
app.securiti.ai
Amazon RSA 2048 M03
2024-03-18 -
2025-04-15
a year crt.sh
*.scene7.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-11 -
2024-11-13
a year crt.sh
*.service.ksearchnet.com
Amazon RSA 2048 M01
2023-07-28 -
2024-08-25
a year crt.sh
apply.syf.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-02 -
2024-06-06
8 months crt.sh
bootstrapcdn.com
GTS CA 1P5
2024-03-27 -
2024-06-25
3 months crt.sh
*.pxlecdn.com
R3
2024-03-23 -
2024-06-21
3 months crt.sh
*.blueconic.net
Amazon RSA 2048 M01
2023-06-08 -
2024-07-06
a year crt.sh
gladly.com
Amazon RSA 2048 M02
2023-07-19 -
2024-08-15
a year crt.sh
*.pixlee.com
R3
2024-03-23 -
2024-06-21
3 months crt.sh
*.pixlee.co
R3
2024-03-23 -
2024-06-21
3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-11 -
2024-08-10
a year crt.sh
share.lovesac.com
R3
2024-02-27 -
2024-05-27
3 months crt.sh
cdn.noibu.com
Amazon RSA 2048 M02
2024-03-08 -
2025-04-05
a year crt.sh
*.bazaarvoice.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-04-05 -
2025-05-06
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.abtasty.com
Amazon RSA 2048 M02
2023-08-30 -
2024-09-27
a year crt.sh
www.mczbf.com
Amazon RSA 2048 M01
2023-05-21 -
2024-06-18
a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01
2024-04-09 -
2024-06-27
3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-31 -
2024-08-07
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-17 -
2024-05-17
3 months crt.sh
*.sundaysky.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-06-11 -
2024-07-11
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-01-18 -
2024-04-17
3 months crt.sh
lightboxcdn.com
Cloudflare Inc ECC CA-3
2023-10-09 -
2024-10-08
a year crt.sh
*.attn.tv
Amazon RSA 2048 M01
2023-05-02 -
2024-05-29
a year crt.sh
sc-static.net
Amazon RSA 2048 M03
2023-12-21 -
2025-01-18
a year crt.sh
*.rezync.com
Amazon RSA 2048 M02
2023-10-25 -
2024-11-21
a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018
2023-07-14 -
2024-08-13
a year crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1
2023-09-14 -
2024-09-14
a year crt.sh
*.prod.mplat-ppcprotect.com
Amazon RSA 2048 M01
2023-09-21 -
2024-10-19
a year crt.sh
*.digital-cloud-west.medallia.com
SSL.com RSA SSL subCA
2023-11-01 -
2024-12-01
a year crt.sh
safevisit.online
GTS CA 1D4
2024-02-16 -
2024-05-16
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
adxcel-ec2.com
Amazon RSA 2048 M01
2023-09-18 -
2024-10-17
a year crt.sh
media.extole.com
Amazon RSA 2048 M01
2023-06-21 -
2024-07-19
a year crt.sh
uc-info.abtasty.com
GTS CA 1D4
2024-03-19 -
2024-06-17
3 months crt.sh
ariane.abtasty.com
GTS CA 1D4
2024-04-05 -
2024-07-04
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-08 -
2024-05-07
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-21 -
2025-02-20
a year crt.sh
*.boomtrain.com
Amazon RSA 2048 M02
2024-01-10 -
2025-02-07
a year crt.sh
*.api.boomtrain.com
Amazon RSA 2048 M03
2023-09-16 -
2024-10-14
a year crt.sh
api.lightboxcdn.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-12-11 -
2024-06-11
6 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-09-07 -
2024-09-29
a year crt.sh
ghs4.safevisit.online
GTS CA 1D4
2024-03-06 -
2024-06-04
3 months crt.sh
securedvisit.com
Amazon RSA 2048 M03
2023-08-16 -
2024-09-13
a year crt.sh
attn.tv
Cloudflare Inc ECC CA-3
2024-01-30 -
2024-12-31
a year crt.sh
attentivemobile.com
Cloudflare Inc ECC CA-3
2024-01-30 -
2024-12-31
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-03-14 -
2024-06-06
3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-12-21 -
2024-12-21
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-03-04 -
2025-04-03
a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-17 -
2025-01-16
a year crt.sh
*.taboola.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2023-10-23 -
2024-11-22
a year crt.sh
teads.tv
R3
2024-04-08 -
2024-07-07
3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02
2024-03-13 -
2025-04-11
a year crt.sh
hb.yahoo.net
R3
2024-03-02 -
2024-05-31
3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-25 -
2024-06-18
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2023-06-23 -
2024-07-22
a year crt.sh
*.id5-sync.com
R3
2024-03-01 -
2024-05-30
3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01
2023-05-29 -
2024-06-26
a year crt.sh
itm.ivitrack.com
R3
2024-02-12 -
2024-05-12
3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02
2023-06-06 -
2024-07-04
a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02
2023-10-27 -
2024-11-23
a year crt.sh
*.outbrain.com
Thawte TLS RSA CA G1
2023-11-20 -
2024-11-27
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M03
2024-01-24 -
2025-02-21
a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-07 -
2025-01-06
a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1
2023-09-17 -
2024-09-17
a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M03
2024-03-04 -
2025-04-03
a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M03
2024-04-02 -
2025-05-01
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh
*.kampyle.com
SSL.com RSA SSL subCA
2023-11-07 -
2024-12-07
a year crt.sh
*.va.us.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-03-29 -
2024-06-21
3 months crt.sh
*.quantummetric.com
Sectigo RSA Domain Validation Secure Server CA
2024-01-19 -
2025-02-13
a year crt.sh

This page contains 14 frames:

Primary Page: https://www.lovesac.com/
Frame ID: 2A98CA0E92F442051A16EC1804731E48
Requests: 188 HTTP requests in this frame

Frame: https://lovesac.usablenet.com/pt/switch
Frame ID: A9EF891C71549C958C9968F62D91CE3E
Requests: 1 HTTP requests in this frame

Frame: https://photos.pixlee.co/lightbox?widget_id=14340968&api_key=aRYy5lobd2NfbBklJtqr&parent_url=https%3A%2F%2Fwww.lovesac.com%2F
Frame ID: DDA25570B26A523EBB25F8BC94963937
Requests: 1 HTTP requests in this frame

Frame: https://photos.pixlee.co/widget?widget_id=14340968&api_key=aRYy5lobd2NfbBklJtqr&parent_url=https%3A%2F%2Fwww.lovesac.com%2F
Frame ID: 8DE54C5E744376C9E871E09FE6F423D0
Requests: 1 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/26402;132266;14656;iframe/?spotName=Homepage&cachebuster=751347.461772713
Frame ID: 33D98C7772FFCEDB9BE718F697B40795
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.lovesac.com&origin=onetag
Frame ID: 23559B0C3C0F11A4CBDE11F495E60B2C
Requests: 1 HTTP requests in this frame

Frame: https://13921035.fls.doubleclick.net/activityi;dc_pre=CPfXisHHtoUDFU8ABgAdM7gKdw;src=13921035;type=gener0;cat=loves0;ord=1301486407836;npa=1;auiddc=136348060.1712714714;u13=%2F;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4480z8831672054za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.lovesac.com%2F
Frame ID: 629BB7BBA2DD865863501E7623BC1CBE
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=5e62c523-2e57-4111-add1-f0fa31111bd2&u_scsid=99833b26-fcfb-4f24-acd4-bdd70577576a&u_sclid=d3a6ff11-2fb8-4ebd-9cc3-d16f41292724
Frame ID: A8F44D1218CA869D0F7114549F98E63A
Requests: 1 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/dd608e6d-75ec-4b01-990d-b4a448031a5e/lightbox.js?mb=1712714714520&lv=1
Frame ID: 6CF6B681ACAAE9838EEAC6B80C5E21EB
Requests: 2 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 5B5BA6CBF94FA45589DEE8B523723717
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-KwfoeDwL7k3hm7rctRHGPMC9UOZbMNw8IQcTCg&google_cm&google_hm=ay1Ld2ZvZUR3TDdrM2htN3JjdFJIR1BNQzlVT1piTU53OElRY1RDZw
Frame ID: 1D82C5A8629D9D689AC17870229E1BE7
Requests: 29 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=zse13w5&ref=https%3A%2F%2Fwww.lovesac.com%2F&upid=f5dihhn&upv=1.1.0&orderid=false&td1=&td2=0&td3=false&td4=false&td5=false&td6=false&td7=false&td8=undefined&td9=undefined&td10=undefined&v=false&vf=USD
Frame ID: 61AEA52547BB42116A501EF73C023F92
Requests: 1 HTTP requests in this frame

Frame: https://photos.pixlee.co/getDUH
Frame ID: B0AA8991BDB6663BC90C2325E09B66DC
Requests: 1 HTTP requests in this frame

Frame: https://cdn-prod.securiti.ai/consent/cookie-consent-latest.css
Frame ID: D80E5E2F059747F41228B9A39F74A3C2
Requests: 6 HTTP requests in this frame

Screenshot

Page Title

Lovesac - Modern Furniture | Modular Sectionals & Bean Bag Chairs

Page URL History Show full URLs

  1. http://www.lovesac.com/ HTTP 307
    https://www.lovesac.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.klevu\.\w+/klevu-js-v([\d.]+)

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • require.*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • \.usablenet\.com/pt/

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

241
Requests

96 %
HTTPS

25 %
IPv6

78
Domains

103
Subdomains

100
IPs

8
Countries

29372 kB
Transfer

57246 kB
Size

113
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.lovesac.com/ HTTP 307
    https://www.lovesac.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://cdn.gladly.com/chat-sdk/widget.js?q=1712714712659 HTTP 301
  • https://cdn.gladly.com/assets/chat-sdk/bundle~437bb4e84e0820006a45.js
Request Chain 49
  • https://unpkg.com/@adobe/magento-storefront-events-sdk@%5E1/dist/index.js HTTP 302
  • https://unpkg.com/@adobe/magento-storefront-events-sdk@1.8.0/dist/index.js
Request Chain 73
  • https://unpkg.com/@adobe/magento-storefront-event-collector@%5E1/dist/index.js HTTP 302
  • https://unpkg.com/@adobe/magento-storefront-event-collector@1.8.0/dist/index.js
Request Chain 150
  • https://13921035.fls.doubleclick.net/activityi;src=13921035;type=gener0;cat=loves0;ord=1301486407836;npa=1;auiddc=136348060.1712714714;u13=%2F;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4480z8831672054za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.lovesac.com%2F HTTP 302
  • https://13921035.fls.doubleclick.net/activityi;dc_pre=CPfXisHHtoUDFU8ABgAdM7gKdw;src=13921035;type=gener0;cat=loves0;ord=1301486407836;npa=1;auiddc=136348060.1712714714;u13=%2F;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4480z8831672054za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.lovesac.com%2F
Request Chain 158
  • https://sslwidget.criteo.com/event?a=45255&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=nkAilF9BdlhURHZUa3ExQlVoMWdpNHNvNGlIQk8lMkIyN0lHR0N4bFVXT0E5bnlERFdEUkFUWWdHc3Y5aGloWUFDMHNKcyUyQkZCcHJ3Q0NKZnIzUmFocUEwTEFoSVY4NUVPNDZIZEt3R0lsU2ZqUlBJR3lxV2VUMDJqTENaeTNhdnFGVjFRNEdTeTlUNjklMkZqb3gxU3lQaUI2N2FYbkElM0QlM0Q&tld=lovesac.com&fu=https%253A%252F%252Fwww.lovesac.com%252F&ceid=6f25325b-cb83-4d65-9a0d-a4cf46151c3e&dtycbr=26807 HTTP 302
  • https://widget.us.criteo.com/event?a=45255&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=nkAilF9BdlhURHZUa3ExQlVoMWdpNHNvNGlIQk8lMkIyN0lHR0N4bFVXT0E5bnlERFdEUkFUWWdHc3Y5aGloWUFDMHNKcyUyQkZCcHJ3Q0NKZnIzUmFocUEwTEFoSVY4NUVPNDZIZEt3R0lsU2ZqUlBJR3lxV2VUMDJqTENaeTNhdnFGVjFRNEdTeTlUNjklMkZqb3gxU3lQaUI2N2FYbkElM0QlM0Q&tld=lovesac.com&fu=https%253A%252F%252Fwww.lovesac.com%252F&ceid=6f25325b-cb83-4d65-9a0d-a4cf46151c3e&dtycbr=26807
Request Chain 200
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4911237510449773568
Request Chain 210
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-FgcL6zwL7k3hm7rctRHGPMC9UOatBtdCvBbvKA HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-FgcL6zwL7k3hm7rctRHGPMC9UOatBtdCvBbvKA&C=1
Request Chain 211
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=PqgNQWzAgao-Y22c0jndWC2gDfwEowWW HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=PqgNQWzAgao-Y22c0jndWC2gDfwEowWW
Request Chain 225
  • https://c1.adform.net/serving/cookie/match?party=10015&cid=k-JxKNTjwL7k3hm7rctRHGPMC9UOZe-7Giim-5NA HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10015&cid=k-JxKNTjwL7k3hm7rctRHGPMC9UOZe-7Giim-5NA
Request Chain 230
  • https://photos.pixlee.com/getDUH HTTP 301
  • https://photos.pixlee.co/getDUH

241 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.lovesac.com/
Redirect Chain
  • http://www.lovesac.com/
  • https://www.lovesac.com/
295 KB
53 KB
Document
General
Full URL
https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1e24e3264d2d702b3fd7d018c228e4f380b129b471658e75ce096e87c49c8eca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
65086
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-length
46531
content-security-policy-report-only
font-src fonts.gstatic.com use.typekit.net *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com *.typekit.net gateway.foresee.com *.xtlo.net *.digitalsurgeons.cloud *.klevu.com *.ksearchnet.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.syfpos.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ www.googletagmanager.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.affirm.com *.affirm.ca c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.yotpo.com www.xtento.com syf.demdex.net *.syfpos.com *.syf.com *.weltpixel.com https://*.online-metrix.net https://imgs.signifyd.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net *.googleapis.com *.gstatic.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de static-eu.payments-amazon.com *.affirm.com *.affirm.ca www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com www.xtento.com cdn.xtento.com * blob: *.syfpos.com *.syf.com analytics.synchrony.com *.d1.sc.omtrdc.net maps.googleapis.com maps.gstatic.com *.klevu.com *.ksearchnet.com https://imgs.signifyd.com https://*.online-metrix.net data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com unpkg.com/@adobe/ cdn.jsdelivr.net/npm/@adobe/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com *.magento-ds.com *.googleapis.com *.gstatic.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com www.xtento.com cdn.xtento.com *.lovesac.com lovesac.com *.threekit.com *.lovesac.pages.dev lovesac.usablenet.com cdn.gladly.qa cdn.gladly.com assets.pixlee.com assets.pxlecdn.com cdnjs.cloudflare.com *.securiti.ai lovesac.blueconic.net *.scene7.com *.abtasty.com *.digitalsurgeons.cloud *.wufoo.com cdn.noibu.com *.bazaarvoice.com cdn.quantummetric.com www.mczbf.com bat.bing.com *.criteo.net *.criteo.com *.sundaysky.com connect.facebook.net www.lightboxcdn.com sc-static.net analytics.tiktok.com *.xtlo.net live.rezync.com *.mplat-ppcprotect.com *.medallia.com tr.snapchat.com *.boomtrain.com lightboxapi.azurewebsites.net safevisit.online track.securedvisit.com *.rkdms.com *.agkn.com sts.eccmp.com gateway.foresee.com mpsnare.iesnare.com *.syfpos.com analytics.synchrony.com *.mysynchrony.com maps.googleapis.com get.geojs.io js.klevu.com *.ksearchnet.com https://www.googletagmanager.com tagmanager.google.com https://knowledgetags.yextpages.net https://cdn-scripts.signifyd.com https://imgs.signifyd.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net unsafe-inline assets.braintreegateway.com maxcdn.bootstrapcdn.com *.yotpo.com *.typekit.net *.securiti.ai www.lightboxcdn.com gateway.foresee.com *.xtlo.net *.digitalsurgeons.cloud *.bazaarvoice.com *.syfpos.com *.klevu.com *.ksearchnet.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.scene7.com *.digitalsurgeons.cloud 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com data: *.threekit.com *.gladly.qa *.gladly.com *.securiti.ai lovesac.blueconic.net *.abtasty.com *.lovesac.com wss://input.noibu.com/ *.bazaarvoice.com *.mplat-ppcprotect.com analytics.tiktok.com tr.snapchat.com *.boomtrain.com *.xtlo.net *.criteo.com *.quantummetric.com *.pixlee.com bat.bing.com sts.eccmp.com analytics.foresee.com conversions.lunio.ai www.mczbf.com *.doubleclick.net analytics.pangle-ads.com *.4seeresults.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net maps.googleapis.com *.klevu.com *.ksearchnet.com https://www.google-analytics.com https://imgs.signifyd.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Wed, 10 Apr 2024 02:05:11 GMT
expires
Wed, 10 Apr 2024 08:00:25 GMT
pragma
cache
strict-transport-security
max-age=31536000
traceresponse
00-17c48dc2896a7adfebe8dcf21769d2cb-29eefa5dd888c129-01
vary
Accept-Encoding,Cookie
x-cache
HIT, HIT
x-cache-hits
12, 0
x-content-type-options
nosniff
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-frame-options
SAMEORIGIN
x-platform-server
i-06302f69d529ac69f i-06302f69d529ac69f
x-robots-tag
index, follow
x-served-by
cache-bfi-kbfi7400070-BFI, cache-fra-eddf8230114-FRA
x-xss-protection
1; mode=block

Redirect headers

Location
https://www.lovesac.com/
Non-Authoritative-Reason
HttpsUpgrades
Luma-Icons.woff2
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/fonts/
3 KB
3 KB
Font
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/fonts/Luma-Icons.woff2
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
811c13b5ffa267fe2b53adbf1d40cc42ee7cffa7374297297159d629051fcefa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
Origin
https://www.lovesac.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:11 GMT
strict-transport-security
max-age=31536000
x-platform-server
i-06302f69d529ac69f, i-06302f69d529ac69f
age
575508
traceresponse
00-17c2bd88d0c22312d1ff6be0e9f14aeb-fc93457b3ff7bc27-01
x-cache
HIT, HIT
content-length
3272
x-served-by
cache-bfi-kbfi7400105-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:08:50 GMT
etag
"660d2ab2-cc8"
vary
Accept-Encoding
content-type
font/woff2
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
7, 0
pee8cij.css
use.typekit.net/
5 KB
1 KB
Stylesheet
General
Full URL
https://use.typekit.net/pee8cij.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
aaa90a1bad6673f52e385fb165afc4796ed90cc8725fc04f3e6de47c7b60fc8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 10 Apr 2024 02:05:12 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
832
bundle-common.js
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/magepack/
754 KB
217 KB
Script
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/magepack/bundle-common.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4cdc51b133f652b99fe6fedf32177bf3025bd63d0fc1156c6ddaad8827ccbba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-0088a7e5f8b0de634, i-0088a7e5f8b0de634
age
575507
traceresponse
00-17c2bd88d19f3ef986761be9bfc8028f-4bfd2dee624eafcf-01
x-cache
HIT, HIT
content-length
222211
x-served-by
cache-bfi-krnt7300029-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:10:07 GMT
etag
"660d2aff-36354"
vary
Accept-Encoding
content-type
application/javascript
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
7, 0
bundle-cms.js
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/magepack/
46 KB
12 KB
Script
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/magepack/bundle-cms.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
49b1d77700bd94f37e38f438267753cc2ebec887a889fb1b5ef687d12bb09ef8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-0088a7e5f8b0de634, i-0088a7e5f8b0de634
age
421568
traceresponse
00-17c2bd891766dc86aaf7f37ae5fd1f80-987ef644243dd1c9-01
x-cache
HIT, HIT
content-length
11827
x-served-by
cache-bfi-kbfi7400082-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:10:07 GMT
etag
"660d2aff-2e2e"
vary
Accept-Encoding
content-type
application/javascript
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
33, 0
gtm.js
www.googletagmanager.com/
506 KB
130 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b3041129f89cebe041390aed7e64e124afdb6d3070620a08b70469b4f23b978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133006
x-xss-protection
0
last-modified
Wed, 10 Apr 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Apr 2024 02:05:11 GMT
require.js
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/requirejs/
17 KB
7 KB
Script
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/requirejs/require.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80bc381fb95bf13c6da34766988d56756182811ad051f6dbc48ee5a7501bcd9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-06d8f9e5143926b77, i-06d8f9e5143926b77
age
575507
traceresponse
00-17c2bd88d15a6381ba6033075be1c9a1-032b2bbd0f339cda-01
x-cache
HIT, HIT
content-length
6658
x-served-by
cache-bfi-krnt7300041-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:09:01 GMT
etag
"660d2abd-1a1b"
vary
Accept-Encoding
content-type
application/javascript
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
7, 0
mixins.js
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/mage/requirejs/
1 KB
803 B
Script
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/mage/requirejs/mixins.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7529a233012acfc70172d4056e383acefe146ef1d4277e4cf0dc431a0a88300e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-0088a7e5f8b0de634, i-0088a7e5f8b0de634
age
575508
traceresponse
00-17c2bd88d1e108c81e017e2bf5b52bcc-d129d814812b2fd0-01
x-cache
HIT, HIT
content-length
645
x-served-by
cache-bfi-kbfi7400119-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:08:56 GMT
etag
"660d2ab8-28f"
vary
Accept-Encoding
content-type
application/javascript
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
7, 0
requirejs-config-common.js
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/magepack/
8 KB
2 KB
Script
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/magepack/requirejs-config-common.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db6ca6a5b8028f7453cd251643284c854570ae1f56870f3931b5e564f5c8a6f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-06d8f9e5143926b77, i-06d8f9e5143926b77
age
388883
traceresponse
00-17c2bd88d0affe9a1600b34c6e75025c-fd59522d17808326-01
x-cache
HIT, HIT
content-length
2188
x-served-by
cache-bfi-krnt7300066-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:10:07 GMT
etag
"660d2aff-8a7"
vary
Accept-Encoding
content-type
application/javascript
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
7, 0
requirejs-config-cms.js
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/magepack/
306 B
372 B
Script
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/magepack/requirejs-config-cms.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1881fff271bbc7bf282c41d2772a5e8150c594147f6b51db9680e4b8828f77e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-06d8f9e5143926b77, i-06d8f9e5143926b77
age
350525
traceresponse
00-17c2bd8917ce9d0438a593c8f84b8e76-388fa950f35e1b8a-01
x-cache
HIT, HIT
content-length
184
x-served-by
cache-bfi-kbfi7400060-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:10:07 GMT
etag
"660d2aff-d0"
vary
Accept-Encoding
content-type
application/javascript
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
34, 0
requirejs-config.js
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/
34 KB
7 KB
Script
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/requirejs-config.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0976e981656b1069fd8fedc798296b35ce87fc2d2df6b9fb99b8cc1fa8a2e84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-0088a7e5f8b0de634, i-0088a7e5f8b0de634
age
575507
traceresponse
00-17c2bd88cffe7683305d3491f4a04f98-e01d2bb7c10c2063-01
x-cache
HIT, HIT
content-length
6979
x-served-by
cache-bfi-krnt7300040-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:08:59 GMT
etag
"660d2abb-1b57"
vary
Accept-Encoding
content-type
application/javascript
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
7, 0
start
lovesac.usablenet.com/pt/
2 KB
1 KB
Script
General
Full URL
https://lovesac.usablenet.com/pt/start
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.47.214.218 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
da.d6.2fa9.ip4.static.sl-reverse.com
Software
/
Resource Hash
f25b5b2a64e817bce0e52bcac880692ddbe58be0715a9114b4102fb9a73e567b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600, public
content-encoding
gzip
date
Wed, 10 Apr 2024 02:05:11 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
script.js
j730.lovesac.com/
130 KB
40 KB
Script
General
Full URL
https://j730.lovesac.com/script.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-97.fra60.r.cloudfront.net
Software
- /
Resource Hash
549a7f74babc11e45af4e3ccff75b6107dbff2aca3de87e59738e54d5accede0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 01:58:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA60-P6
age
402
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
39898
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2024 01:54:17 GMT
server
-
etag
a3d0c4f47364a09a824deb1dca9c421f
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
nF-8PTnf8AQ0gQMq7gmHWWWXbP2vtDOA7YOBsAoHJugZIdUAzvMNZw==
expires
Wed, 10 Apr 2024 02:08:30 GMT
klevu.js
js.klevu.com/core/v2/
284 KB
55 KB
Script
General
Full URL
https://js.klevu.com/core/v2/klevu.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e9ab9978bb7db9d38632c334fa2c2032686ff95dde62dabd912b7b130b90ae

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:11 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3057
content-length
56475
last-modified
Tue, 09 Apr 2024 13:52:46 GMT
server
cloudflare
etag
"46fec-615aa3ca665eb-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
871f2ba1fe464dca-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
quick-search-theme.lazyload.js
js.klevu.com/theme/default/v2/
2 KB
965 B
Script
General
Full URL
https://js.klevu.com/theme/default/v2/quick-search-theme.lazyload.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f803cd3ad083b2dfc46f628f1a0fd79e37aaafb09cadb4eecf7a1cdc1186858

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:11 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2240
content-length
653
last-modified
Tue, 09 Apr 2024 13:59:12 GMT
server
cloudflare
etag
"7b3-615aa53a6f2a6-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
871f2ba1fe484dca-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
commerce.js
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US//BlueAcorn_Headless/
34 KB
12 KB
Script
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US//BlueAcorn_Headless/commerce.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d319cdc58687cd652ed4be1d855fdbc9d93076fb064ba9c52e541c572ace3b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
Origin
https://www.lovesac.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-06d8f9e5143926b77, i-06d8f9e5143926b77
age
421966
traceresponse
00-17c2bd88d1d0f922a8f348ac02a70941-96cd20e0b8a40702-01
x-cache
HIT, HIT
content-length
12039
x-served-by
cache-bfi-kbfi7400082-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:10:20 GMT
etag
"660d2b0c-2f04"
vary
Accept-Encoding
content-type
application/javascript
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
6, 0
gtm.js
www.googletagmanager.com/
337 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNGFJS5&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b739efae8ba64d9626c038af26e476b94ff08374bde827f5aaf638e66a4c52e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103292
x-xss-protection
0
last-modified
Wed, 10 Apr 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Apr 2024 02:05:12 GMT
p.css
p.typekit.net/
5 B
172 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=pee8cij&ht=tk&f=2003.2005.2007.2009.29422.29426&a=522117&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pee8cij.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://use.typekit.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
cookie-consent-sdk-loader.js
cdn-prod.securiti.ai/consent/
15 KB
6 KB
Script
General
Full URL
https://cdn-prod.securiti.ai/consent/cookie-consent-sdk-loader.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8000:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c5e422cf84c74ee31feff16c35e2f1ff00f6fd9c32a91a4e34f1a38e3237794
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
6HJqx_ZUZ2E7cglDVDvLWqmKXATHch7V
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding
gzip
date
Wed, 10 Apr 2024 01:21:20 GMT
via
1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
age
2635
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 08 Apr 2024 21:50:08 GMT
server
AmazonS3
etag
W/"55e2cef971666c14c8490a43b4dd3ea7"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-id
siBIm6Xe7SjcVnhyxFOr4Gnmhyd2Bb3u43PXbWsbTCGN22rDyLQs9Q==
calendar.css
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/mage/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/mage/calendar.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f05f9f5864c469739532a1186d109af408464da5d88d636ebf2f8470ab98784e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-0088a7e5f8b0de634, i-0088a7e5f8b0de634
age
565157
traceresponse
00-17c2bd88f342f9088969719e9f9df98f-8cb775f489f812db-01
x-cache
HIT, HIT
content-length
1136
x-served-by
cache-bfi-krnt7300037-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:08:58 GMT
etag
"660d2aba-47d"
vary
Accept-Encoding
content-type
text/css
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
6, 0
grid-m.css
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/BlueAcorn_CmsFramework/css/
23 KB
2 KB
Stylesheet
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/BlueAcorn_CmsFramework/css/grid-m.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
97cd023ca71864cb3cf4062710f7d73709cbcd952da41373ac610b3d3d8fb713
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-0088a7e5f8b0de634, i-0088a7e5f8b0de634
age
575508
traceresponse
00-17c2bd88f34af98a1ec8f78263f3c7c5-9273c0400c31d969-01
x-cache
HIT, HIT
content-length
2257
x-served-by
cache-bfi-krnt7300065-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:09:04 GMT
etag
"660d2ac0-8dc"
vary
Accept-Encoding
content-type
text/css
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
6, 0
styles-m.css
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/css/
2 MB
228 KB
Stylesheet
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/css/styles-m.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8b9e78ffb8f95338652eda3d07e0f5fd60a21c3899291e20ceca65e95b2490a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-06302f69d529ac69f, i-06302f69d529ac69f
age
575508
traceresponse
00-17c2bd88f34534dc0ef801364495f7cb-b6a135ec9246c827-01
x-cache
HIT, HIT
content-length
233448
x-served-by
cache-bfi-krnt7300119-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:09:20 GMT
etag
"660d2ad0-39140"
vary
Accept-Encoding
content-type
text/css
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
6, 0
tooltipster.min.css
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/Amasty_Label/vendor/tooltipster/css/
7 KB
1 KB
Stylesheet
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/Amasty_Label/vendor/tooltipster/css/tooltipster.min.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
25ba86f8d39eff073555bfe0a6dc306c98824ec2b4879f0496f0f4b0b98bb829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-06302f69d529ac69f, i-06302f69d529ac69f
age
575508
traceresponse
00-17c2bd88f29a85804667f66131b52f9d-972782dbd744f6da-01
x-cache
HIT, HIT
content-length
1198
x-served-by
cache-bfi-kbfi7400085-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:08:25 GMT
etag
"660d2a99-4c2"
vary
Accept-Encoding
content-type
text/css
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
6, 0
amslick.min.css
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/Amasty_Base/vendor/slick/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/Amasty_Base/vendor/slick/amslick.min.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e183c6eeb9a3d2e36bfec17059b9cb7293e607ef25b23b34de5c6acd188167f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-06d8f9e5143926b77, i-06d8f9e5143926b77
age
575508
traceresponse
00-17c2bd88f1ad5df780cf7039ba78f822-3123336fbd265e01-01
x-cache
HIT, HIT
content-length
1497
x-served-by
cache-bfi-krnt7300085-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:08:24 GMT
etag
"660d2a98-5e9"
vary
Accept-Encoding
content-type
text/css
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
6, 0
swiper.min.css
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/Amasty_LibSwiperJs/vendor/swiper/
17 KB
5 KB
Stylesheet
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/Amasty_LibSwiperJs/vendor/swiper/swiper.min.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
238c057dcc9299913cd9cda1011cc4395ca6343cd774aa69b36b7f5e2400a313
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-0088a7e5f8b0de634, i-0088a7e5f8b0de634
age
575508
traceresponse
00-17c2bd88f3b5fc05a0895465615bb728-537b39fd8b49ca81-01
x-cache
HIT, HIT
content-length
4790
x-served-by
cache-bfi-kbfi7400088-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:08:26 GMT
etag
"660d2a9a-12c5"
vary
Accept-Encoding
content-type
text/css
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
6, 0
chosen.min.css
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/Amasty_Storelocator/vendor/chosen/
10 KB
2 KB
Stylesheet
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/Amasty_Storelocator/vendor/chosen/chosen.min.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
107fc2ce0a096cd103fa0660ca6b30b083ab33d5e121b75227a1f0ae8d3d584e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-06302f69d529ac69f, i-06302f69d529ac69f
age
345477
traceresponse
00-17c2bd88f31c252788fac311362ff08d-85fb2ceaab8b1e9c-01
x-cache
HIT, HIT
content-length
2273
x-served-by
cache-bfi-kbfi7400032-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:08:27 GMT
etag
"660d2a9b-8f0"
vary
Accept-Encoding
content-type
text/css
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
6, 0
affirm-promo.css
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/Astound_Affirm/
153 B
378 B
Stylesheet
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/Astound_Affirm/affirm-promo.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6230be7f1c2df8467e61d16c515d9ed19f5cec072099729336e78be92ffffae0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-06d8f9e5143926b77, i-06d8f9e5143926b77
age
575508
traceresponse
00-17c2bd88f36a15cc366a3771a2be21e4-0497786fba989873-01
x-cache
HIT, HIT
content-length
133
x-served-by
cache-bfi-krnt7300033-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:09:05 GMT
etag
W/"660d2ac1-99"
vary
Accept-Encoding
content-type
text/css
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
6, 0
grid-l.css
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/BlueAcorn_CmsFramework/css/
69 KB
5 KB
Stylesheet
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/BlueAcorn_CmsFramework/css/grid-l.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f66c01dbba68ee08a0d37142cbc5e9c4ec584620f2a01a854bb3e8c40b8230c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-06d8f9e5143926b77, i-06d8f9e5143926b77
age
413245
traceresponse
00-17c2bd8900baa27c7f6607fda4f708e0-4822cde271b511c6-01
x-cache
HIT, HIT
content-length
5019
x-served-by
cache-bfi-kbfi7400094-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:09:04 GMT
etag
"660d2ac0-13a6"
vary
Accept-Encoding
content-type
text/css
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
6, 0
styles-l.css
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/css/
334 KB
52 KB
Stylesheet
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/css/styles-l.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b8773b0f5764baa0bb0439c2804cea2490af7b3a0af6ec57fb9498632eebcd08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-06302f69d529ac69f, i-06302f69d529ac69f
age
575508
traceresponse
00-17c2bd88f1c3a39fc7980ad147956a28-23d403de10e9ced8-01
x-cache
HIT, HIT
content-length
53178
x-served-by
cache-bfi-krnt7300073-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:09:10 GMT
etag
"660d2ac6-d019"
vary
Accept-Encoding
content-type
text/css
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
6, 0
print.css
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/css/
1 KB
780 B
Stylesheet
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/css/print.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bd158800d498620addc89b9f8294862d4952d97de4bd49e867e41a38f93505fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-0088a7e5f8b0de634, i-0088a7e5f8b0de634
age
132725
traceresponse
00-17c2bd88f31858cd621ea8088dd064e7-57a2065f110419c7-01
x-cache
HIT, HIT
content-length
552
x-served-by
cache-bfi-kbfi7400091-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:09:06 GMT
etag
"660d2ac2-232"
vary
Accept-Encoding
content-type
text/css
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
6, 0
sprites.svg
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/images/
385 KB
245 KB
Image
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/images/sprites.svg
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d0a8dc2e017e84488862a59ec3b0152346aac4df59e84439672ca1a6b90ef56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-0088a7e5f8b0de634, i-0088a7e5f8b0de634
age
575507
traceresponse
00-17c2bd891ad5b22a7a851bef2405bbbf-5272b028fd3983a6-01
x-cache
HIT, HIT
content-length
250166
x-served-by
cache-bfi-krnt7300051-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:08:50 GMT
etag
"660d2ab2-3d08d"
vary
Accept-Encoding
content-type
image/svg+xml
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
5, 0
Comfort_For_Our_Heroes_Extra5.jpg
www.lovesac.com/media/wysiwyg/
7 KB
7 KB
Image
General
Full URL
https://www.lovesac.com/media/wysiwyg/Comfort_For_Our_Heroes_Extra5.jpg
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c34504bb483557b88daa010179eae9ef09fb7bb95ce5dceefc2996097cc782c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
31, 0
date
Wed, 10 Apr 2024 02:05:12 GMT
strict-transport-security
max-age=31536000
x-platform-server
i-0088a7e5f8b0de634, i-0088a7e5f8b0de634
fastly-io-served-by
vpop-haf2300712
traceresponse
00-17c26998fa889ac55424ebf963383d2e-0fd312e18dd8ec27-01
age
667798
x-cache
HIT, HIT
fastly-io-info
ifsz=144597 idim=1824x274 ifmt=jpeg ofsz=7058 odim=1824x274 ofmt=webp
fastly-stats
io=1
content-length
7058
x-served-by
cache-bfi-krnt7300111-BFI, cache-fra-eddf8230114-FRA
etag
"8DoMCnNJzl0y6Jn+ZvP314Ks9jbIm0pFiMkzl0P13H4"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
x-debug-info
eyJyZXRyaWVzIjowfQ==
accept-ranges
bytes
x-robots-tag
index, follow
expires
Wed, 02 Apr 2025 08:35:14 GMT
Lovesac_Sacs_Bean_Bag_All_Sizes.png
www.lovesac.com/media/wysiwyg/
517 KB
518 KB
Image
General
Full URL
https://www.lovesac.com/media/wysiwyg/Lovesac_Sacs_Bean_Bag_All_Sizes.png
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ded4c55be62571e6bd26403102fed0dc116e337cd542bbd43cda78ba68d3ac20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
30, 0
date
Wed, 10 Apr 2024 02:05:12 GMT
strict-transport-security
max-age=31536000
x-platform-server
i-06302f69d529ac69f, i-06302f69d529ac69f
fastly-io-served-by
vpop-haf2300704
traceresponse
00-17c26999090e7e4d0d12c9e6d7c7617a-7f90ec05b58447c0-01
age
667797
x-cache
HIT, HIT
fastly-io-info
ifsz=838925 idim=962x447 ifmt=png ofsz=529324 odim=962x447 ofmt=webp
fastly-stats
io=1
content-length
529324
x-served-by
cache-bfi-krnt7300100-BFI, cache-fra-eddf8230114-FRA
etag
"NmcrAMQ0nNtRRKHN9pGhiCYxnas4hCfYtAs2n+TwaOA"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
x-debug-info
eyJyZXRyaWVzIjowfQ==
accept-ranges
bytes
x-robots-tag
index, follow
expires
Wed, 02 Apr 2025 08:35:14 GMT
l
use.typekit.net/af/e3ca36/00000000000000000000e805/27/
17 KB
17 KB
Font
General
Full URL
https://use.typekit.net/af/e3ca36/00000000000000000000e805/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pee8cij.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
97f752f1bdffe4e12de8fe349f77012495c8926f74f64874a3e740960b365977

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://use.typekit.net/pee8cij.css
Origin
https://www.lovesac.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
server
nginx
etag
"4577a8003f294766a3a783ec5fba19dc646ecf7c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17116
l
use.typekit.net/af/620bf8/00000000000000000000e7fe/27/
17 KB
17 KB
Font
General
Full URL
https://use.typekit.net/af/620bf8/00000000000000000000e7fe/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pee8cij.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6ca123db8c4e1ce21b2eec77f927c0563c64f04d8fc6c94aff8739eef4ebc9af

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://use.typekit.net/pee8cij.css
Origin
https://www.lovesac.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
server
nginx
etag
"b5e7c2e377d10b344b022d96a04daef295e61ac1"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17052
l
use.typekit.net/af/a28b50/00000000000000000000e803/27/
16 KB
17 KB
Font
General
Full URL
https://use.typekit.net/af/a28b50/00000000000000000000e803/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pee8cij.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
09244974d9decf20f9cd3402621e4844a454f3ae43cdf509538f43c0456ba6c4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://use.typekit.net/pee8cij.css
Origin
https://www.lovesac.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
server
nginx
etag
"a6c1fa20004e862da7c922781204c8a0ef8794a4"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16808
l
use.typekit.net/af/ee2b06/00000000000000003b9ae133/27/
22 KB
22 KB
Font
General
Full URL
https://use.typekit.net/af/ee2b06/00000000000000003b9ae133/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pee8cij.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5c0c3b3bf32663a4ecf687042363bc1dd97bc8ce8f777e53e7f78aa4fab247fe

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://use.typekit.net/pee8cij.css
Origin
https://www.lovesac.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
server
nginx
etag
"f56c6b38f211ee8a3e13b32e02d4c042f61723dd"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22824
logo.svg
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/images/
12 KB
4 KB
Image
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/images/logo.svg
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b299dcdada0c8da285740061362e1d74d1a9daa7eb7c8afe97347b04f8b0dfac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-06302f69d529ac69f, i-06302f69d529ac69f
age
575507
traceresponse
00-17c2bd891c42134f93b4b980b6083856-0a3e139d75d64e82-01
x-cache
HIT, HIT
content-length
4122
x-served-by
cache-bfi-kbfi7400117-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:08:22 GMT
etag
"660d2a96-1023"
vary
Accept-Encoding
content-type
image/svg+xml
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
3, 0
04022024-SMSM-Up-to-25
s7d4.scene7.com/is/content/LovesacRender/
24 MB
24 MB
Media
General
Full URL
https://s7d4.scene7.com/is/content/LovesacRender/04022024-SMSM-Up-to-25
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58e::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 10 Apr 2024 02:05:12 GMT
last-modified
Fri, 29 Mar 2024 09:46:14 GMT
server
Unknown
akamai-grn
0.92a02417.1712714712.3686861b
x-adobe-assetlist
QlpoOTFBWSZTWeV8RNkAAAsfgAAC1gAABhoKLgHdACAAIiGg0ANNGhQaNGgyA0OBcQSk0gJzm4uG6RDV+n00Xy+UQsvxdyRThQkOV8RNkA==
access-control-allow-origin
*
Content-Range
bytes 0-24735039/24735040
content-type
video/mp4
accept-ranges
bytes
x-akamai-cache
Hit
Content-Length
24735040
expires
Wed, 10 Apr 2024 07:49:41 GMT
04022024-SMSM-Up-to-25-m
s7d4.scene7.com/is/content/LovesacRender/
17 MB
0
Media
General
Full URL
https://s7d4.scene7.com/is/content/LovesacRender/04022024-SMSM-Up-to-25-m
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58e::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://www.lovesac.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 10 Apr 2024 02:05:12 GMT
last-modified
Fri, 29 Mar 2024 09:46:14 GMT
server
Unknown
akamai-grn
0.92a02417.1712714712.3686861d
x-adobe-assetlist
QlpoOTFBWSZTWX8D0k8AAAufgAAC1gAABhoKLgPdACAAIiAMgBoNCgAGgZMg3jHfHEKyAmMXaoZnAMb6fT4g+TyNByfF3JFOFCQfwPSTwA==
access-control-allow-origin
*
Content-Range
bytes 0-25081947/25081948
content-type
video/mp4
accept-ranges
bytes
x-akamai-cache
Hit
Content-Length
25081948
expires
Wed, 10 Apr 2024 09:38:12 GMT
session
visitor.service.ksearchnet.com/public/1.0/klevu-158696486544611933/ Frame
0
0
Preflight
General
Full URL
https://visitor.service.ksearchnet.com/public/1.0/klevu-158696486544611933/session
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.143.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-143-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.lovesac.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST,PATCH
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Wed, 10 Apr 2024 02:05:12 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
klevu-158696486544611933.json
js.klevu.com/klevu-js-v1/klevu-js-api/ Frame
0
0
Preflight
General
Full URL
https://js.klevu.com/klevu-js-v1/klevu-js-api/klevu-158696486544611933.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.lovesac.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
*
allow
POST,OPTIONS,HEAD,GET
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
871f2ba7cd4c9b52-FRA
content-length
0
content-type
application/json
date
Wed, 10 Apr 2024 02:05:12 GMT
expires
Wed, 10 Apr 2024 02:13:05 GMT
server
cloudflare
klevu-158696486544611933-banner.json
js.klevu.com/klevu-js-v1/klevu-js-api/ Frame
0
0
Preflight
General
Full URL
https://js.klevu.com/klevu-js-v1/klevu-js-api/klevu-158696486544611933-banner.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.lovesac.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
*
allow
POST,OPTIONS,HEAD,GET
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
871f2ba7cd4e9b52-FRA
content-length
0
content-type
application/json
date
Wed, 10 Apr 2024 02:05:12 GMT
expires
Wed, 10 Apr 2024 02:13:05 GMT
server
cloudflare
klevu-158696486544611933-maps.json
js.klevu.com/klevu-js-v1/klevu-js-api/ Frame
0
0
Preflight
General
Full URL
https://js.klevu.com/klevu-js-v1/klevu-js-api/klevu-158696486544611933-maps.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.lovesac.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
*
allow
POST,OPTIONS,HEAD,GET
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
871f2ba7cd4d9b52-FRA
content-length
0
content-type
application/json
date
Wed, 10 Apr 2024 02:05:12 GMT
expires
Wed, 10 Apr 2024 02:13:05 GMT
server
cloudflare
session
visitor.service.ksearchnet.com/public/1.0/klevu-158696486544611933/
129 B
466 B
Fetch
General
Full URL
https://visitor.service.ksearchnet.com/public/1.0/klevu-158696486544611933/session
Requested by
Host: js.klevu.com
URL: https://js.klevu.com/core/v2/klevu.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.143.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-143-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8a3f3911bbf8fb43f6855c6bc59b87e945af4332fea3d8c6ebff6e36e958aa6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:12 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
1; mode=block
expires
0
klevu-158696486544611933.json
js.klevu.com/klevu-js-v1/klevu-js-api/
2 KB
956 B
Fetch
General
Full URL
https://js.klevu.com/klevu-js-v1/klevu-js-api/klevu-158696486544611933.json
Requested by
Host: js.klevu.com
URL: https://js.klevu.com/core/v2/klevu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44a3a91d62052c51893b2366c41a2cc36903c450734081cbb771b9ef5b572a19

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Tue, 20 Feb 2024 15:22:58 GMT
server
cloudflare
etag
W/"7dc-611d1c904638c"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400, must-revalidate
cf-ray
871f2ba84d699b52-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Wed, 10 Apr 2024 02:13:05 GMT
klevu-158696486544611933-banner.json
js.klevu.com/klevu-js-v1/klevu-js-api/
19 B
172 B
Fetch
General
Full URL
https://js.klevu.com/klevu-js-v1/klevu-js-api/klevu-158696486544611933-banner.json
Requested by
Host: js.klevu.com
URL: https://js.klevu.com/core/v2/klevu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85326aaf67e79a0d93cfb02f296bafd06fa881132f637b6eeead380832154081

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 07 Jun 2023 04:43:25 GMT
server
cloudflare
etag
"13-5fd82c6c32fab"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
871f2ba83d669b52-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
19
expires
Wed, 10 Apr 2024 02:13:05 GMT
klevu-158696486544611933-maps.json
js.klevu.com/klevu-js-v1/klevu-js-api/
2 KB
756 B
Fetch
General
Full URL
https://js.klevu.com/klevu-js-v1/klevu-js-api/klevu-158696486544611933-maps.json
Requested by
Host: js.klevu.com
URL: https://js.klevu.com/core/v2/klevu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65e4278d3c6e7cc283dc31650e6ac335d5a986ba62c79cb468d6dc7ff8a1606e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Tue, 20 Feb 2024 15:22:53 GMT
server
cloudflare
etag
W/"8c8-611d1c8bcdaf6"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400, must-revalidate
cf-ray
871f2ba84d6c9b52-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Wed, 10 Apr 2024 02:13:05 GMT
customerData
www.lovesac.com/rest/V1/klevu/
142 B
542 B
XHR
General
Full URL
https://www.lovesac.com/rest/V1/klevu/customerData
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eacf9e1167fcb6e762b91f9096cea304dc1df5223f6aab64faf556dc5e9a0217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 19 Nov 1981 08:52:00 GMT
date
Wed, 10 Apr 2024 02:05:12 GMT
strict-transport-security
max-age=31536000
x-platform-server
i-06302f69d529ac69f, i-06302f69d529ac69f
traceresponse
00-17c4c8f4df2e446eb374d52271dc03ac-58a2f0c4f95353c3-01
x-cache
MISS, MISS
content-length
142
x-served-by
cache-bfi-krnt7300054-BFI, cache-fra-eddf8230114-FRA
pragma
no-cache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-store
x-debug-info
eyJyZXRyaWVzIjowfQ==
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
0, 0
bundle~437bb4e84e0820006a45.js
cdn.gladly.com/assets/chat-sdk/
Redirect Chain
  • https://cdn.gladly.com/chat-sdk/widget.js?q=1712714712659
  • https://cdn.gladly.com/assets/chat-sdk/bundle~437bb4e84e0820006a45.js
40 KB
14 KB
Script
General
Full URL
https://cdn.gladly.com/assets/chat-sdk/bundle~437bb4e84e0820006a45.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Server
2600:9000:2724:5e00:c:2652:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe0f66f6b803a180cac1d83ec9e1a34708273365ba19846cfee2f6f259bb7b93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lovesac.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Apr 2024 08:40:08 GMT
content-encoding
gzip
via
1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
x-amz-version-id
null
last-modified
Tue, 26 Mar 2024 05:17:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
age
62705
etag
W/"573d6bb8fac94853652e7dcedec4026b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31449600
x-amz-cf-id
Bpe09h7lZphPXSqMsUhjdBcDidMtY0vqWg2g1iZrfSKUdZp9BH9kiA==

Redirect headers

date
Wed, 10 Apr 2024 02:05:11 GMT
via
1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA56-P12
age
2
x-cache
Hit from cloudfront
location
//cdn.gladly.com/assets/chat-sdk/bundle~437bb4e84e0820006a45.js
content-length
0
x-amz-cf-id
fxPfGdNwACkwhDAaeu37QYJf1q6AfZjRovlA7KTeAMdzg5n8f86CJA==
index.js
unpkg.com/@adobe/magento-storefront-events-sdk@1.8.0/dist/
Redirect Chain
  • https://unpkg.com/@adobe/magento-storefront-events-sdk@%5E1/dist/index.js
  • https://unpkg.com/@adobe/magento-storefront-events-sdk@1.8.0/dist/index.js
42 KB
14 KB
Script
General
Full URL
https://unpkg.com/@adobe/magento-storefront-events-sdk@1.8.0/dist/index.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5980971806e9157338245ac1cc6ebe977dcc3a333dbfe7b0468f5f8a1251069a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lovesac.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1922237
last-modified
Mon, 18 Mar 2024 20:06:10 GMT
fly-request-id
01HS9JV0FBEYD0CJKC7YMHG82X-fra
server
cloudflare
etag
W/"a831-vhQcXT379T6zAPfamm8iJjScZPw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
871f2baafd2665be-FRA

Redirect headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01HV2W0BF7BCFVH714H08ZPB3N-fra
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
22
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@adobe/magento-storefront-events-sdk@1.8.0/dist/index.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
871f2baa6cf165be-FRA
UniFi.js
pdpone.syfpos.com/mpp/
260 KB
69 KB
Script
General
Full URL
https://pdpone.syfpos.com/mpp/UniFi.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/requirejs/require.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-190-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
78e6372ef8fd01e1eb0f7bb4ee123396238d673e1275c86099fb9177695c1afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 10 Apr 2024 02:05:12 GMT
Last-Modified
Fri, 22 Mar 2024 00:58:00 GMT
ETag
W/"65fcd798-40ff5"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-Vcap-Request-Id
464b0b72-e0e4-45bf-70a7-9da7549217d8
Cache-Control
no-cache
Connection
keep-alive
Content-Length
70621
Expires
Wed, 10 Apr 2024 02:05:12 GMT
CHANGEABLE_STYLES_Any_Space.jpg
www.lovesac.com/media/wysiwyg/
378 KB
378 KB
Image
General
Full URL
https://www.lovesac.com/media/wysiwyg/CHANGEABLE_STYLES_Any_Space.jpg
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98a219ed132aa2c1b13f7c43014e619d57a808c96ac7f6e3264da15b70bfb07e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
20, 0
date
Wed, 10 Apr 2024 02:05:12 GMT
strict-transport-security
max-age=31536000
x-platform-server
i-06302f69d529ac69f, i-06302f69d529ac69f
fastly-io-served-by
vpop-haf2300706
traceresponse
00-17c269a03d171a3896228d527ec99fc2-5f90b56e42e9ae02-01
age
667767
x-cache
HIT, HIT
fastly-io-info
ifsz=1008939 idim=2560x1123 ifmt=jpeg ofsz=386684 odim=2560x1123 ofmt=webp
fastly-stats
io=1
content-length
386684
x-served-by
cache-bfi-kbfi7400094-BFI, cache-fra-eddf8230114-FRA
etag
"lnh336z3nfqFPxn2SRYWDAAscS2hrVWIaHchZov4pyw"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
x-debug-info
eyJyZXRyaWVzIjowfQ==
accept-ranges
bytes
x-robots-tag
index, follow
expires
Wed, 02 Apr 2025 08:35:45 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/latest/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/css/styles-m.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
863
age
2366529
cdn-cachedat
02/20/2024 17:37:26
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:56 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
92e0dae6588ed4630f496c7fea8acd89
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
871f2baa7ddf9bc5-FRA
cdn-requestpullsuccess
True
quick-styles.min.css
js.klevu.com/theme/default/v2/
69 KB
11 KB
Fetch
General
Full URL
https://js.klevu.com/theme/default/v2/quick-styles.min.css?v=2.3.0-0ca44f90a72d059d
Requested by
Host: js.klevu.com
URL: https://js.klevu.com/core/v2/klevu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da1f9c5fb29d5308e676713e72b653b807b91c95c9001117160822d9b1e4195b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
gzip
cf-cache-status
HIT
age
615
content-length
11383
last-modified
Tue, 09 Apr 2024 13:59:12 GMT
server
cloudflare
etag
"115ec-615aa53b02a06-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
871f2baa7df09b52-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
quick-templates.tpl
js.klevu.com/theme/default/v2/
65 KB
65 KB
Fetch
General
Full URL
https://js.klevu.com/theme/default/v2/quick-templates.tpl?v=2.3.0-0ca44f90a72d059d
Requested by
Host: js.klevu.com
URL: https://js.klevu.com/core/v2/klevu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18d43e902c867460d9121b44a9bf2ace12d2d72e5c97dff1b230358b3f1a8f33

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
cf-cache-status
HIT
last-modified
Tue, 09 Apr 2024 13:59:12 GMT
server
cloudflare
age
615
etag
"1049c-615aa53b058e6"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/vnd.groove-tool-template
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
871f2baa7df19b52-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
66716
pixlee_widget_1_0_0.js
assets.pxlecdn.com/assets/
594 KB
131 KB
Script
General
Full URL
https://assets.pxlecdn.com/assets/pixlee_widget_1_0_0.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/requirejs/require.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ffa15751217e1b387d19c78af620ade1e8eb0ae569fd94ef51083c15adf78c8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 06 Feb 2024 03:39:33 GMT
x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 10 Apr 2024 02:05:12 GMT
x-amz-request-id
EGGFKQ58GA32ACQ6
age
353862
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
133425
x-amz-id-2
hezTlTQTvB/2gtsfVApEwSkv2mrSZnnnKTGVENkQxueeorqGqabpEmheboLJfaOf5ophqFef4e4=
x-served-by
cache-iad-kjyo7100172-IAD, cache-fra-eddf8230022-FRA
last-modified
Mon, 05 Feb 2024 17:46:29 GMT
server
AmazonS3
x-timer
S1712714713.760021,VS0,VE1
etag
"53ade97362c482463e07af1ff3a6ce1e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=26280000,s-maxage=2628000,immutable
accept-ranges
bytes
x-cache-hits
53220, 1
cs
lovesac.blueconic.net/DG/DEFAULT/
16 B
700 B
Script
General
Full URL
https://lovesac.blueconic.net/DG/DEFAULT/cs?&callback=bc_json301
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.175.156.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-156-69.compute-1.amazonaws.com
Software
- /
Resource Hash
7c478f46c9ee99c272583e92d4c5152a4db668fba9983ef92cc956981ab1b282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
config_active.json
cdn-prod.securiti.ai/consent/cookie_banner/e1a8ebf8-4a85-4570-bcd5-46771853795a/3174b33b-b07d-4e68-96c2-7144c44104e9/
311 B
1 KB
XHR
General
Full URL
https://cdn-prod.securiti.ai/consent/cookie_banner/e1a8ebf8-4a85-4570-bcd5-46771853795a/3174b33b-b07d-4e68-96c2-7144c44104e9/config_active.json
Requested by
Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8000:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
880400736aa698a07645274501d08a9893b2ad9b6971919c49ea4f98f1b84e14
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 04:59:55 GMT
x-amz-version-id
8QPwMxwGfmxsmnwxIHVDrSg5R_2IF10H
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
x-amz-cf-pop
FRA60-P6
age
75918
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
311
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Fri, 22 Mar 2024 21:41:11 GMT
server
AmazonS3
etag
"46f58bcad7ee4e0ba3f489dc41483cf9"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=86400
x-frame-options
DENY
accept-ranges
bytes
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
pMpoyhbIyGreKWCkEjV5F1d0pSG6wulFStieZVwaC0sjWi5-6q5SIw==
switch
lovesac.usablenet.com/pt/ Frame A9EF
0
0
Document
General
Full URL
https://lovesac.usablenet.com/pt/switch
Requested by
Host: lovesac.usablenet.com
URL: https://lovesac.usablenet.com/pt/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.47.214.218 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
da.d6.2fa9.ip4.static.sl-reverse.com
Software
/
Resource Hash

Request headers

Referer
https://www.lovesac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=29030400, public
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 10 Apr 2024 02:05:13 GMT
vary
Accept-Encoding
cookie-consent-latest.css
cdn-prod.securiti.ai/consent/
59 KB
10 KB
Stylesheet
General
Full URL
https://cdn-prod.securiti.ai/consent/cookie-consent-latest.css
Requested by
Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8000:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efa4f89780a78abef1f045ba08a1a690bdec1863627230aca463a6954f701c9d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
6h9bdcmZlFbchw8pfHX4DKlTX35DUkwk
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding
gzip
date
Wed, 10 Apr 2024 01:51:17 GMT
via
1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
age
836
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 08 Apr 2024 21:50:15 GMT
server
AmazonS3
etag
W/"423e31b23c8848dee2654eb5bd0d745f"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
vgKQOi_jm3kotlMkKza0QIXRs1T9oI1eXmY-hsSGrco0Yz_8_L0blg==
cookie-consent-sdk-latest.js
cdn-prod.securiti.ai/consent/
398 KB
93 KB
Script
General
Full URL
https://cdn-prod.securiti.ai/consent/cookie-consent-sdk-latest.js
Requested by
Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8000:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40253372ad1a75dee6584820d85460caf7e0a4bb5a254ccb1f625ca85ab7f297
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Qpt2mw1jUKhreJ7S1p8HiYna2rl_u2Xf
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding
gzip
date
Wed, 10 Apr 2024 01:51:19 GMT
via
1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
age
840
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 08 Apr 2024 21:50:11 GMT
server
AmazonS3
etag
W/"f2d9b24d59aad55e6ce035ae976d544a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-id
jABM98aauCjD0zISkjN9BqmIFWEJiYx4g0E6cBr7X_JG3nLeLtZXAQ==
CHANGEABLE_STYLES_1.jpg
www.lovesac.com/media/wysiwyg/
85 KB
86 KB
Image
General
Full URL
https://www.lovesac.com/media/wysiwyg/CHANGEABLE_STYLES_1.jpg
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
521d5f3b24dd316c91d13f6194b6234faddcef94cb96bbd51b2f8208b0495c65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
29, 0
date
Wed, 10 Apr 2024 02:05:12 GMT
strict-transport-security
max-age=31536000
x-platform-server
i-06d8f9e5143926b77, i-06d8f9e5143926b77
fastly-io-served-by
vpop-haf2300705
traceresponse
00-17c269995560550057a62a875efe80d2-bd6b6f44912d8c8c-01
age
667797
x-cache
HIT, HIT
fastly-io-info
ifsz=237514 idim=750x580 ifmt=jpeg ofsz=87452 odim=750x580 ofmt=webp
fastly-stats
io=1
content-length
87452
x-served-by
cache-bfi-kbfi7400029-BFI, cache-fra-eddf8230114-FRA
etag
"f9rLF1lzsTf4s73YilTs3rM1zTsiCyByewpHsw9WEeQ"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
x-debug-info
eyJyZXRyaWVzIjowfQ==
accept-ranges
bytes
x-robots-tag
index, follow
expires
Wed, 02 Apr 2025 08:35:15 GMT
quick-scripts.min.js
js.klevu.com/theme/default/v2/ Frame
0
0
Preflight
General
Full URL
https://js.klevu.com/theme/default/v2/quick-scripts.min.js?v=2.3.0-0ca44f90a72d059d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.lovesac.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
*
allow
POST,OPTIONS,HEAD,GET
cf-cache-status
DYNAMIC
cf-ray
871f2bab5e1f9b52-FRA
content-length
0
content-type
application/javascript
date
Wed, 10 Apr 2024 02:05:12 GMT
server
cloudflare
quick-scripts.min.js
js.klevu.com/theme/default/v2/
251 KB
61 KB
Fetch
General
Full URL
https://js.klevu.com/theme/default/v2/quick-scripts.min.js?v=2.3.0-0ca44f90a72d059d
Requested by
Host: js.klevu.com
URL: https://js.klevu.com/core/v2/klevu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab0fb56b429401b7565f4a6437362924bd8d0e6d54cc1871526af85a630d5c86

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
text/javascript

Response headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 09 Apr 2024 13:59:11 GMT
server
cloudflare
age
614
etag
"3eb3d-615aa539c9266-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
871f2bab9e299b52-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
env-config.js
pdpone.syfpos.com/mpp/
200 B
643 B
Script
General
Full URL
https://pdpone.syfpos.com/mpp/env-config.js
Requested by
Host: pdpone.syfpos.com
URL: https://pdpone.syfpos.com/mpp/UniFi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-190-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
767241b24eddcc432bd8653ec0dc5591bcbea2b66c6030042d6233593d16a434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000
Date
Wed, 10 Apr 2024 02:05:12 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 22 Mar 2024 00:58:00 GMT
ETag
"65fcd798-c8"
Content-Type
application/javascript; charset=utf-8
X-Vcap-Request-Id
f169f4b4-e884-4b60-5d6c-0836bf6ce5f5
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
200
Expires
Wed, 10 Apr 2024 02:05:12 GMT
vendor-node_modules_reduxjs_toolkit_dist_redux-toolkit_cjs_production_min_js-node_modules_cha-edcf42~f4f69b1b5e5f50c741a4.js
cdn.gladly.com/assets/chat-sdk/
120 KB
41 KB
Script
General
Full URL
https://cdn.gladly.com/assets/chat-sdk/vendor-node_modules_reduxjs_toolkit_dist_redux-toolkit_cjs_production_min_js-node_modules_cha-edcf42~f4f69b1b5e5f50c741a4.js
Requested by
Host: cdn.gladly.com
URL: https://cdn.gladly.com/chat-sdk/widget.js?q=1712714712659
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:5e00:c:2652:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
009cdbbbac6c649ca417e6f52e56f639e51a5fc9570d6069a3c18939842e8450

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
date
Wed, 10 Apr 2024 01:56:58 GMT
last-modified
Tue, 26 Mar 2024 05:17:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
age
495
etag
W/"f9bc051cbd04b70abd5fd29818c4f6ac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31449600
x-amz-cf-id
YWqLxo5jC98hV3kJ-zyG-dx873CXdKFT5_TwDQAIxSwJ5zyxmVMdpA==
apiBootstrap~6e0136c43e4f53e654a0.js
cdn.gladly.com/assets/chat-sdk/
144 KB
43 KB
Script
General
Full URL
https://cdn.gladly.com/assets/chat-sdk/apiBootstrap~6e0136c43e4f53e654a0.js
Requested by
Host: cdn.gladly.com
URL: https://cdn.gladly.com/chat-sdk/widget.js?q=1712714712659
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:5e00:c:2652:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6bd345c467a60039b26ab72c40e8e69d645379b058df1f51c17c9f004b7c4768

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
date
Wed, 10 Apr 2024 01:04:20 GMT
last-modified
Tue, 26 Mar 2024 05:17:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
age
3653
etag
W/"c43bf407cdef58e71bd1c429509448e8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=31449600
x-amz-cf-id
yfgs6x639kPqrwYIiXkog3v_y6Tm2Pw-0sBZvrDRoAyTfztmMXG2CA==
fp.js
assets.pixlee.com/assets/
30 KB
11 KB
Script
General
Full URL
https://assets.pixlee.com/assets/fp.js
Requested by
Host: assets.pxlecdn.com
URL: https://assets.pxlecdn.com/assets/pixlee_widget_1_0_0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18d7d2d03c9b4c037b5979e4d5cdc57d23d8a422149432872ec127f5f758eb4e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 06 Feb 2024 03:39:33 GMT
x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 10 Apr 2024 02:05:12 GMT
x-amz-request-id
G8BN3H59ZRSN11Z0
age
721109
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
11023
x-amz-id-2
dub76lZnAQVhYr10bGBA6V9CXXUWq8tHEYjxdjkCLFHPL7HBhbQnEqZBX+eorrnVHI9VcCU1ldg=
x-served-by
cache-iad-kcgs7200169-IAD, cache-fra-eddf8230101-FRA
last-modified
Mon, 05 Feb 2024 17:46:29 GMT
server
AmazonS3
x-timer
S1712714713.934282,VS0,VE0
etag
"058bd8d4885262795f44fc4ff6615c01"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=26280000,s-maxage=2628000,immutable
accept-ranges
bytes
x-cache-hits
41, 3033
lightbox
photos.pixlee.co/ Frame DDA2
0
0
Document
General
Full URL
https://photos.pixlee.co/lightbox?widget_id=14340968&api_key=aRYy5lobd2NfbBklJtqr&parent_url=https%3A%2F%2Fwww.lovesac.com%2F
Requested by
Host: assets.pxlecdn.com
URL: https://assets.pxlecdn.com/assets/pixlee_widget_1_0_0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src http: https:;script-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.feedshop.net *.pxlecdn.com *.pixlee.gallery *.pixleeteam.com data: *.nanovisor.io http://photos.test localhost:8000 http://photos.pixlee.test *.pixlee.com *.pixlee.co *.pixlee.io https://cdn.ravenjs.com https://browser.sentry-cdn.com cdnjs.cloudflare.com https://*.cloudfront.net *.pusher.com *.pinterest.com *.googleapis.com https://api-ssl.bitly.com *.google-analytics.com graph.instagram.com connect.facebook.net googletagmanager.com pixlee.gallery https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com 'unsafe-inline' 'unsafe-eval';style-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.pixleeteam.com http://photos.test localhost:8000 http://photos.pixlee.test *.pixlee.com *.pixlee.co *.pixlee.io *.pxlecdn.com https://cdnjs.cloudflare.com fonts.googleapis.com graph.instagram.com https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com 'unsafe-inline';font-src http: https: data:;img-src *.kube.pixlee.io *.pixleeteam.com android-webview-video-poster: *.pixlee.com *.pixlee.co *.pixlee.io *.pxlecdn.com http: https: data: blob:;connect-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.feedshop.net *.pxlecdn.com *.pixlee.gallery *.pixleeteam.com *.nanovisor.io *.pixlee.com *.pixlee.co *.pixlee.io *.pixlee.test localhost:8000 distillery.test photos.test *.pixleeteam.com:9000 *.pixleeteam.com:9001 ws://*.pixlee.com wss://*.pixlee.com ws://*.pixlee.co wss://*.pixlee.co ws://*.pxlecdn.com wss://*.pxlecdn.com *.pusherapp.com ws://*.pusherapp.com wss://*.pusherapp.com https://api-ssl.bitly.com *.facebook.com pixlee-staging-distillery.herokuapp.com s3.amazonaws.com youtube.com sentry.io code.jquery.com *.googleapis.com pixlee-backstage-analytics.herokuapp.com https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com ws://localhost:3036 ;report-to csp;report-uri https://sentry.io/api/1227414/security/?sentry_key=a8d877c6035547e193eff7baa44c7501
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.lovesac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
279
cache-control
max-age=300,s-maxage=300
content-encoding
gzip
content-length
7881
content-security-policy
default-src http: https:;script-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.feedshop.net *.pxlecdn.com *.pixlee.gallery *.pixleeteam.com data: *.nanovisor.io http://photos.test localhost:8000 http://photos.pixlee.test *.pixlee.com *.pixlee.co *.pixlee.io https://cdn.ravenjs.com https://browser.sentry-cdn.com cdnjs.cloudflare.com https://*.cloudfront.net *.pusher.com *.pinterest.com *.googleapis.com https://api-ssl.bitly.com *.google-analytics.com graph.instagram.com connect.facebook.net googletagmanager.com pixlee.gallery https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com 'unsafe-inline' 'unsafe-eval';style-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.pixleeteam.com http://photos.test localhost:8000 http://photos.pixlee.test *.pixlee.com *.pixlee.co *.pixlee.io *.pxlecdn.com https://cdnjs.cloudflare.com fonts.googleapis.com graph.instagram.com https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com 'unsafe-inline';font-src http: https: data:;img-src *.kube.pixlee.io *.pixleeteam.com android-webview-video-poster: *.pixlee.com *.pixlee.co *.pixlee.io *.pxlecdn.com http: https: data: blob:;connect-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.feedshop.net *.pxlecdn.com *.pixlee.gallery *.pixleeteam.com *.nanovisor.io *.pixlee.com *.pixlee.co *.pixlee.io *.pixlee.test localhost:8000 distillery.test photos.test *.pixleeteam.com:9000 *.pixleeteam.com:9001 ws://*.pixlee.com wss://*.pixlee.com ws://*.pixlee.co wss://*.pixlee.co ws://*.pxlecdn.com wss://*.pxlecdn.com *.pusherapp.com ws://*.pusherapp.com wss://*.pusherapp.com https://api-ssl.bitly.com *.facebook.com pixlee-staging-distillery.herokuapp.com s3.amazonaws.com youtube.com sentry.io code.jquery.com *.googleapis.com pixlee-backstage-analytics.herokuapp.com https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com ws://localhost:3036 ;report-to csp;report-uri https://sentry.io/api/1227414/security/?sentry_key=a8d877c6035547e193eff7baa44c7501
content-type
text/html; charset=utf-8
date
Wed, 10 Apr 2024 02:05:13 GMT
etag
W/"0b3f01d1a1225b1347ad449f0026cd97"
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
referrer-policy
strict-origin-when-cross-origin
report-to
{ "group": "csp", "max-age": 10886400, "endpoints": [{ "url": "https://sentry.io/api/1227414/security/?sentry_key=a8d877c6035547e193eff7baa44c7501;" }] }
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1712714433&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=cNECNklzsK0LpD3Lv50wSF6uQngCC65QWBVkoC7zt4s%3D
server
Cowboy
strict-transport-security
max-age=31557600
true-client-ip
185.213.155.177
vary
Origin, Accept-Encoding
via
1.1 vegur, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, HIT, MISS
x-cache-hits
0, 10, 0
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
7dce21b5-6b69-4b10-9ea6-b91e9c2a426d
x-runtime
0.027396
x-served-by
cache-iad-kiad7000143-IAD, cache-iad-kiad7000143-IAD, cache-fra-eddf8230149-FRA
x-timer
S1712714713.939582,VS0,VE88
x-xss-protection
1; mode=block
widget
photos.pixlee.co/ Frame 8DE5
0
0
Document
General
Full URL
https://photos.pixlee.co/widget?widget_id=14340968&api_key=aRYy5lobd2NfbBklJtqr&parent_url=https%3A%2F%2Fwww.lovesac.com%2F
Requested by
Host: assets.pxlecdn.com
URL: https://assets.pxlecdn.com/assets/pixlee_widget_1_0_0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src http: https:;script-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.feedshop.net *.pxlecdn.com *.pixlee.gallery *.pixleeteam.com data: *.nanovisor.io http://photos.test localhost:8000 http://photos.pixlee.test *.pixlee.com *.pixlee.co *.pixlee.io https://cdn.ravenjs.com https://browser.sentry-cdn.com cdnjs.cloudflare.com https://*.cloudfront.net *.pusher.com *.pinterest.com *.googleapis.com https://api-ssl.bitly.com *.google-analytics.com graph.instagram.com connect.facebook.net googletagmanager.com pixlee.gallery https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com 'unsafe-inline' 'unsafe-eval';style-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.pixleeteam.com http://photos.test localhost:8000 http://photos.pixlee.test *.pixlee.com *.pixlee.co *.pixlee.io *.pxlecdn.com https://cdnjs.cloudflare.com fonts.googleapis.com graph.instagram.com https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com 'unsafe-inline';font-src http: https: data:;img-src *.kube.pixlee.io *.pixleeteam.com android-webview-video-poster: *.pixlee.com *.pixlee.co *.pixlee.io *.pxlecdn.com http: https: data: blob:;connect-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.feedshop.net *.pxlecdn.com *.pixlee.gallery *.pixleeteam.com *.nanovisor.io *.pixlee.com *.pixlee.co *.pixlee.io *.pixlee.test localhost:8000 distillery.test photos.test *.pixleeteam.com:9000 *.pixleeteam.com:9001 ws://*.pixlee.com wss://*.pixlee.com ws://*.pixlee.co wss://*.pixlee.co ws://*.pxlecdn.com wss://*.pxlecdn.com *.pusherapp.com ws://*.pusherapp.com wss://*.pusherapp.com https://api-ssl.bitly.com *.facebook.com pixlee-staging-distillery.herokuapp.com s3.amazonaws.com youtube.com sentry.io code.jquery.com *.googleapis.com pixlee-backstage-analytics.herokuapp.com https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com ws://localhost:3036 ;report-to csp;report-uri https://sentry.io/api/1227414/security/?sentry_key=a8d877c6035547e193eff7baa44c7501
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.lovesac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
279
cache-control
max-age=300,s-maxage=300
content-encoding
gzip
content-length
8390
content-security-policy
default-src http: https:;script-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.feedshop.net *.pxlecdn.com *.pixlee.gallery *.pixleeteam.com data: *.nanovisor.io http://photos.test localhost:8000 http://photos.pixlee.test *.pixlee.com *.pixlee.co *.pixlee.io https://cdn.ravenjs.com https://browser.sentry-cdn.com cdnjs.cloudflare.com https://*.cloudfront.net *.pusher.com *.pinterest.com *.googleapis.com https://api-ssl.bitly.com *.google-analytics.com graph.instagram.com connect.facebook.net googletagmanager.com pixlee.gallery https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com 'unsafe-inline' 'unsafe-eval';style-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.pixleeteam.com http://photos.test localhost:8000 http://photos.pixlee.test *.pixlee.com *.pixlee.co *.pixlee.io *.pxlecdn.com https://cdnjs.cloudflare.com fonts.googleapis.com graph.instagram.com https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com 'unsafe-inline';font-src http: https: data:;img-src *.kube.pixlee.io *.pixleeteam.com android-webview-video-poster: *.pixlee.com *.pixlee.co *.pixlee.io *.pxlecdn.com http: https: data: blob:;connect-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.feedshop.net *.pxlecdn.com *.pixlee.gallery *.pixleeteam.com *.nanovisor.io *.pixlee.com *.pixlee.co *.pixlee.io *.pixlee.test localhost:8000 distillery.test photos.test *.pixleeteam.com:9000 *.pixleeteam.com:9001 ws://*.pixlee.com wss://*.pixlee.com ws://*.pixlee.co wss://*.pixlee.co ws://*.pxlecdn.com wss://*.pxlecdn.com *.pusherapp.com ws://*.pusherapp.com wss://*.pusherapp.com https://api-ssl.bitly.com *.facebook.com pixlee-staging-distillery.herokuapp.com s3.amazonaws.com youtube.com sentry.io code.jquery.com *.googleapis.com pixlee-backstage-analytics.herokuapp.com https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com ws://localhost:3036 ;report-to csp;report-uri https://sentry.io/api/1227414/security/?sentry_key=a8d877c6035547e193eff7baa44c7501
content-type
text/html; charset=utf-8
date
Wed, 10 Apr 2024 02:05:13 GMT
etag
W/"9ee9eba65ebf844159aeb73ee2bee16d"
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
referrer-policy
strict-origin-when-cross-origin
report-to
{ "group": "csp", "max-age": 10886400, "endpoints": [{ "url": "https://sentry.io/api/1227414/security/?sentry_key=a8d877c6035547e193eff7baa44c7501;" }] }
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1712714433&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=cNECNklzsK0LpD3Lv50wSF6uQngCC65QWBVkoC7zt4s%3D
server
Cowboy
strict-transport-security
max-age=31557600
true-client-ip
185.213.155.177
vary
Origin, Accept-Encoding
via
1.1 vegur, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, HIT, MISS
x-cache-hits
0, 10, 0
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
19df2c34-aaac-4905-b56a-cbafc31c2570
x-runtime
0.048555
x-served-by
cache-iad-kcgs7200119-IAD, cache-iad-kcgs7200119-IAD, cache-fra-eddf8230149-FRA
x-timer
S1712714713.939586,VS0,VE108
x-xss-protection
1; mode=block
en.json
cdn-prod.securiti.ai/consent/cookie_banner/e1a8ebf8-4a85-4570-bcd5-46771853795a/3174b33b-b07d-4e68-96c2-7144c44104e9/
966 KB
45 KB
XHR
General
Full URL
https://cdn-prod.securiti.ai/consent/cookie_banner/e1a8ebf8-4a85-4570-bcd5-46771853795a/3174b33b-b07d-4e68-96c2-7144c44104e9/en.json
Requested by
Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8000:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb02604971e6f366ea8529b7139db776458a466fdbd0169c357fcddb139c05fe
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
NONc0Q__kCjuh8p_.YCzKSEJQPret3D4
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding
gzip
date
Tue, 09 Apr 2024 04:59:56 GMT
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
age
75917
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Fri, 22 Mar 2024 21:41:15 GMT
server
AmazonS3
etag
W/"4c4a27c090b48d2ea404c8316eb65415"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
x-frame-options
DENY
cache-control
public,max-age=86400
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
Yl0u1oi6TUB_sMUyf6t8RLEzC-9clG86zn0gIikhCwOtIK29K6iPKA==
location
app.securiti.ai/core/v1/utils/geo/
937 B
1 KB
XHR
General
Full URL
https://app.securiti.ai/core/v1/utils/geo/location
Requested by
Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.226.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aedf1f689f9b4287e.awsglobalaccelerator.com
Software
/
Resource Hash
9bc79f1d81188afcab7bfa069fad6e4dc62180f471409c34b24771d627dbc6c2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=315360000
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lovesac.com
access-control-allow-credentials
true
content-length
937
x-xss-protection
1; mode=block
ds.min.js
commerce.adobedtm.com/v6/
25 KB
8 KB
Script
General
Full URL
https://commerce.adobedtm.com/v6/ds.min.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/requirejs/require.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e400cd30777e17efe3066485259980648528389e7305b028f35976b8c865d8b1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 02:05:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Mar 2024 19:59:44 GMT
Server
AkamaiNetStorage
ETag
"c715f1e3afed260c262d63dfcb2fc684:1710791984.452452"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7832
index.js
unpkg.com/@adobe/magento-storefront-event-collector@1.8.0/dist/
Redirect Chain
  • https://unpkg.com/@adobe/magento-storefront-event-collector@%5E1/dist/index.js
  • https://unpkg.com/@adobe/magento-storefront-event-collector@1.8.0/dist/index.js
145 KB
45 KB
Script
General
Full URL
https://unpkg.com/@adobe/magento-storefront-event-collector@1.8.0/dist/index.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27059d93395a5c6318e0859b544b9023687e0c2db11dd9bc2f3023c0226f0e73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lovesac.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1922238
last-modified
Mon, 18 Mar 2024 20:06:18 GMT
fly-request-id
01HS9JV0F9XH4E7JJ3PWR2YVEK-fra
server
cloudflare
etag
W/"24573-gFUZ56SiPE4BR8z50MvBQwBIvps"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
871f2bacbdd965be-FRA

Redirect headers

date
Wed, 10 Apr 2024 02:05:12 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01HV2VYPSH63KV746E0XR6ZA3A-fra
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
76
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@adobe/magento-storefront-event-collector@1.8.0/dist/index.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
871f2bac0d8f65be-FRA
/
widgets.syfpayments.com/
0
0

core.js
share.lovesac.com/
46 KB
15 KB
Script
General
Full URL
https://share.lovesac.com/core.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/magepack/bundle-common.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.204.188.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-188-67.compute-1.amazonaws.com
Software
Extole /
Resource Hash
012ec14c43206654b2b1015ae17c67436ab1767d7d9ac9878c75c74c5e13af00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
Extole
access-control-max-age
3600
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/javascript
p3p
CP="Please see our privacy policy"
access-control-expose-headers
X-Extole-Token
cache-control
no-transform, max-age=3600
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
content-length
15336
loader-1.gif
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/images/
17 KB
17 KB
Image
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/images/loader-1.gif
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/magepack/bundle-common.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
caefc900beabcb8b438e7e4861b34f560d256675a09c417fd201574cd257741c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
strict-transport-security
max-age=31536000
x-platform-server
i-06d8f9e5143926b77, i-06d8f9e5143926b77
fastly-io-served-by
vpop-haf2300710
traceresponse
00-17c2bd896b94d380744f31e36cadecb9-d80863e333a13436-01
age
575507
x-cache
HIT, HIT
fastly-io-info
ifsz=17255 idim=64x64 ifmt=gif ofsz=17255 odim=64x64 ofmt=gif ofrm=24
fastly-stats
io=1
content-length
17255
fastly-io-warning
Failed to shrink image
x-served-by
cache-bfi-krnt7300089-BFI, cache-fra-eddf8230114-FRA
etag
"bzs/k4Y+/6B4u4WI/dqUGO9X2KyjVZs7zddL9QK7JPQ"
vary
Accept
content-type
image/gif
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
5, 0
lovesac.com.json
cdn.gladly.com/orgs/configs/chat/
6 KB
3 KB
Fetch
General
Full URL
https://cdn.gladly.com/orgs/configs/chat/lovesac.com.json?q=1712714713071
Requested by
Host: cdn.gladly.com
URL: https://cdn.gladly.com/assets/chat-sdk/apiBootstrap~6e0136c43e4f53e654a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:5e00:c:2652:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a65b3ef286424b14ce84fa0f4746337a42a84466bb6454d8d455a752f6d6afb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
date
Wed, 10 Apr 2024 02:05:14 GMT
x-amz-cf-pop
FRA56-P12
x-cache
RefreshHit from cloudfront
last-modified
Thu, 21 Mar 2024 16:39:46 GMT
server
AmazonS3
etag
W/"f1251d79823a221c54ee5792242f49f3"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
ZVx1DXR9bFyWYpWALmTrYuo_TisBoEYI9f3vOY1IjVFPgZCn0xeRSw==
jarallax.js
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/Magento_PageBuilder/js/resource/jarallax/
23 KB
6 KB
Script
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/Magento_PageBuilder/js/resource/jarallax/jarallax.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/requirejs/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6f36e1fe5a2ba01855d5dc3e18c90f92031b49bc635f817389ee5b283f8bea1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-0088a7e5f8b0de634, i-0088a7e5f8b0de634
age
407133
traceresponse
00-17c2bd89795dd2585838b2a742af72b3-ec04ac81ffe75c52-01
x-cache
HIT, HIT
content-length
6361
x-served-by
cache-bfi-krnt7300050-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:08:24 GMT
etag
"660d2a98-18e5"
vary
Accept-Encoding
content-type
application/javascript
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
6, 0
vimeo-wrapper.js
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/vimeo/
236 B
339 B
Script
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/vimeo/vimeo-wrapper.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/requirejs/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3583b6dc59dcaa82d3a33eff6c6e80d8be53ba0d89d2522865d4d33c13dd4b96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-0088a7e5f8b0de634, i-0088a7e5f8b0de634
age
351721
traceresponse
00-17c2bd89796c635f9f53756b4c00c1c0-4edb1cd8cb079d82-01
x-cache
HIT, HIT
content-length
196
x-served-by
cache-bfi-kbfi7400100-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:08:24 GMT
etag
W/"660d2a98-ec"
vary
Accept-Encoding
content-type
application/javascript
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
6, 0
/
www.lovesac.com/banner/ajax/load/
78 B
8 KB
XHR
General
Full URL
https://www.lovesac.com/banner/ajax/load/?requesting_page_url=https%3A%2F%2Fwww.lovesac.com%2F&sections=&_=1712714712663
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/magepack/bundle-common.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6555173ae3295784e0f1a516b4b21ca190254f9815c6efc7d75c14d5a6f3b611
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.lovesac.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 0
date
Wed, 10 Apr 2024 02:05:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-platform-server
i-06302f69d529ac69f, i-06302f69d529ac69f
traceresponse
00-17c4c8f5120ee71b06c3867c64c06b75-c5c376f493451dd5-01
content-security-policy-report-only
font-src fonts.gstatic.com use.typekit.net *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com *.typekit.net gateway.foresee.com *.xtlo.net *.digitalsurgeons.cloud *.klevu.com *.ksearchnet.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.syfpos.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ www.googletagmanager.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.affirm.com *.affirm.ca c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.yotpo.com www.xtento.com syf.demdex.net *.syfpos.com *.syf.com *.weltpixel.com https://*.online-metrix.net https://imgs.signifyd.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.ftcdn.net *.behance.net *.googleapis.com *.gstatic.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de static-eu.payments-amazon.com *.affirm.com *.affirm.ca www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com www.xtento.com cdn.xtento.com * blob: *.syfpos.com *.syf.com analytics.synchrony.com *.d1.sc.omtrdc.net maps.googleapis.com maps.gstatic.com *.klevu.com *.ksearchnet.com https://imgs.signifyd.com https://*.online-metrix.net data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com unpkg.com/@adobe/ cdn.jsdelivr.net/npm/@adobe/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com *.magento-ds.com *.googleapis.com *.gstatic.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com www.xtento.com cdn.xtento.com *.lovesac.com lovesac.com *.threekit.com *.lovesac.pages.dev lovesac.usablenet.com cdn.gladly.qa cdn.gladly.com assets.pixlee.com assets.pxlecdn.com cdnjs.cloudflare.com *.securiti.ai lovesac.blueconic.net *.scene7.com *.abtasty.com *.digitalsurgeons.cloud *.wufoo.com cdn.noibu.com *.bazaarvoice.com cdn.quantummetric.com www.mczbf.com bat.bing.com *.criteo.net *.criteo.com *.sundaysky.com connect.facebook.net www.lightboxcdn.com sc-static.net analytics.tiktok.com *.xtlo.net live.rezync.com *.mplat-ppcprotect.com *.medallia.com tr.snapchat.com *.boomtrain.com lightboxapi.azurewebsites.net safevisit.online track.securedvisit.com *.rkdms.com *.agkn.com sts.eccmp.com gateway.foresee.com mpsnare.iesnare.com *.syfpos.com analytics.synchrony.com *.mysynchrony.com maps.googleapis.com get.geojs.io js.klevu.com *.ksearchnet.com https://www.googletagmanager.com tagmanager.google.com https://knowledgetags.yextpages.net https://cdn-scripts.signifyd.com https://imgs.signifyd.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net unsafe-inline assets.braintreegateway.com maxcdn.bootstrapcdn.com *.yotpo.com *.typekit.net *.securiti.ai www.lightboxcdn.com gateway.foresee.com *.xtlo.net *.digitalsurgeons.cloud *.bazaarvoice.com *.syfpos.com *.klevu.com *.ksearchnet.com tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.scene7.com *.digitalsurgeons.cloud 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com data: *.threekit.com *.gladly.qa *.gladly.com *.securiti.ai lovesac.blueconic.net *.abtasty.com *.lovesac.com wss://input.noibu.com/ *.bazaarvoice.com *.mplat-ppcprotect.com analytics.tiktok.com tr.snapchat.com *.boomtrain.com *.xtlo.net *.criteo.com *.quantummetric.com *.pixlee.com bat.bing.com sts.eccmp.com analytics.foresee.com conversions.lunio.ai www.mczbf.com *.doubleclick.net analytics.pangle-ads.com *.4seeresults.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net maps.googleapis.com *.klevu.com *.ksearchnet.com https://www.google-analytics.com https://imgs.signifyd.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-cache
MISS, MISS
content-length
78
x-xss-protection
1; mode=block
x-served-by
cache-bfi-krnt7300020-BFI, cache-fra-eddf8230114-FRA
pragma
no-cache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
cache-control
max-age=0, must-revalidate, no-cache, no-store
x-debug-info
eyJyZXRyaWVzIjowfQ==
accept-ranges
bytes
x-robots-tag
index, follow
expires
Mon, 10 Apr 2023 02:05:13 GMT
MODULAR_PIECES_Reimagine_rearrange.jpg
www.lovesac.com/media/wysiwyg/
291 KB
291 KB
Image
General
Full URL
https://www.lovesac.com/media/wysiwyg/MODULAR_PIECES_Reimagine_rearrange.jpg
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f241f8e70dfee5a7d052c2529c239c877ed7463bb74f9e075d0a73a7d802433f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
19, 0
date
Wed, 10 Apr 2024 02:05:13 GMT
strict-transport-security
max-age=31536000
x-platform-server
i-06d8f9e5143926b77, i-06d8f9e5143926b77
fastly-io-served-by
vpop-haf2300712
traceresponse
00-17c269a09a708ebed5a7c3f9c40998d7-48a31490bebce032-01
age
667766
x-cache
HIT, HIT
fastly-io-info
ifsz=900748 idim=2560x1123 ifmt=jpeg ofsz=297592 odim=2560x1123 ofmt=webp
fastly-stats
io=1
content-length
297592
x-served-by
cache-bfi-krnt7300108-BFI, cache-fra-eddf8230114-FRA
etag
"tGIzXnLGRLOg2C00UYX9pecpMdhoVPuVIGvQUt5Ep2Y"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
x-debug-info
eyJyZXRyaWVzIjowfQ==
accept-ranges
bytes
x-robots-tag
index, follow
expires
Wed, 02 Apr 2025 08:35:46 GMT
WASHABLE_COVERS_Mess.jpg
www.lovesac.com/media/wysiwyg/
309 KB
309 KB
Image
General
Full URL
https://www.lovesac.com/media/wysiwyg/WASHABLE_COVERS_Mess.jpg
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b063c7e5c7b6a45bff7a74902d6143a929b4384da4ff6315cb3e3a74338663a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
19, 0
date
Wed, 10 Apr 2024 02:05:13 GMT
strict-transport-security
max-age=31536000
x-platform-server
i-06302f69d529ac69f, i-06302f69d529ac69f
fastly-io-served-by
vpop-haf2300701
traceresponse
00-17c269a0fe0c51f01dade10f79bdbc05-47cfbcc158c838a3-01
age
667764
x-cache
HIT, HIT
fastly-io-info
ifsz=826522 idim=2560x1123 ifmt=jpeg ofsz=316286 odim=2560x1123 ofmt=webp
fastly-stats
io=1
content-length
316286
x-served-by
cache-bfi-kbfi7400024-BFI, cache-fra-eddf8230114-FRA
etag
"cHP6/Z5WyZGwbJEyrK0wgZBylsMV4bS/DPYswAdgW5I"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
x-debug-info
eyJyZXRyaWVzIjowfQ==
accept-ranges
bytes
x-robots-tag
index, follow
expires
Wed, 02 Apr 2025 08:35:48 GMT
player.js
www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/vimeo/
72 KB
16 KB
Script
General
Full URL
https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/vimeo/player.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/static/version1712138900/frontend/BlueAcorn/site/en_US/requirejs/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5dc0780bfec24d902a3fa2cb15b04424a35b4979f527438edcab7efcfa10f875
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
x-platform-server
i-06302f69d529ac69f, i-06302f69d529ac69f
age
351583
traceresponse
00-17c2bd89aae00f97ecccb581e07a78a1-d5b93d063faa332b-01
x-cache
HIT, HIT
content-length
15796
x-served-by
cache-bfi-kbfi7400100-BFI, cache-fra-eddf8230114-FRA
last-modified
Wed, 03 Apr 2024 10:08:24 GMT
etag
"660d2a98-3dbe"
vary
Accept-Encoding
content-type
application/javascript
x-debug-info
eyJyZXRyaWVzIjowfQ==
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-robots-tag
index, follow
x-cache-hits
6, 0
lovesac.com-dynamic.json
cdn.gladly.com/orgs/configs/chat/
525 B
1017 B
Fetch
General
Full URL
https://cdn.gladly.com/orgs/configs/chat/lovesac.com-dynamic.json
Requested by
Host: cdn.gladly.com
URL: https://cdn.gladly.com/assets/chat-sdk/apiBootstrap~6e0136c43e4f53e654a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:5e00:c:2652:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d16c3e405ef62aa4fdf11e447cae70eab3ae1a9bdc4345f988a50f4d47b3cde

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
date
Wed, 10 Apr 2024 02:05:14 GMT
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
x-cache
RefreshHit from cloudfront
content-length
525
last-modified
Wed, 10 Apr 2024 00:30:50 GMT
server
AmazonS3
etag
"c35a833cb1c51a3fdd116eab0f884f15"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
dNnuKZrz6yY3yvwXYmseyWkeA_s_PXUFKGoTMEpRV8D3MciGisO5kw==
logo.png
assets.pixlee.com/images/
13 KB
13 KB
Image
General
Full URL
https://assets.pixlee.com/images/logo.png
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
651bc68d38f20fa91d464a65236563766e944d28b80f4bc6d003fb36dc8e930c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
via
1.1 varnish, 1.1 varnish
date
Wed, 10 Apr 2024 02:05:13 GMT
fastly-io-served-by
vpop-kiad7010213
x-amz-request-id
T406PCY2AQYJNZMG
age
721096
x-cache
HIT, HIT
fastly-io-info
ifsz=23512 idim=200x200 ifmt=png ofsz=12930 odim=200x200 ofmt=webp
fastly-stats
io=1
content-length
12930
x-amz-id-2
ZUy4GbWLr8wMSLdMSo1hs0sGbASkASUaayKeQLPDZXtP5zAudgUnUUYKV0eOAxQluYgyiIwl7kc=
x-served-by
cache-iad-kcgs7200091-IAD, cache-fra-eddf8230101-FRA
server
AmazonS3
x-timer
S1712714713.395863,VS0,VE0
etag
"o/5h+pgEBqFNIP2Mhf/Unnc7ME4RnPsCr5xxAXlKR4w"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=26280000,s-maxage=2628000,immutable
accept-ranges
bytes
x-cache-hits
2622, 246
300
j730.lovesac.com/DG/DEFAULT/rest/rpc/
39 KB
8 KB
XHR
General
Full URL
https://j730.lovesac.com/DG/DEFAULT/rest/rpc/300?referer=https%3A%2F%2Fwww.lovesac.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2024-04-10T04%3A05%3A13%2B02%3A00&ts=1712714713423
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-97.fra60.r.cloudfront.net
Software
- /
Resource Hash
d4a5d596bd8a62cef7a1ca4f4313d987976e106e57343a7bd033a57ff8aac366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA60-P6
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
7397
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lovesac.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
N_ZlAAfyNfMObgnhlVwRObKmolNSxKlglmCnntAgyrl5H6fTZ23gIQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
singleupload
app.securiti.ai/privaci/v1/consent/cookie/ Frame
0
0
Preflight
General
Full URL
https://app.securiti.ai/privaci/v1/consent/cookie/singleupload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.226.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aedf1f689f9b4287e.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-auth-token
Access-Control-Request-Method
POST
Origin
https://www.lovesac.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,content-type,x-request-id,x-correlation-id,X-Xsrftoken,X-Auth-Token,X-User-Auth-Token,X-Tenant-Id,X-CMP-UUID,x-xsrf-token,X-DSP-USERID,X-CMP-DOMAIN-ID,X-CMP-FORM-ID,isotype,X-CMP-PrefCenter-Id,X-ORG-ID,x-api-secret,x-tident,x-api-key,X-USER-TOKEN,Authorization,X-Email-Id
access-control-allow-origin
https://www.lovesac.com
access-control-request-method
POST
content-length
0
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
date
Wed, 10 Apr 2024 02:05:13 GMT
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
singleupload
app.securiti.ai/privaci/v1/consent/cookie/
67 B
401 B
XHR
General
Full URL
https://app.securiti.ai/privaci/v1/consent/cookie/singleupload
Requested by
Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.226.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aedf1f689f9b4287e.awsglobalaccelerator.com
Software
/
Resource Hash
f1e25328be62ee5aca4777d33ecfbaf64a502f80dac2008bd7197e236cac8dc7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.lovesac.com/
X-Auth-Token
15274b0f-6921-4cc0-9047-1e2e11249587
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=315360000
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lovesac.com
access-control-allow-credentials
true
content-length
67
x-xss-protection
1; mode=block
collect.js
cdn.noibu.com/
196 KB
61 KB
Script
General
Full URL
https://cdn.noibu.com/collect.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-79.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
b34334896be909f4ebf4fa3c32bf4ffdbcf0a1470ece25df24082181f29d8392

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:00:38 GMT
content-encoding
gzip
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P1
age
275
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
content-length
62247
x-amz-cf-id
0AwhTv2cYsc5go5l33b-LOUKiuI8lXB4pkZm_VfjHAR3ut4jEJrhqQ==
bv.js
apps.bazaarvoice.com/deployments/lovesac/main_site/production/en_US/
77 KB
24 KB
Script
General
Full URL
https://apps.bazaarvoice.com/deployments/lovesac/main_site/production/en_US/bv.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:2800:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd9b9ea95885374cf9ac53d03f8d71a4f2db481ecc77d1da160e3a3b2bffd9c6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
tU_hrUpH.TwxC.sEBBzWCHDJTjDKIrDV
content-encoding
gzip
via
1.1 0c32b42e3b5070fcbe6b5b320d0621b2.cloudfront.net (CloudFront)
date
Wed, 10 Apr 2024 02:05:13 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA56-P10
age
83
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
24129
last-modified
Thu, 22 Feb 2024 23:11:33 GMT
server
AmazonS3
etag
"50baf831aa8351f18db4774f2af1d493"
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
Rc30piobkrRLBVtDoH8_EiSmH5LMs6y_PIPEkWvMk9TcefKh_wTfHw==
collect-worker.js
cdn.noibu.com/
9 KB
5 KB
Fetch
General
Full URL
https://cdn.noibu.com/collect-worker.js
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-79.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
aaa6700ae2cf1939b4a7b3e83995ceb39130488da49dcf0fe57b7d82e83239eb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:00:40 GMT
content-encoding
gzip
via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P1
age
273
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
content-length
4479
x-amz-cf-id
H-6yxzHnhjwVHs-Qs84Vp00F4muQL_vQG3w9Rk5bRCLomx8DEquZTg==
api-0.8.2.js
apps.bazaarvoice.com/apps/api/
32 KB
11 KB
Script
General
Full URL
https://apps.bazaarvoice.com/apps/api/api-0.8.2.js
Requested by
Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:2800:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dccfc3418e69f6ca37f92a3459c360d871b36744be9a4e2b96bbe3ae4e45e4fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 12 Feb 2024 14:17:53 GMT
content-encoding
gzip
via
1.1 0c32b42e3b5070fcbe6b5b320d0621b2.cloudfront.net (CloudFront)
x-amz-version-id
kvnMIwPjpbNt45nTgF9mmYA0x1y87znz
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA56-P10
age
4967241
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
10599
last-modified
Tue, 28 Jun 2022 11:19:05 GMT
server
AmazonS3
etag
"86a440b08f71ad9de17500c8946fa7a1"
vary
Origin
content-type
text/javascript;charset=UTF-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_GbKQGNVF9LKeM-8zSyyTL97Mw1NYTmtUvj9bmCPyLfLYdda9jWOcw==
api-config.js
apps.bazaarvoice.com/deployments/lovesac/main_site/production/en_US/
2 KB
1 KB
Script
General
Full URL
https://apps.bazaarvoice.com/deployments/lovesac/main_site/production/en_US/api-config.js
Requested by
Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:2800:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7204700359b5ce5edccf01ef8cb8acee593a2f2ee85c8bb2befb4cef0ea32479
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
k6Xz56_H02rgRRA9wagNxZwJxksoGj0C
content-encoding
gzip
via
1.1 0c32b42e3b5070fcbe6b5b320d0621b2.cloudfront.net (CloudFront)
date
Wed, 10 Apr 2024 02:05:13 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA56-P10
age
81
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
829
last-modified
Thu, 22 Feb 2024 23:11:28 GMT
server
AmazonS3
etag
"921d11921bbaf266da435f1d05aab119"
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
kOgJjHCJ9V-Cs4hXKsHPkB6sMFrzFOE22PKGZMjEQmq1r5Vqm0WbUw==
bv-analytics.js
apps.bazaarvoice.com/analytics/
40 KB
13 KB
Script
General
Full URL
https://apps.bazaarvoice.com/analytics/bv-analytics.js
Requested by
Host: apps.bazaarvoice.com
URL: https://apps.bazaarvoice.com/bv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:2800:d:274d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d22f48243f28ae0d3cfbbc0ec1919450e5249f32645dfdf104c83d0b5cfd00c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:45:46 GMT
content-encoding
gzip
via
1.1 0c32b42e3b5070fcbe6b5b320d0621b2.cloudfront.net (CloudFront)
x-amz-version-id
bpPpZ5pM20Ya_S0L3_fvvcnrkhtTNNfQ
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA56-P10
age
148768
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
12865
last-modified
Tue, 28 Feb 2023 07:25:25 GMT
server
AmazonS3
etag
"d30320dafbb1e585d933d2657267b544"
vary
Origin
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
uiv3jwjGscfCfW_7hP1W28ltOU5ESocpNSUlMdsE5xEdwIcHKiOdJw==
96f8866c-80f9-4c26-ab79-d7823ccbe99e
https://www.lovesac.com/
9 KB
0
Other
General
Full URL
blob:https://www.lovesac.com/96f8866c-80f9-4c26-ab79-d7823ccbe99e
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaa6700ae2cf1939b4a7b3e83995ceb39130488da49dcf0fe57b7d82e83239eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
9174
Content-Type
application/javascript
a.gif
network-a.bazaarvoice.com/
43 B
231 B
Image
General
Full URL
https://network-a.bazaarvoice.com/a.gif?loadId=d33fb95860769ed3&BVBRANDID=e3d748b9-f6b2-4ece-a47d-8f4200f8e245&BVBRANDSID=6088b9cf-c089-45f6-871c-65cc81198e2b&tz=-120&sourceVersion=3.17.2&magpieJsVersion=3.17.2&source=bv-loader&environment=prod&client=lovesac&dc=22461&host=www.lovesac.com&r_batch=!((bvProduct:bv-loader,bvProductVersion:%2713.21.7%27,cl:Diagnostic,deploymentZone:main_site,elapsedMs:%271.1000%27,endTime:%272267.9000%27,locale:en_US,name:timeToRunScout,startTime:%272266.8000%27,type:Performance))&_=z5ap16
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.91.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-91-184.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON COR"
date
Wed, 10 Apr 2024 02:05:13 GMT
cache-control
no-cache, no-transform, must-revalidate, max-age=0
content-type
image/gif
server
nginx
content-length
43
expires
-1
sp.min.js
cdnjs.cloudflare.com/ajax/libs/snowplow/2.16.3/
76 KB
23 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/snowplow/2.16.3/sp.min.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c4b37e1a1a629c838a519652ddb794ff357eb469ea309904b70831a37541f26
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
536104
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22953
last-modified
Wed, 25 Nov 2020 19:51:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fbeb5c9-12e22"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wjpr2rpRLvGSOCp19%2BU1GCw1NSaFHhtpWVtTba%2BIbzW6PzPHkA3jgtMIzhPnUBbf4jhcICQ6F84CklEpUk9hxRrIhxQA5Pbxa2dGiUb3HLm2BvG1%2B%2BKOLLi6volWITiKIbVkWFqB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
871f2bafed9dbbe9-FRA
expires
Mon, 31 Mar 2025 02:05:13 GMT
overlay
share.lovesac.com/zones/
54 KB
13 KB
XHR
General
Full URL
https://share.lovesac.com/zones/overlay
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.204.188.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-188-67.compute-1.amazonaws.com
Software
Extole /
Resource Hash
49f494a792999e895b2a35d265ed2fb330caa74a107065c4fb56c6d9e8bf5c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="Please see our privacy policy"
server
Extole
x-extole-token
H70LAH4GJE50EVDCSULDBNVLQM
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
text/javascript
access-control-allow-origin
https://www.lovesac.com
access-control-expose-headers
X-Extole-Token
cache-control
no-cache
access-control-allow-credentials
true
x-extole-cookie-consent
YEAR
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
expires
Wed, 10 Apr 2024 02:05:12 GMT
d0dd08eb20c02d929865b54259d9f32a
j730.lovesac.com/plugin/plugin/
109 KB
26 KB
Script
General
Full URL
https://j730.lovesac.com/plugin/plugin/d0dd08eb20c02d929865b54259d9f32a
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-97.fra60.r.cloudfront.net
Software
- /
Resource Hash
14dfdd4a7b1ae0d19c37f4a9a07425148ee0e78c2f863058b35668b0264e6c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 07:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA60-P6
age
585415
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
26497
x-xss-protection
1; mode=block
last-modified
Tue, 02 Apr 2024 07:28:18 GMT
server
-
etag
d0dd08eb20c02d929865b54259d9f32a
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
DQ_g2iXsdNpCXGBjY1NBZSlUKA61iaxaL5lQPpg0zezDGspwWiXcEw==
expires
Thu, 03 Apr 2025 07:28:18 GMT
dcd3d971b487eb957822b3bb1a62a7c8
j730.lovesac.com/plugin/library/
208 KB
63 KB
Script
General
Full URL
https://j730.lovesac.com/plugin/library/dcd3d971b487eb957822b3bb1a62a7c8
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-97.fra60.r.cloudfront.net
Software
- /
Resource Hash
a29554e154e43f24d177b51984cb9adbe1e3c9e032e3295e278744ebb9267481
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 07:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA60-P6
age
585414
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
63575
x-xss-protection
1; mode=block
last-modified
Tue, 02 Apr 2024 07:28:18 GMT
server
-
etag
dcd3d971b487eb957822b3bb1a62a7c8
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
-o6kGFg7e8f5IYB8XSFQFIN2FW4aKR1ZX9pom70RsDWC3KMEJjsmbA==
expires
Thu, 03 Apr 2025 07:28:18 GMT
LB-Zone-1
j730.lovesac.com/DG/DEFAULT/rest/rpc/300/
2 KB
1 KB
XHR
General
Full URL
https://j730.lovesac.com/DG/DEFAULT/rest/rpc/300/LB-Zone-1?referer=https%3A%2F%2Fwww.lovesac.com%2F&bcsessionid=&bctempid=4ea04070-b7c3-407a-bc16-5f6aa68ffdcb&overruleReferrer=&time=2024-04-10T04%3A05%3A13%2B02%3A00&ts=1712714713742
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-97.fra60.r.cloudfront.net
Software
- /
Resource Hash
dbc5626f889266ac44282836e28305cb579b7342c9475e0427ea767b34a1caca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA60-P6
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
710
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lovesac.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
SfTu92ms6xxWL8bntpXaQ_XgOh8PXtxK7UiXrf1hmDvCMRIzihlW3w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
singleupload
app.securiti.ai/privaci/v1/consent/cookie/ Frame
0
0
Preflight
General
Full URL
https://app.securiti.ai/privaci/v1/consent/cookie/singleupload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.226.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aedf1f689f9b4287e.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-auth-token
Access-Control-Request-Method
POST
Origin
https://www.lovesac.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,content-type,x-request-id,x-correlation-id,X-Xsrftoken,X-Auth-Token,X-User-Auth-Token,X-Tenant-Id,X-CMP-UUID,x-xsrf-token,X-DSP-USERID,X-CMP-DOMAIN-ID,X-CMP-FORM-ID,isotype,X-CMP-PrefCenter-Id,X-ORG-ID,x-api-secret,x-tident,x-api-key,X-USER-TOKEN,Authorization,X-Email-Id
access-control-allow-origin
https://www.lovesac.com
access-control-request-method
POST
content-length
0
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
date
Wed, 10 Apr 2024 02:05:13 GMT
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
l
use.typekit.net/af/635674/00000000000000000000e800/27/
18 KB
18 KB
Font
General
Full URL
https://use.typekit.net/af/635674/00000000000000000000e800/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n1&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pee8cij.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7cc2e9383273604c39b525dc366bb6467ea148236649caa15e1e7c2dc6c052c0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://use.typekit.net/pee8cij.css
Origin
https://www.lovesac.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
server
nginx
etag
"aba4b344d0cef3fdee56ee0775c652fa5c0cf812"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17944
singleupload
app.securiti.ai/privaci/v1/consent/cookie/
67 B
401 B
XHR
General
Full URL
https://app.securiti.ai/privaci/v1/consent/cookie/singleupload
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.226.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aedf1f689f9b4287e.awsglobalaccelerator.com
Software
/
Resource Hash
f1e25328be62ee5aca4777d33ecfbaf64a502f80dac2008bd7197e236cac8dc7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.lovesac.com/
X-Auth-Token
15274b0f-6921-4cc0-9047-1e2e11249587
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:14 GMT
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=315360000
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lovesac.com
access-control-allow-credentials
true
content-length
67
x-xss-protection
1; mode=block
b2c1b5f5cb8bdd60aa3b033176d1ae56.js
try.abtasty.com/
5 KB
3 KB
Script
General
Full URL
https://try.abtasty.com/b2c1b5f5cb8bdd60aa3b033176d1ae56.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d29151ef6b3648bf41f3f0849645ac4a8fb8cc59371363d15703c93120ed5efc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
PMO50ke5Fhh67OEmxTbc3sAZzx.VpJXc
content-encoding
gzip
via
1.1 65f647a85e0d39dc9a468588d0d66886.cloudfront.net (CloudFront)
date
Wed, 10 Apr 2024 02:05:13 GMT
x-amz-cf-pop
FRA60-P8
age
79383
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 04 Apr 2024 20:13:46 GMT
server
AmazonS3
etag
W/"6fa53843ef7122af647f37efcdbd1624"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=86400,max-age=30
x-amz-cf-id
xpfeI9Bee3mRUmeIUxdMX_erOf9QG32gH-uJckWhtu41zoXUIqBIgQ==
tag.js
www.mczbf.com/tags/547167638839/
44 KB
14 KB
Script
General
Full URL
https://www.mczbf.com/tags/547167638839/tag.js?cookieUrl=https%3A%2F%2Fwww.lovesac.com%2Fcookie%2Findex%2Findex
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:b000:16:4ed5:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
603c3c93d9ffe3eebc33fbcac450de04f75eb83b8022f6da7994826ec4709e07

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 02:05:13 GMT
Content-Encoding
gzip
Via
1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
FRA2-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=1800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
X-Amz-Cf-Id
UG_L95xAC3nX1sjIJH-IiN0F9RGPrguLFXRH0mKsLYCXCKCi3NJUfg==
X-Request-ID
c4b346e7-f6de-11ee-b816-0763d132cefe
js
www.googletagmanager.com/gtag/
259 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SN4TBNHBCF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
49816e3ef480597e5ea3b2eaf8b0167006a1a00965dc2b83df237da88ca5b4ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92521
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 Apr 2024 02:05:13 GMT
quantum-lovesac.js
cdn.quantummetric.com/qscripts/
251 KB
76 KB
Script
General
Full URL
https://cdn.quantummetric.com/qscripts/quantum-lovesac.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.20.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bd928fd1a0f92367fd7f323668d0eab16af378ae8ad448000fb3b92a9e824f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options no-sniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
no-sniff
cf-cache-status
EXPIRED
content-encoding
br
server
cloudflare
etag
W/"171164973102617125957344231712649602947"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
x-robots-tag
noindex
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=86400
cf-ray
871f2bb15e14380e-FRA
destination
www.googletagmanager.com/gtag/
194 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-13921035&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c6dd53c85e7f4713dcbe503f518904e4f819d259192a7b3c67120a55af72e002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72226
x-xss-protection
0
last-modified
Wed, 10 Apr 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Apr 2024 02:05:13 GMT
bat.js
bat.bing.com/
45 KB
13 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 10 Apr 2024 02:05:13 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F515292E376F4457B872BCEE7DB393DD Ref B: FRAEDGE1809 Ref C: 2024-04-10T02:05:13Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
core.js
s.pinimg.com/ct/
5 KB
2 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fa7dc1f49c37b28d767e1ad64998a1c0c2f7b44d3a6ae68a9dce72bdc6574019

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
br
x-cdn
fastly
etag
"5f9456a62b94027f2e116bffedc2cde1"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=7200
alt-svc
h3=":443";ma=600
content-length
1883
ld.js
static.criteo.net/js/ld/
47 KB
15 KB
Script
General
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a3079657dfdc9d6cf095aa78e354abd79b829219afd5f6244452323f5101fccd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 28 Feb 2024 19:26:21 GMT
server
nginx
etag
W/"65df88dd-bc93"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 Apr 2024 02:05:13 GMT
t.js
cdn1-res.sundaysky.com/vop/v2/
3 KB
2 KB
Script
General
Full URL
https://cdn1-res.sundaysky.com/vop/v2/t.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-55.fra56.r.cloudfront.net
Software
/
Resource Hash
f7c20d02ef54341b1562afe8db32d1bc701bb7974db2ffc0a560097e3875c1be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 02:26:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P6
Age
344325
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 21 Feb 2024 14:19:50 GMT
ETag
W/"2603-1708525190000"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=604800
X-Amz-Cf-Id
t4owfjKOhO6cdcSNA62k3gvot_LdDnpryvVihLAZcBDQNlu3o-Mnbw==
fbevents.js
connect.facebook.net/en_US/
218 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 10 Apr 2024 02:05:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57850
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2805, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
KI1ypwT+koQwXBiPL0Sud2e8F4N1ItlLbmkWgMtsW6J2RhtQU8r9GvSFMXC3sorMlhxSfCAIr0z9WO6prkx0yA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
lightbox_inline.js
www.lightboxcdn.com/vendor/dd608e6d-75ec-4b01-990d-b4a448031a5e/
2 KB
1 KB
Script
General
Full URL
https://www.lightboxcdn.com/vendor/dd608e6d-75ec-4b01-990d-b4a448031a5e/lightbox_inline.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
265c33916e1b0a20d7b9ed9221c90213ea347b40d0346385ab0f55580c462bf8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Apr 2024 02:05:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
content-md5
b4sRL5GQ6azMjqB3oiu6Rw==
cf-polished
origSize=2532
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Mon, 26 Feb 2024 18:51:16 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4569300f-601e-0030-227c-75421a000000
x-ms-version
2009-09-19
cf-ray
871f2bb1af3c4d58-FRA
dtag.js
cdn.attn.tv/lovesac/
8 KB
4 KB
Script
General
Full URL
https://cdn.attn.tv/lovesac/dtag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:fe00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0d8d3f65feaa57324b16781b24f4999220a7496fcfbc534bc4d24923d763937

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
M.ZhlpHYdN.bdLOQCFsOb1dnpzI3beTD
content-encoding
gzip
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
date
Wed, 10 Apr 2024 02:05:16 GMT
last-modified
Tue, 09 Apr 2024 13:40:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
etag
W/"efa9adc084ee4cfd1fedec2fde3e7e01"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
public, max-age=120
x-amz-replication-status
COMPLETED
x-amz-cf-id
NxIUT4VPHw3chvXztoFJ7HXFrbB40NoOjfz8KoKnWI2tsrRfsNu3NQ==
scevent.min.js
sc-static.net/
44 KB
19 KB
Script
General
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-250.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
f563aec552103867adcb967e41b1699c9d15e1aa257c7a210f70f5cd71e6a0ef

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
gzip
via
1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
19297
x-amz-cf-id
W9MFiUf0dqs1NJS0JKyglRRGzL-euALgEmIuFszjHrVxMZh-N7DBFw==
sync
live.rezync.com/
766 B
1 KB
Script
General
Full URL
https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=2c6db7f95e77278f126555c41d69ea6f&k=lovesac-furniture-pixel-2644&zmpID=lovesac-furniture&currency=USD&custID={custID}&custType={custType}&storeID={storeID}&categoryID={categoryID}&productID={productID}&cartID={cartID}&cartTotal={cartTotal}&cartQty={cartQty}&OrderID={OrderID}&OrderAmount={OrderAmount}&OrderQty={OrderQty}&promoCode={promoCode}&custom1={custom1}&custom2={custom2}&custom3={custom3}&e_md5={e_md5}&e_sha={e_sha}&cache_buster={cache_buster}&PageUrl={PageUrl}
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-28.fra56.r.cloudfront.net
Software
lighttpd/1.4.69 /
Resource Hash
bf1501b1433275aff2adeeaf1cd942cff32d7677719f9908a57ba1a80e2366e1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
via
1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA56-C2
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
766
x-amz-cf-id
Ht1u5QnpiGIwBErcayurXJw7o1t1hNWV2ZxK5Hx-bHeh-CZGM_iSDg==
events.js
analytics.tiktok.com/i18n/pixel/
5 KB
3 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBALQTJC77U73BSUO3QG&lib=ttq
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-129.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1e70b91c30fa6b31f9b24c9c60c9ec05ab57ea52a99aaa664906dacb154aace7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
5410416.247bc622
date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24041002051378DF1CE9D3483C11A203-4028E22E4068B02B-00
x-cache
TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
x-parent-response-time
95,104.126.37.125
server-timing
cdn-cache; desc=MISS, edge; dur=94, origin; dur=5, inner; dur=2
content-length
1741
pragma
no-cache
server
nginx
x-tt-logid
2024041002051378DF1CE9D3483C11A203
x-cache-remote
TCP_MISS from a23-220-105-213.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.220.105.213
x-tt-trace-host
01eefdfa336408dc4139d00d1b7a95e7b6352b4c8562cf2ba4f138ac30656cc605f88dd965df73901a20872e0b914116efdd6ccf8cc7773874812ba8286ecb69d64341e68ca27007661cab8b4b54ed1811ee873cb7d205ffb3b0303e16fc6051c0f91b31ddf51e8fac0e1e0720ed764442
expires
Wed, 10 Apr 2024 02:05:13 GMT
/
servedby.flashtalking.com/container/26402;132266;14656;iframe/ Frame 33D9
0
0
Document
General
Full URL
https://servedby.flashtalking.com/container/26402;132266;14656;iframe/?spotName=Homepage&cachebuster=751347.461772713
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-232.deploy.static.akamaitechnologies.com
Software
prod-xre-app13.frk11 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.lovesac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Allow-Fenced-Frame-Automatic-Beacons
true
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Length
366
Content-Type
text/html
Date
Wed, 10 Apr 2024 02:05:13 GMT
Expires
Wed, 10 Apr 2024 02:05:13 GMT
Pragma
no-cache
Server
prod-xre-app13.frk11
Strict-Transport-Security
max-age=86400
Vary
Accept-Encoding
pixlee_events.js
assets.pixlee.com/assets/
47 KB
17 KB
Script
General
Full URL
https://assets.pixlee.com/assets/pixlee_events.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dfce54a47dfb79409e1482c3dcd7d1bbf1c81ae25c19bb7ed763c81f4e237c61

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 06 Feb 2024 03:39:33 GMT
x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 10 Apr 2024 02:05:13 GMT
x-amz-request-id
2HVCVMBFT7YMB6DB
age
721109
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
16550
x-amz-id-2
It/oPcZ0DACgSrmcxZANTYrR+chlzoirClytwG4c4QPHch7JE8jJigyEX70rOO+MXHgIo3gYARg=
x-served-by
cache-iad-kiad7000052-IAD, cache-fra-eddf8230101-FRA
last-modified
Mon, 05 Feb 2024 17:46:29 GMT
server
AmazonS3
x-timer
S1712714714.799934,VS0,VE0
etag
"8f635b60db7a8b557f7bf0f993ad0993"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=26280000,s-maxage=2628000,immutable
accept-ranges
bytes
x-cache-hits
25, 4624
r3-h9bHMbxKHK9N4N5_vQCXMt34-Vj69u1S_mj1U.js
client.prod.mplat-ppcprotect.com/
61 KB
27 KB
Script
General
Full URL
https://client.prod.mplat-ppcprotect.com/r3-h9bHMbxKHK9N4N5_vQCXMt34-Vj69u1S_mj1U.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:4c00:7:4973:1b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d31ef610450e6866499b72e26e5fd1a697428fd89475efed752fc3c956b5abb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src * data:; object-src 'none'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 14:12:11 GMT
x-amz-version-id
rgkgKkoQ6K7A_i4dlRzkKByhOo3hd48I
content-encoding
br
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src * data:; object-src 'none'
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P1
age
42783
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 19 Mar 2024 15:12:11 GMT
server
AmazonS3
etag
W/"106bba2b31160920c04d8ee96ac82d6e"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/js
x-amz-cf-id
Osr07ALGIm_Md00bwDJfz1CbBUOLaQ9PlLifK2bbQOsk5toEL-pYNw==
embed.js
resources.digital-cloud-west.medallia.com/wdcwest/541901/onsite/
1 KB
998 B
Script
General
Full URL
https://resources.digital-cloud-west.medallia.com/wdcwest/541901/onsite/embed.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.121.230 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66e8f21e3c39203bf554b88ebe4bdf2b40b5e51d3b4e6d64a6e3084e437df2fe
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
KNTNTu_Sk09xwDWDFhCDLa0jTKrahrUW
content-encoding
gzip
via
1.1 varnish
date
Wed, 10 Apr 2024 02:05:13 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
QCVW8DCS5M8FTKVQ
age
132598
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
532
x-amz-id-2
6TNx0WTHyDzlraBqVGtln3+sHlPeX7Y7927hlQ/VeyGaQu2oaGIdnolWufDt681KMa7cP4Ph7LJRPwDhrHDhHA==
x-served-by
cache-fra-etou8220063-FRA
last-modified
Tue, 26 Mar 2024 15:20:17 GMT
server
AmazonS3
x-timer
S1712714714.895925,VS0,VE1
etag
"315b16d2749ac0f107d275f475ca0564"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
0
/
safevisit.online/
4 KB
2 KB
Script
General
Full URL
https://safevisit.online/?lcid=11083
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
5c9a27d96fe6322278b3ec67e677fe61b59314f38fe8659f983451a7c895e45c
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'self'
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
server
Google Frontend
date
Wed, 10 Apr 2024 02:05:14 GMT
vary
Accept-Encoding
x-frame-options
Deny
content-type
text/javascript
access-control-allow-origin
*
x-cloud-trace-context
d6c2fa2d4c74588af6488d8e008facbc
cache-control
private
content-length
1600
x-xss-protection
1; mode=block
up_loader.1.1.0.js
js.adsrvr.org/
9 KB
4 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-103-101.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 09 Apr 2024 04:57:49 GMT
Content-Encoding
gzip
Via
1.1 1fa1c6285afcbdedfbb042a0993ed182.cloudfront.net (CloudFront)
Last-Modified
Fri, 01 Mar 2024 19:43:19 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P8
Age
76045
x-amz-server-side-encryption
AES256
ETag
W/"a023114c374b2d4f49e3420f667f8e66"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
DM7kuxsgI66OpvN7tYvsa_bLhLnoRo8_3WhdOzep2nI0MOHhJUQyjg==
/
data.adxcel-ec2.com/pixel/
43 B
131 B
Image
General
Full URL
https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=lead&pixid=8daafda4-dae2-4e83-8438-d1b065b07639
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.11.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-11-20.compute-1.amazonaws.com
Software
/
Resource Hash
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Length
43
Content-Type
image/gif
js
www.googletagmanager.com/gtag/
245 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EE9DYJBNV5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNGFJS5&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
36620858bac089c31ac25ee89ebac718e2d7814a0fb9f76dacc134dd2597256c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88722
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 Apr 2024 02:05:13 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 Apr 2024 01:48:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1026
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 10 Apr 2024 03:48:08 GMT
commons.9b20dd57c6f12e1beb80.js
try.abtasty.com/shared/
7 KB
3 KB
Script
General
Full URL
https://try.abtasty.com/shared/commons.9b20dd57c6f12e1beb80.js
Requested by
Host: try.abtasty.com
URL: https://try.abtasty.com/b2c1b5f5cb8bdd60aa3b033176d1ae56.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
618ad76495dd6d322f6e225fd6bee12db7ad4479d7e0aaf39cd76e0a368342ac

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 26 Feb 2024 13:47:01 GMT
x-amz-version-id
I759_v4LArLWDcMKV_huSSwP.Exoy2M3
content-encoding
br
via
1.1 65f647a85e0d39dc9a468588d0d66886.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
age
3759493
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 26 Feb 2024 13:46:58 GMT
server
AmazonS3
etag
W/"26c3c284edadc317106c9358baf83ab5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=31536000,max-age=31536000
x-amz-cf-id
qJMBi4eD4Hzs9nxFyToGoiUjR_H4jDXaquJrMitPulS5IeLNyRSybA==
main.c077813646866f6c71c7.js
try.abtasty.com/b2c1b5f5cb8bdd60aa3b033176d1ae56/
151 KB
44 KB
Script
General
Full URL
https://try.abtasty.com/b2c1b5f5cb8bdd60aa3b033176d1ae56/main.c077813646866f6c71c7.js
Requested by
Host: try.abtasty.com
URL: https://try.abtasty.com/b2c1b5f5cb8bdd60aa3b033176d1ae56.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17263714d72ad714f1f1a7074ee7b97765b950c8e32b7e127fec7f4c1394a991

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 20:13:50 GMT
x-amz-version-id
l1G_oMWparlk0svt2loWGVbuK5PVuw7Q
content-encoding
br
via
1.1 65f647a85e0d39dc9a468588d0d66886.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
age
453084
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 04 Apr 2024 20:13:45 GMT
server
AmazonS3
etag
W/"9e24dacf9f42fe63bf63cfdb3639ba2b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=31536000,max-age=31536000
x-amz-cf-id
K39muuPx-wLcFq0qcv1shzhsW4vi3pJl7UcQtiKU6Bl0zzmDiQKDKA==
me.7d4a349527f92fc578d9.js
try.abtasty.com/shared/
26 KB
6 KB
Script
General
Full URL
https://try.abtasty.com/shared/me.7d4a349527f92fc578d9.js
Requested by
Host: try.abtasty.com
URL: https://try.abtasty.com/b2c1b5f5cb8bdd60aa3b033176d1ae56.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d1b3d626ef2fe0a08f49f3eee2c5a769c36da469e7f8e7e557658effa3dc81a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 19 Mar 2024 08:55:17 GMT
x-amz-version-id
zaJqcZYD9stEpTpQj0dDHGLJOR1OTVko
content-encoding
br
via
1.1 65f647a85e0d39dc9a468588d0d66886.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
age
1876197
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 19 Mar 2024 08:55:14 GMT
server
AmazonS3
etag
W/"a2b9bc5819aa624c49a0036b660ab72b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=31536000,max-age=31536000
x-amz-cf-id
2CRfyND0KV78Q2ukWd15NPD8w5cK0SBi-QrFcAuA_1xIQHqL7mUKZg==
analytics.a826d0d9c103275e2e7d.js
try.abtasty.com/shared/
21 KB
7 KB
Script
General
Full URL
https://try.abtasty.com/shared/analytics.a826d0d9c103275e2e7d.js
Requested by
Host: try.abtasty.com
URL: https://try.abtasty.com/b2c1b5f5cb8bdd60aa3b033176d1ae56.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f62e44d3e4b7377192393fdb772e347500448bfe7658f42ce0e62efaa0ae9ec5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 07:33:03 GMT
x-amz-version-id
CGeBD5GK5HBbf4DeXgk4sjFhi..anymq
content-encoding
br
via
1.1 65f647a85e0d39dc9a468588d0d66886.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
age
498731
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 04 Apr 2024 07:32:59 GMT
server
AmazonS3
etag
W/"cac40e8ad5ccc61d5460d9d66bdda6c6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=31536000,max-age=31536000
x-amz-cf-id
Wg8oj7gBFuHbeG2g8Hos7-bchkD9M5AziA1uasaTkMYVlLs78W6tww==
main.d1ecc6ee.js
s.pinimg.com/ct/lib/
64 KB
18 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.d1ecc6ee.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5c2ba19c6d5b3736aed2ec9e806a3d6633b653a72a1d7160ad30368f82292a1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
br
x-cdn
fastly
etag
"671fd3d6701d35a87b369bffd3965ff6"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=1209600
alt-svc
h3=":443";ma=600
content-length
18590
global_footer
share.lovesac.com/zones/
28 KB
10 KB
XHR
General
Full URL
https://share.lovesac.com/zones/global_footer
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.204.188.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-188-67.compute-1.amazonaws.com
Software
Extole /
Resource Hash
65b1a0abe41c4a7ba639094570f6d3fd0e6be08a7f41d132d21e37171e422205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="Please see our privacy policy"
server
Extole
x-extole-token
H70LAH4GJE50EVDCSULDBNVLQM
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
text/javascript
access-control-allow-origin
https://www.lovesac.com
access-control-expose-headers
X-Extole-Token
cache-control
no-cache
access-control-allow-credentials
true
x-extole-cookie-consent
YEAR
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
expires
Wed, 10 Apr 2024 02:05:12 GMT
fonts.css
origin.xtlo.net/type=core:clientId=1747449748:coreAssetsVersion=120/media/
6 KB
848 B
Stylesheet
General
Full URL
https://origin.xtlo.net/type=core:clientId=1747449748:coreAssetsVersion=120/media/fonts.css
Requested by
Host: share.lovesac.com
URL: https://share.lovesac.com/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-90.fra53.r.cloudfront.net
Software
Extole /
Resource Hash
57ff7743da500efe31449ed8c7b5d5861e7e9004725185e3671042edb10dfae7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 09:16:44 GMT
content-encoding
gzip
via
1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
last-modified
Wed, 03 Apr 2024 09:16:37 GMT
server
Extole
x-amz-cf-pop
FRA53-C1
age
578909
access-control-max-age
2592000
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
content-length
455
x-amz-cf-id
qzxVwHCGDoiyYMz8GgzB0sQVRsRuI4o6T_vG0pErC9HbPwUhfrRPlg==
ua-parser
dcinfos-cache.abtasty.com/v1/
86 B
380 B
Fetch
General
Full URL
https://dcinfos-cache.abtasty.com/v1/ua-parser
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.178.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.178.36.34.bc.googleusercontent.com
Software
/
Resource Hash
348f8aee8b366208cf861a97f66ff6f38072c6ac8f2740a7383c7c88259828d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-envoy-decorator-operation
uc-info.workload.svc.cluster.local:8080/*
via
1.1 google
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,User-Agent
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ariane.abtasty.com/
43 B
414 B
Fetch
General
Full URL
https://ariane.abtasty.com/
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.178.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.178.36.34.bc.googleusercontent.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 10 Apr 2024 02:05:13 GMT
x-envoy-decorator-operation
entrypoint.workload.svc.cluster.local:8080/*
via
1.1 google
access-control-allow-methods
GET,HEAD,POST
content-type
image/gif
access-control-allow-origin
https://www.lovesac.com
cache-control
must-revalidate, no-cache, private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Origin,Accept,Set-Cookie,X-ABTasty-CrossDomain
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1081254.1341214.json
try.abtasty.com/b2c1b5f5cb8bdd60aa3b033176d1ae56/
72 B
519 B
Fetch
General
Full URL
https://try.abtasty.com/b2c1b5f5cb8bdd60aa3b033176d1ae56/1081254.1341214.json?9cf0dedaed7d3365a284035155615a47
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
574b89267740137db8fb4e4c2b9b7b5cf3093e07d5c387620b2ed10ad433f866

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 08:31:34 GMT
x-amz-version-id
nFZpGucf1Kix4NXw8L.dAwDykX0xPnqt
via
1.1 07ddb29e6fb6e0d7584320febca423a6.cloudfront.net (CloudFront)
age
408820
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
72
last-modified
Thu, 04 Apr 2024 20:13:42 GMT
server
AmazonS3
etag
"041774f1120edaa156a551fcf9593e56"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-origin
cache-control
s-maxage=604800,max-age=604800
accept-ranges
bytes
x-amz-cf-id
R9TqxGMihu8YWD5BAzitbmlpbYJJSydlgCwQpnqLez-sZHHcxirPKg==
1161931.1440957.json
try.abtasty.com/b2c1b5f5cb8bdd60aa3b033176d1ae56/
1 KB
798 B
Fetch
General
Full URL
https://try.abtasty.com/b2c1b5f5cb8bdd60aa3b033176d1ae56/1161931.1440957.json?c089a96391dd1bec38ff1a29b1fa20d7
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc402a8a091839202f523a7482d8adfdc092be9fbdb85d9a4c092f8edfd92e19

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 13:40:14 GMT
x-amz-version-id
5DJqgDDla3DzvnZSPistGW6VAu5NrSQu
content-encoding
br
via
1.1 07ddb29e6fb6e0d7584320febca423a6.cloudfront.net (CloudFront)
age
44700
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 04 Apr 2024 20:13:44 GMT
server
AmazonS3
etag
W/"ceff8474a8b1f6accf0d92e9f19937f7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-origin
cache-control
s-maxage=604800,max-age=604800
vary
Accept-Encoding
x-amz-cf-id
r38YRM9mCIXaT_jbuq10z2E2R0BDqNG6_lZGBvHGCX3Es4nZtRayTg==
/
ct.pinterest.com/user/
325 B
632 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2619248618442&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1712714713875&dep=2%2CPAGE_LOAD
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
6718823875097752
content-length
188
pin-unauth
dWlkPU5qVmpaalV6WldVdE0yWTFOaTAwTWpabExXRTFOalV0WldRNU1UQmtZbVF6TUdRMA
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lovesac.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
ac3b543087eea8bca8514cd590925156836e98c1
expires
Sat, 01 Jan 2000 00:00:00 GMT
j
s-vop.sundaysky.com/t/v1/
0
294 B
Image
General
Full URL
https://s-vop.sundaysky.com/t/v1/j?a=lovesac&ap=1&m=uui&pb=f&sp=https%3A%2F%2Fwww.lovesac.com%2F&cb=1085815272&udt.userid=&udt.sku=&udt.cat=&udt.ptype=Home%20Page&udt.kw=&udt.segment=visitor
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.6.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-6-154.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:14 GMT
x-content-type-options
nosniff
x-frame-options
DENY
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI PUR COM NAV INT DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, must-revalidate, proxy-revalidate, max-age=0
content-length
0
expires
Sat, 1 Apr 2000 00:00:00 GMT
1690459044350386
connect.facebook.net/signals/config/
56 KB
12 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1690459044350386?v=2.9.153&r=stable&domain=www.lovesac.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e77edf908aeda5c8a02e6994fe08d6b915fb28fe69cd973e5324c6baf99e1bd7
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 10 Apr 2024 02:05:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=63, mss=1326, tbw=63192, tp=-1, tpl=-1, uplat=50, ullat=0
pragma
public
x-fb-debug
Oa6CqW+uFURmqo56revyve/IAqSIZAMqg7v41HADx1Bf/XpqIK8DF1tDkfp8wuoRtsflMRAEYJfKTs3jEX4O/Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
181 B
Fetch
General
Full URL
https://ct.pinterest.com/v3/?tid=2619248618442&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.lovesac.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A600%2C%22sw%22%3A800%2C%22mh%22%3A%22d1ecc6ee%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22123.0.6312.105%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1712714713894
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:13 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
https://www.lovesac.com
pinterest-version
ac3b543087eea8bca8514cd590925156836e98c1
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
1106895495795837
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
4001819.js
bat.bing.com/p/action/
0
116 B
Script
General
Full URL
https://bat.bing.com/p/action/4001819.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Wed, 10 Apr 2024 02:05:13 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 51D224CEB822437DB47B3AA8547A1D2C Ref B: FRAEDGE1809 Ref C: 2024-04-10T02:05:13Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
285 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=4001819&tm=gtm002&Ver=2&mid=6a777bae-3229-4edf-b34a-f227b478f7e0&sid=c4bd6710f6de11eea92cf14a401131f2&vid=c4bd94f0f6de11ee86fef1637521f10f&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=800&sh=600&sc=24&tl=Lovesac%20-%20Modern%20Furniture%20%7C%20Modular%20Sectionals%20%26%20Bean%20Bag%20Chairs&kw=Lovesac%20Sectional,%20Lovesac%20couch,%20lovesac%20furniture,%20furniture%20lovesac,%20Lovesac%20sofa,%20sectional,%20sectional%20sofa,%20modular%20sectional,%20sectional%20pieces,%20couch,%20sofa,%20long%20sofa,%20modular%20furniture,%20rearrangeable%20furniture,%20rearrangeable%20couch,%20adaptable%20couch,%20couch%20that%20comes%20apart,%20configurable%20couch,%20couch%20with%20storage,%20living%20room%20seating,%20living%20room%20furniture,%20best%20couches,%20best%20sectional,%20best%20couch%20for%20families,%20washable%20couch,%20expandable%20couch,%20durable%20couch,%20sactional,%20lovesac%20sactional,%20lovesac%20com%20sactional,%20love%20sac%20sactional,%20sectional%20covers,%20custom%20sofa,%20custom%20couch,%20discover%20sectional,%20discover%20sactional,%20learn%20sectional,%20learn%20sactional,%20durable%20couch,%20durable%20sofa,%20lovesac%20Beanbag,%20Lovesac%20Bean%20Bag,%20Lovesac%20Beanbag%20Chair,%20Lovesac%20Bean%20Bag%20Chair,%20Lovesac%20Chair,%20Lovesac,%20Large%20Lovesac,%20Beanbag,%20Bean%20Bag,%20Beanbag%20Chair,%20Bean%20Bag%20Chair,%20Large%20Beanbag,%20Small%20Beanbag,%20Extra%20Large%20Beanbag,%20XL%20Beanbag,%20comfortable%20seating,%20comfortable%20bean%20bag,%20comfortable%20beanbag,%20living%20room%20seating,%20living%20room%20furniture,%20furniture%20for%20kids,%20foam%20chair,%20foam%20beanbag,%20foam%20bean%20bag&p=https%3A%2F%2Fwww.lovesac.com%2F&r=&lt=1473&evt=pageLoad&sv=1&rn=772608
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 10 Apr 2024 02:05:13 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DCB82CB974D8407C92B5DC14E551F28E Ref B: FRAEDGE1809 Ref C: 2024-04-10T02:05:13Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 2355
0
0
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=www.lovesac.com&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.lovesac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 Apr 2024 02:05:13 GMT
server
Kestrel
server-processing-duration-in-ticks
381967
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
museosans-500.otf
origin.xtlo.net/type=core:clientId=1747449748:coreAssetsVersion=120/media/
61 KB
29 KB
Font
General
Full URL
https://origin.xtlo.net/type=core:clientId=1747449748:coreAssetsVersion=120/media/museosans-500.otf
Requested by
Host: origin.xtlo.net
URL: https://origin.xtlo.net/type=core:clientId=1747449748:coreAssetsVersion=120/media/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-90.fra53.r.cloudfront.net
Software
Extole /
Resource Hash
46428f2c539eecc8b06fecb7ea74dc8f945fd9ab25b8b4cabba1aa55f6d91239

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://origin.xtlo.net/type=core:clientId=1747449748:coreAssetsVersion=120/media/fonts.css
Origin
https://www.lovesac.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 09:16:45 GMT
content-encoding
gzip
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
last-modified
Wed, 03 Apr 2024 09:16:38 GMT
server
Extole
x-amz-cf-pop
FRA53-C1
age
578908
access-control-max-age
2592000
vary
Accept-Encoding
content-type
application/x-font-otf
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
x-amz-cf-id
ZLZ-LfEcdJjdfbMZTONWrs5na0cuUflSNolsHEIklRJjjH54H4-xrA==
pageInfo
www.mczbf.com/547167638839/
68 B
546 B
Fetch
General
Full URL
https://www.mczbf.com/547167638839/pageInfo
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:b000:16:4ed5:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
*/*
Referer
https://www.lovesac.com/
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 02:05:13 GMT
Via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Miss from cloudfront
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
68
X-Amz-Cf-Id
jHr8jzle-5d-jXMGo8SfdY0PUA7ZPSW-sofiV5IGatf688XIReSrcw==
X-Request-ID
c4c2fe5a-f6de-11ee-b816-0763d132cefe
truncated
/
35 KB
35 KB
Other
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d588b9f638ed3982aec3e3aad666ac5714b7a2369575733aa276601013b136fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
application/octet-stream
activityi;dc_pre=CPfXisHHtoUDFU8ABgAdM7gKdw;src=13921035;type=gener0;cat=loves0;ord=1301486407836;npa=1;auiddc=136348060.1712714714;u13=%2F;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7...
13921035.fls.doubleclick.net/ Frame 629B
Redirect Chain
  • https://13921035.fls.doubleclick.net/activityi;src=13921035;type=gener0;cat=loves0;ord=1301486407836;npa=1;auiddc=136348060.1712714714;u13=%2F;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.10...
  • https://13921035.fls.doubleclick.net/activityi;dc_pre=CPfXisHHtoUDFU8ABgAdM7gKdw;src=13921035;type=gener0;cat=loves0;ord=1301486407836;npa=1;auiddc=136348060.1712714714;u13=%2F;uaa=x86;uab=64;uafvl...
0
0
Document
General
Full URL
https://13921035.fls.doubleclick.net/activityi;dc_pre=CPfXisHHtoUDFU8ABgAdM7gKdw;src=13921035;type=gener0;cat=loves0;ord=1301486407836;npa=1;auiddc=136348060.1712714714;u13=%2F;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4480z8831672054za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.lovesac.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-13921035&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lovesac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
381
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Apr 2024 02:05:14 GMT
expires
Wed, 10 Apr 2024 02:05:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Apr 2024 02:05:14 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://13921035.fls.doubleclick.net/activityi;dc_pre=CPfXisHHtoUDFU8ABgAdM7gKdw;src=13921035;type=gener0;cat=loves0;ord=1301486407836;npa=1;auiddc=136348060.1712714714;u13=%2F;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe4480z8831672054za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.lovesac.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
5e62c523-2e57-4111-add1-f0fa31111bd2.js
tr.snapchat.com/config/com/
191 B
459 B
Script
General
Full URL
https://tr.snapchat.com/config/com/5e62c523-2e57-4111-add1-f0fa31111bd2.js?v=3.14.1-2404091850
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
fd6a26d1597c43b3207eebb4393f7c6fce787fd4c584ef358fc59b63c1d73fa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
Origin
https://www.lovesac.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/javascript
access-control-allow-origin
https://www.lovesac.com
x-envoy-upstream-service-time
96
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191
i
tr.snapchat.com/cm/ Frame A8F4
0
0
Document
General
Full URL
https://tr.snapchat.com/cm/i?pid=5e62c523-2e57-4111-add1-f0fa31111bd2&u_scsid=99833b26-fcfb-4f24-acd4-bdd70577576a&u_sclid=d3a6ff11-2fb8-4ebd-9cc3-d16f41292724
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://www.lovesac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 10 Apr 2024 02:05:14 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
recv
click.prod.mplat-ppcprotect.com/v2/
20 B
465 B
Fetch
General
Full URL
https://click.prod.mplat-ppcprotect.com/v2/recv?data=%7B%22client_id%22%3A0%2C%22href%22%3A%22https%3A%2F%2Fwww.lovesac.com%2F%22%2C%22token%22%3A%22eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhY2NvdW50X2lkIjoxNjY5OX0.kusr3-h9bHMbxKHK9N4N5_vQCXMt34-Vj69u1S_mj1U%22%7D
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c200:c:8c1e:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
uvicorn /
Resource Hash
02c045b5a38b1e9a01bf15ab6d48d526dc60a726bf041fe32d153b4ffd71e761
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src * data:; object-src 'none'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:13 GMT
via
1.1 1876576d09e30dc7b468e90ff448f1f8.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src * data:; object-src 'none'
server
uvicorn
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P12
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
20
x-amz-cf-id
lTpLzOCfH_DgGb52sJSY9jGOZpL_A25VD5ONz7qrYkYYccTDSyKA5A==
x-xss-protection
1; mode=block
collect
region1.google-analytics.com/g/
0
254 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-SN4TBNHBCF&gtm=45je4480v886192096z8831672054za200&_p=1712714711309&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1936275137.1712714714&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712714713&sct=1&seg=0&dl=https%3A%2F%2Fwww.lovesac.com%2F&dt=Lovesac%20-%20Modern%20Furniture%20%7C%20Modular%20Sectionals%20%26%20Bean%20Bag%20Chairs&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2753
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SN4TBNHBCF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.lovesac.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-EE9DYJBNV5&gtm=45je4480v872365513z8867000499za200&_p=1712714711309&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1936275137.1712714714&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fwww.lovesac.com%2F&dt=Lovesac%20-%20Modern%20Furniture%20%7C%20Modular%20Sectionals%20%26%20Bean%20Bag%20Chairs&dp=%2F&sid=1712714714&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.client_container_info=GTM-WNGFJS5%20v16&ep.client_timestamp_iso=2024-04-10T04%3A05%3A13.804%2B02%3A00&ep.client_timezone=%2B2&ep.value=&up.last_timezone=%2B2&tfd=2769
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EE9DYJBNV5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.lovesac.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
514417555385723
connect.facebook.net/signals/config/
20 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/514417555385723?v=2.9.153&r=stable&domain=www.lovesac.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
e523aa5e27537a98d6d5a88ac7ac51a00e36362c0207a860d8bcb84fba58f35d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 10 Apr 2024 02:05:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4648, tp=12, tpl=0, uplat=98, ullat=0
pragma
public
x-fb-debug
LGiEOHU5f4v/iUNLo2g1LTnHEZpmBhEQUcQFV0sB/US+i6ap2p8QV8O2KgjTttaaT+C89KPsIR+s/9Tqe7QFcg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1690459044350386&ev=PageView&dl=https%3A%2F%2Fwww.lovesac.com%2F&rl=&if=false&ts=1712714714030&sw=800&sh=600&v=2.9.153&r=stable&ec=0&o=4126&fbp=fb.1.1712714714029.459497391&ler=empty&cdl=API_unavailable&it=1712714713891&coo=false&rqm=GET
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1326, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=-1
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 10 Apr 2024 02:05:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=45255&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=nkAilF9BdlhURHZUa3ExQlVoMWdpNHNvNGlIQk8lMkIyN0lHR0...
  • https://widget.us.criteo.com/event?a=45255&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=nkAilF9BdlhURHZUa3ExQlVoMWdpNHNvNGlIQk8lMkIyN0lHR0...
17 KB
8 KB
Script
General
Full URL
https://widget.us.criteo.com/event?a=45255&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=nkAilF9BdlhURHZUa3ExQlVoMWdpNHNvNGlIQk8lMkIyN0lHR0N4bFVXT0E5bnlERFdEUkFUWWdHc3Y5aGloWUFDMHNKcyUyQkZCcHJ3Q0NKZnIzUmFocUEwTEFoSVY4NUVPNDZIZEt3R0lsU2ZqUlBJR3lxV2VUMDJqTENaeTNhdnFGVjFRNEdTeTlUNjklMkZqb3gxU3lQaUI2N2FYbkElM0QlM0Q&tld=lovesac.com&fu=https%253A%252F%252Fwww.lovesac.com%252F&ceid=6f25325b-cb83-4d65-9a0d-a4cf46151c3e&dtycbr=26807
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
0876c3e213c65c47619e2b96830c7ce52b5cf6ee9e8bfb8eef7edb635242861e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lovesac.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
33240108
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-origin
*
location
https://widget.us.criteo.com/event?a=45255&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=nkAilF9BdlhURHZUa3ExQlVoMWdpNHNvNGlIQk8lMkIyN0lHR0N4bFVXT0E5bnlERFdEUkFUWWdHc3Y5aGloWUFDMHNKcyUyQkZCcHJ3Q0NKZnIzUmFocUEwTEFoSVY4NUVPNDZIZEt3R0lsU2ZqUlBJR3lxV2VUMDJqTENaeTNhdnFGVjFRNEdTeTlUNjklMkZqb3gxU3lQaUI2N2FYbkElM0QlM0Q&tld=lovesac.com&fu=https%253A%252F%252Fwww.lovesac.com%252F&ceid=6f25325b-cb83-4d65-9a0d-a4cf46151c3e&dtycbr=26807
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5295963
timing-allow-origin
*
content-length
0
expires
0
main.MTFhN2NkNDczMQ.js
analytics.tiktok.com/i18n/pixel/static/
431 KB
114 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBALQTJC77U73BSUO3QG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-129.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ed6d3879e83eea603a014f1a6918ebfbec89aa7abc0abc1a51daee288a10715f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
247bc6ff
date
Wed, 10 Apr 2024 02:05:14 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202404081245434D2F9E4100B3B774A50E
x-tt-trace-id
00-2404081245434D2F9E4100B3B774A50E-66FCA988CC44CD6A-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
018cc3f4c5ca2f36007487116f9fdd47b4f75817db5db3581abbd92ee893da4f3a220388ce5c571891d18379bbb47916f6b4ee16ba58455726057548aa6a20a11e491acc5bd7ee9534a4bc6fc38aaf021502f65bbcfb2a2e11bdd4bd00b25b9a74
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
116201
p13n.min.js
cdn.boomtrain.com/p13n/lovesac-furniture/
92 KB
30 KB
Script
General
Full URL
https://cdn.boomtrain.com/p13n/lovesac-furniture/p13n.min.js
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-82.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ed94fec22390f02e70feb82e97de8fbad0db7ed2115b95fa0c9814bf892d336

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
e1wKBLGIZ_NGQ3I_QmZCjY.ctffVaFKQ
Content-Encoding
gzip
Via
1.1 fd9d525f4633063393693172d96013ca.cloudfront.net (CloudFront)
Date
Wed, 10 Apr 2024 02:05:14 GMT
X-Amz-Cf-Pop
FRA60-P8
Age
271
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 29 Mar 2024 09:07:12 GMT
Server
AmazonS3
ETag
W/"f31b82f3dab5b7397053c18af71ba25d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
X-Amz-Cf-Id
9-u768MxzZqhKC996PsE1ME0cLBdcWYnGXly-d8L06_hJd9fJfWugw==
compromise.js
j730.lovesac.com/gallery/listener_interest_ranker/1.5.5/frontend/src/lib/
243 KB
82 KB
Script
General
Full URL
https://j730.lovesac.com/gallery/listener_interest_ranker/1.5.5/frontend/src/lib/compromise.js
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-97.fra60.r.cloudfront.net
Software
- /
Resource Hash
f9dbd8e60971f7a0660028aadde537b3b6d9f4abb8e9eab8dec59b841d60fbfe

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 20 Mar 2024 08:18:35 GMT
content-encoding
gzip
via
1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1791999
x-cache
Hit from cloudfront
last-modified
Thu, 07 Mar 2024 12:31:35 GMT
server
-
etag
"3cd94-6131141923e78-gzip"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
DLtlXk0uuOzJJf8v88s3V0k-YhriTVfEA5rhrK5jgDA1IxqcDxgMYA==
expires
Fri, 19 Apr 2024 08:18:35 GMT
stopwords.js
j730.lovesac.com/gallery/listener_interest_ranker/1.5.5/frontend/src/js/
7 KB
3 KB
Script
General
Full URL
https://j730.lovesac.com/gallery/listener_interest_ranker/1.5.5/frontend/src/js/stopwords.js
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-97.fra60.r.cloudfront.net
Software
- /
Resource Hash
f8158f2dfb4c7e7376c37298b1194bd0c44d31486a9ad9910218d3e9e79fe22a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 20 Mar 2024 08:18:35 GMT
content-encoding
gzip
via
1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1791999
x-cache
Hit from cloudfront
content-length
2295
last-modified
Thu, 07 Mar 2024 12:31:35 GMT
server
-
etag
"1a72-61311419090c8-gzip"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
CNY1W-W2BS0krFjV0ard95JvUKgIAyAvO9WVR8XsSbT-9FwtCN78iA==
expires
Fri, 19 Apr 2024 08:18:35 GMT
reservedterms.js
j730.lovesac.com/gallery/listener_interest_ranker/1.5.5/frontend/src/js/
243 B
596 B
Script
General
Full URL
https://j730.lovesac.com/gallery/listener_interest_ranker/1.5.5/frontend/src/js/reservedterms.js
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-97.fra60.r.cloudfront.net
Software
- /
Resource Hash
a4c37d5259154f3b0c5e31d4891b8e12c9cf4f462d4e9a03d8dde81203485f92

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 20 Mar 2024 08:18:35 GMT
content-encoding
gzip
via
1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1791999
x-cache
Hit from cloudfront
content-length
155
last-modified
Thu, 07 Mar 2024 12:31:35 GMT
server
-
etag
"f3-61311418fc1c0-gzip"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
UKk8XyFXCwdHM0f4xNU538_EDoaG9kcZAGKEmoCIdBUwk0WMzLidzw==
expires
Fri, 19 Apr 2024 08:18:35 GMT
textrank.js
j730.lovesac.com/gallery/listener_interest_ranker/1.5.5/frontend/src/js/
1 KB
1 KB
Script
General
Full URL
https://j730.lovesac.com/gallery/listener_interest_ranker/1.5.5/frontend/src/js/textrank.js
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-97.fra60.r.cloudfront.net
Software
- /
Resource Hash
7d2e4384bf9dec3221e693225c190951dcffb4388fb378b23c6b85f99f66c0e8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 20 Mar 2024 08:18:35 GMT
content-encoding
gzip
via
1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1791999
x-cache
Hit from cloudfront
content-length
681
last-modified
Thu, 07 Mar 2024 12:31:35 GMT
server
-
etag
"5b7-613114190d718-gzip"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
AaPLGoeuF8NiEwJwRDqTmLJmeMmVTg2k6-7AMdYPPehKU7IU2poRkQ==
expires
Fri, 19 Apr 2024 08:18:35 GMT
stemmer.js
j730.lovesac.com/gallery/listener_interest_ranker/1.5.5/frontend/src/js/
2 KB
1 KB
Script
General
Full URL
https://j730.lovesac.com/gallery/listener_interest_ranker/1.5.5/frontend/src/js/stemmer.js
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-97.fra60.r.cloudfront.net
Software
- /
Resource Hash
991d8f6a815a4d6fc7d7a9a81a8fe9596651147ca561ee9a2e05a9e8e014fd4e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 20 Mar 2024 08:18:35 GMT
content-encoding
gzip
via
1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1791999
x-cache
Hit from cloudfront
content-length
816
last-modified
Thu, 07 Mar 2024 12:31:35 GMT
server
-
etag
"877-6131141900040-gzip"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
jdrOcgMoA7ekRkx61n6UGd313QnGMI_ngTvwPNTEJgy-JWuRLzDMAA==
expires
Fri, 19 Apr 2024 08:18:35 GMT
300
j730.lovesac.com/DG/DEFAULT/rest/rpc/
553 B
1 KB
XHR
General
Full URL
https://j730.lovesac.com/DG/DEFAULT/rest/rpc/300?referer=https%3A%2F%2Fwww.lovesac.com%2F&bcsessionid=4ea04070-b7c3-407a-bc16-5f6aa68ffdcb&bctempid=&overruleReferrer=&time=2024-04-10T04%3A05%3A14%2B02%3A00&ts=1712714714063
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-97.fra60.r.cloudfront.net
Software
- /
Resource Hash
671f45b510d0d9f8dce438c09de8b12425889a9489ec71f8a60e5bc8428a04e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Apr 2024 02:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA60-P6
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
179
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lovesac.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
iM3pojZWsFVko6lUOA2YefXtS9ePMRI5W7E_f6bTRikGphrEVRcgfg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
300
j730.lovesac.com/DG/DEFAULT/rest/rpc/
185 B
1 KB
XHR
General
Full URL
https://j730.lovesac.com/DG/DEFAULT/rest/rpc/300?referer=https%3A%2F%2Fwww.lovesac.com%2F&bcsessionid=4ea04070-b7c3-407a-bc16-5f6aa68ffdcb&bctempid=&overruleReferrer=&time=2024-04-10T04%3A05%3A14%2B02%3A00&ts=1712714714064
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-97.fra60.r.cloudfront.net
Software
- /
Resource Hash
518874f5026365612b8745b48c42540f48edeb6c79d2dde99b985e28ec3aab7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Apr 2024 02:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA60-P6
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
166
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lovesac.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
eKYOrSeYurQMAlJMRigwfU-KJOpdZJJ7tiJaIlLPC8CsA3nebvMDig==
expires
Thu, 01 Jan 1970 00:00:00 GMT
300
j730.lovesac.com/DG/DEFAULT/rest/rpc/
185 B
1 KB
XHR
General
Full URL
https://j730.lovesac.com/DG/DEFAULT/rest/rpc/300?referer=https%3A%2F%2Fwww.lovesac.com%2F&bcsessionid=4ea04070-b7c3-407a-bc16-5f6aa68ffdcb&bctempid=&overruleReferrer=&time=2024-04-10T04%3A05%3A14%2B02%3A00&ts=1712714714068
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-97.fra60.r.cloudfront.net
Software
- /
Resource Hash
bb4ef84b3231a1abf465beb67c072bb1f43a689bc63adc957fa869f71ed4829e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Apr 2024 02:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA60-P6
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
165
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lovesac.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
nHIg6xrK60aKehGiprQtb3uCTL0FDsyyIONwrURCczwRzvgRdjrOPg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
lovesac.blueconic.net/DG/DEFAULT/
66 B
861 B
Script
General
Full URL
https://lovesac.blueconic.net/DG/DEFAULT/cs?bcsessionid=4ea04070-b7c3-407a-bc16-5f6aa68ffdcb&&callback=bc_json302
Requested by
Host: j730.lovesac.com
URL: https://j730.lovesac.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.175.156.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-156-69.compute-1.amazonaws.com
Software
- /
Resource Hash
52634f6d2221b6070db80886274021999f7a51900891981a3bc6c2e929451d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
84
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/j/
3 B
146 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1811724153&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lovesac.com%2F&ul=en-us&de=UTF-8&dt=Lovesac%20-%20Modern%20Furniture%20%7C%20Modular%20Sectionals%20%26%20Bean%20Bag%20Chairs&sd=24-bit&sr=800x600&vp=1600x1200&je=0&_u=YADAAAABAAAAACAAI~&jid=1880427596&gjid=1077566391&cid=1936275137.1712714714&tid=UA-9091319-1&_gid=966537536.1712714714&_r=1&_slc=1&gtm=45He4480n81NJ2KRD5v831672054za200&cd3=home&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1066154029
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.lovesac.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1811724153&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.lovesac.com%2F&ul=en-us&de=UTF-8&dt=Lovesac%20-%20Modern%20Furniture%20%7C%20Modular%20Sectionals%20%26%20Bean%20Bag%20Chairs&sd=24-bit&sr=800x600&vp=1600x1200&je=0&ec=BlueConic&ea=undefined&el=false&ev=0&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=1936275137.1712714714&tid=UA-9091319-1&_gid=966537536.1712714714&gtm=45He4480n81NJ2KRD5v831672054za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&cd11=New%20Customer&cd13=FY25%3A%20No%20Purchase%20w%2F%20Amount%7CVisitors%20not%20in%20segment%20%22Known%20Visitors%22%7CTest%20Genevieve%20Segment%7CVisitors%20not%20in%20segment%20%22Sac%20or%20Sactional%20%2F%20Last%203%20years%22%7CCustomerBusinessKey%7CGTM%20Cart%20Load%20Examples%20-%20no%20config%7CSMS%20Opt-In%20Status%20(not%20active%20SMS%20user)%7CNon-customers_No%20purchase%7CVisitors%20not%20in%20segment%20%22Customers%22%20(ie.%20Prospects)%7CUnknown%20Profiles%7CGTM%20Data%7CNew%20Customer%20(0%20Purchase)%7C%5Bbc%20dev%5D%20No%20Item%20in%20Cart%7CAll%20Visitors%7CLS%20Direct%20New%20Movers%7C%5Bbc%20dev%5D%20unKnown%20Profiles%20without%20transaction%7C%5BBC%20DEV%5D%20Test%20URL%20Capture%7CTest%7CAny%20Store%20Purchasers&npa=1&z=1404248976
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 09 Apr 2024 22:33:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12697
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
identify_38a7e.js
analytics.tiktok.com/i18n/pixel/static/
139 KB
37 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_38a7e.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-129.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c7a13438386b27ae3874ff95ac5cb2ed21b805261427e9da870e93c35e788de

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
247bc76d
date
Wed, 10 Apr 2024 02:05:14 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240408124538835843693CD9FEC2279E
x-tt-trace-id
00-240408124538835843693CD9FEC2279E-1E93971DE01D37DD-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
010e31fdea860714cf1cf97495f6a32b563f7a4b8bc57f00321ddccaedff2eb4186a14c1a965e9fe560ec89fc48a34c18ca976d3b8bcb1d367c1525ecef1aa05c1b122910b5ddc5ca58b93e58f22d30dfbe145382d721b3530c831c61646dab36c
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=8
content-length
36830
pixel
analytics.tiktok.com/api/v2/
0
844 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-129.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
f6cf3ee.247bc7a9
date
Wed, 10 Apr 2024 02:05:14 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2404100205146930ACC2906B7C7BAA85-62258CE8CA72E160-00
x-cache
TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
x-parent-response-time
126,104.126.37.125
server-timing
cdn-cache; desc=MISS, edge; dur=94, origin; dur=38, inner; dur=34
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202404100205146930ACC2906B7C7BAA85
x-cache-remote
TCP_MISS from a23-52-15-109.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
38,23.52.15.109
x-tt-trace-host
01eefdfa336408dc4139d00d1b7a95e7b6352b4c8562cf2ba4f138ac30656cc605b4161b74808192e3b82c54acb5534c0b6f364bd54f876ae52b0bcee175fabec8723d7c6ade4e5edb6b4e2b5659d033aa3f92df6b506914e5d44083ee6c85fe6820684387dbbbc0cfb5ae6bc4d4d65333
access-control-allow-headers
Authorization,*
expires
Wed, 10 Apr 2024 02:05:14 GMT
p
tr.snapchat.com/
0
239 B
Ping
General
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Apr 2024 02:05:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
access-control-allow-origin
https://www.lovesac.com
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
300
j730.lovesac.com/DG/DEFAULT/rest/rpc/
185 B
1 KB
XHR
General
Full URL
https://j730.lovesac.com/DG/DEFAULT/rest/rpc/300?referer=https%3A%2F%2Fwww.lovesac.com%2F&bcsessionid=4ea04070-b7c3-407a-bc16-5f6aa68ffdcb&bctempid=&overruleReferrer=&time=2024-04-10T04%3A05%3A14%2B02%3A00&ts=1712714714250
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-97.fra60.r.cloudfront.net
Software
- /
Resource Hash
12eaf60f8c5146cccd3f414e4dde5cea93390d943f7137ef944dc7efe185deaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Apr 2024 02:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA60-P6
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
166
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lovesac.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
zJgFJlIvAWn6fTIcChrH2sqSwYBeLV4KeDZnY_8hx2UtibmKT1JeXQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
300
j730.lovesac.com/DG/DEFAULT/rest/rpc/
185 B
1 KB
XHR
General
Full URL
https://j730.lovesac.com/DG/DEFAULT/rest/rpc/300?referer=https%3A%2F%2Fwww.lovesac.com%2F&bcsessionid=4ea04070-b7c3-407a-bc16-5f6aa68ffdcb&bctempid=&overruleReferrer=&time=2024-04-10T04%3A05%3A14%2B02%3A00&ts=1712714714382
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-97.fra60.r.cloudfront.net
Software
- /
Resource Hash
a90af4a730b06193369a7869c0b33d1357c4577da489dfc9fbf35f0e7694bde7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Apr 2024 02:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA60-P6
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
166
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lovesac.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
hPcqQSc0lJAiqmIFRERB59AYyvbR6W0RQvvIOHm-PZuzi_wNJoNsug==
expires
Thu, 01 Jan 1970 00:00:00 GMT
p
tr6.snapchat.com/
0
45 B
Ping
General
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Apr 2024 02:05:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
via
1.1 google
server
API Gateway
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
act
analytics.tiktok.com/api/v2/pixel/
0
846 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-129.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
541090b.247bc8f3
date
Wed, 10 Apr 2024 02:05:14 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240410020514BA21F6ED2933A484744A-46B9422717E69E8A-00
x-cache
TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
x-parent-response-time
108,104.126.37.125
server-timing
cdn-cache; desc=MISS, edge; dur=92, origin; dur=23, inner; dur=19
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240410020514BA21F6ED2933A484744A
x-cache-remote
TCP_MISS from a23-220-105-213.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
23,23.220.105.213
x-tt-trace-host
01eefdfa336408dc4139d00d1b7a95e7b6352b4c8562cf2ba4f138ac30656cc605f88dd965df73901a20872e0b914116efd41e2854dca23a086d1552de1536a9de144ef426e0aa404aa8d49d11e395be20042418ad07bc97b1dd6275a0990c097fdd7dcbfcbd5b697ada2262b8f5caa35c
access-control-allow-headers
Authorization,*
expires
Wed, 10 Apr 2024 02:05:14 GMT
resolve
people.api.boomtrain.com/identify/
151 B
466 B
XHR
General
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiYTY1ZmM3NzMtYzcyYi00YTIwLWFjNzMtNDdmODRlNGVlMTU5OjE3MTI3MTQ3MTMuOTQ4ODI5In19&site_id=lovesac-furniture
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.87.59.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-59-181.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f1242da76cb5b9dd42e781799d519d21f16ffcc0aeb0bbee28205bb1781c51dc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 02:05:15 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
151
/
ariane.abtasty.com/
43 B
98 B
Fetch
General
Full URL
https://ariane.abtasty.com/
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.178.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.178.36.34.bc.googleusercontent.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 10 Apr 2024 02:05:14 GMT
x-envoy-decorator-operation
entrypoint.workload.svc.cluster.local:8080/*
via
1.1 google
access-control-allow-methods
GET,HEAD,POST
content-type
image/gif
access-control-allow-origin
https://www.lovesac.com
cache-control
must-revalidate, no-cache, private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Origin,Accept,Set-Cookie,X-ABTasty-CrossDomain
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
lightbox.js
www.lightboxcdn.com/vendor/dd608e6d-75ec-4b01-990d-b4a448031a5e/ Frame 6CF6
510 B
398 B
Script
General
Full URL
https://www.lightboxcdn.com/vendor/dd608e6d-75ec-4b01-990d-b4a448031a5e/lightbox.js?mb=1712714714520&lv=1
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d9bebb114b3965591eac32eba2cdbe8c1c97692e4ec140fd52c4b78df4c8ed6a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:14 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 10 Apr 2024 01:51:44 GMT
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cf-ray
871f2bb5d9274d58-FRA
p
tr.snapchat.com/
0
44 B
Ping
General
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Apr 2024 02:05:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
access-control-allow-origin
https://www.lovesac.com
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
user.js
www.lightboxcdn.com/vendor/dd608e6d-75ec-4b01-990d-b4a448031a5e/ Frame 6CF6
637 KB
141 KB
Script
General
Full URL
https://www.lightboxcdn.com/vendor/dd608e6d-75ec-4b01-990d-b4a448031a5e/user.js?cb=638477252510047176
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/dd608e6d-75ec-4b01-990d-b4a448031a5e/lightbox.js?mb=1712714714520&lv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b0532b65ba02d47c68a8139c5b64eafdbaefd4ec465082f57a329305ca4822

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Apr 2024 02:05:14 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
HWOc+MrOlzpH1RjzvhL3VQ==
age
585862
cf-polished
origSize=901607
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Mon, 26 Feb 2024 18:51:15 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
1c6b75a6-301e-0045-3f97-85c5a1000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
871f2bb7fa0d4d58-FRA
expires
Thu, 10 Apr 2025 02:05:14 GMT
fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=638445702751031298
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/dd608e6d-75ec-4b01-990d-b4a448031a5e/user.js?cb=638477252510047176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Apr 2024 02:05:14 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
q4B4xYJoZwx9ikt94o1nCA==
age
511225
cf-polished
origSize=6016
x-ms-meta-cbmodifiedtime
Wed, 10 Apr 2019 18:50:43 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 10 Apr 2019 19:06:17 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
x-ms-request-id
315aa7c8-a01e-000f-14c4-80f5c6000000
cache-control
public, max-age=2678400
x-ms-version
2009-09-19
cf-ray
871f2bb84a424d58-FRA
expires
Sat, 11 May 2024 02:05:14 GMT
z
api.lightboxcdn.com/z9gd/42882/www.lovesac.com/jsonp/
799 B
1 KB
Script
General
Full URL
https://api.lightboxcdn.com/z9gd/42882/www.lovesac.com/jsonp/z?cb=1712714714931&dre=l&callback=jQuery11240595450259161417_1712714714919&_=1712714714920
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/dd608e6d-75ec-4b01-990d-b4a448031a5e/user.js?cb=638477252510047176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9b194a579929d361265b4838cfa4593111bd4e6df69a5c2bee55149e7d50d58f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:14 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
digibox.gif
www.lightboxcdn.com/z9g/
35 B
257 B
Image
General
Full URL
https://www.lightboxcdn.com/z9g/digibox.gif?c=1712714714924&h=www.lovesac.com&e=p&u=42882
Requested by
Host: www.lovesac.com
URL: https://www.lovesac.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 Apr 2024 02:05:14 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
2361910
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Fri, 02 Dec 2022 00:02:02 GMT
content-length
35
x-ms-lease-status
unlocked
cf-bgj
imgq:85,h2pri
last-modified
Fri, 02 Dec 2022 00:02:38 GMT
server
cloudflare
etag
0x8DAD3F8864E2F29
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
e979446f-501e-0011-4b70-752f2b000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
871f2bb85a4b4d58-FRA
unified-tag.js
cdn.attn.tv/tag/4-latest/
131 KB
43 KB
Script
General
Full URL
https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1a0cee32
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/lovesac/dtag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:fe00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f216ba1556b37ec1d15959f46b8bc374fedca9daf19db6193478ab686e747c5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
JFVniyirNtLG2QhzVSTqidASZHJcLNOY
content-encoding
gzip
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
date
Wed, 10 Apr 2024 02:02:09 GMT
x-amz-cf-pop
FRA2-C2
age
187
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 05 Apr 2024 19:33:03 GMT
server
AmazonS3
etag
W/"401d170f9f52f3139b5666c742c30eb6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
x-amz-cf-id
Dm6PPzcNrEwbDEvhIkrL3o7hcJSIdmYksIJLhAyJ-MFXr5kPruxchA==
g.js
aa.agkn.com/adscores/
24 B
507 B
Script
General
Full URL
https://aa.agkn.com/adscores/g.js?sid=9212306938&cv1=2e1c998a-2cda-4f0f-b0e0-42256ffe3d43
Requested by
Host: safevisit.online
URL: https://safevisit.online/?lcid=11083
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.226.249 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-226-249.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
9c559f676d0b6dfc2a830336777ac3d7eefe4b4e790a9c3293427db7e29a8ece

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:15 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
24
expires
0
/
ghs4.safevisit.online/
0
127 B
Script
General
Full URL
https://ghs4.safevisit.online/?lcid=11083&ncookie=2e1c998a-2cda-4f0f-b0e0-42256ffe3d43&furl=aHR0cHM6Ly93d3cubG92ZXNhYy5jb20v
Requested by
Host: safevisit.online
URL: https://safevisit.online/?lcid=11083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.211 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f19.1e100.net
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
x-cloud-trace-context
35a44922d790b2e222b46cf60f284e33
date
Wed, 10 Apr 2024 02:05:16 GMT
server
Google Frontend
content-length
0
content-type
text/html; charset=utf-8
sv.js
track.sv.rkdms.com/js/
60 KB
24 KB
Script
General
Full URL
https://track.sv.rkdms.com/js/sv.js?sv_cid=2451_03870&sv_origin=lovesac.com
Requested by
Host: safevisit.online
URL: https://safevisit.online/?lcid=11083
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.74.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-74-8.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
cf59eebad97bdd1490c98d00280dc4a95a5e0543ff6e05030793e8756abc9443

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:15 GMT
content-encoding
gzip
last-modified
Wed, 10 Apr 2024 02:05:15 GMT
server
nginx/1.24.0
etag
W/"f617b666f3c16d1666e3099c57cb63a9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, private
expires
Wed, 10 Apr 2024 02:05:15 GMT
/
lovesac.attn.tv/d/
5 B
252 B
Fetch
General
Full URL
https://lovesac.attn.tv/d/?attn_vid=fa624219aef041e9890b771c238703df
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.43.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:15 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/json
access-control-allow-origin
*
x-envoy-upstream-service-time
5
cf-ray
871f2bb9f96d2c29-FRA
alt-svc
h3=":443"; ma=86400
e
events.attentivemobile.com/
0
0
Ping
General
Full URL
https://events.attentivemobile.com/e?v=4.31.0_3b1a0cee32&pd=https%3A%2F%2Fwww.lovesac.com%2F&u=fa624219aef041e9890b771c238703df&c=lovesac&ceid=SPo&lt=1712714715156&tag=modern&cs=2937089479&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1712714715161
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1a0cee32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.39.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

SPo.js
cdn.attn.tv/growth-tag-assets/client-configs/
379 B
841 B
Script
General
Full URL
https://cdn.attn.tv/growth-tag-assets/client-configs/SPo.js
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_3b1a0cee32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:fe00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b16e35f8e00776e41006c00e1bad964d33c4e7f82e8bb8121469342b822f5bad

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
9WN.p9e2OcsQUfC.QANhMs0oS8B3KDpb
date
Wed, 10 Apr 2024 02:05:16 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
379
last-modified
Mon, 25 Mar 2024 16:40:48 GMT
server
AmazonS3
etag
"55d920d87c628781808019dad0fd7a1e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
accept-ranges
bytes
x-amz-cf-id
SX-FeCsTwBI8jCa7cJLimSc406q13H-ztEhdwBn4Za_ii6QofQhsRg==
track
events.api.boomtrain.com/event/
2 B
209 B
XHR
General
Full URL
https://events.api.boomtrain.com/event/track
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.94.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-94-22.compute-1.amazonaws.com
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 10 Apr 2024 02:05:16 GMT
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, x-app-id
content-length
2
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
text/plain
unrenderedCreative
lovesac.attn.tv/
0
207 B
Fetch
General
Full URL
https://lovesac.attn.tv/unrenderedCreative?v=4.31.0&r=&id=fa624219aef041e9890b771c238703df&pv=1&l=https%3A%2F%2Fwww.lovesac.com%2F&w=1600&h=1200&ss_ref=ORGANIC&f=2
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.43.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Apr 2024 02:05:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
12
cf-ray
871f2bbc3a332c29-FRA
alt-svc
h3=":443"; ma=86400
token_create.js
ct.pinterest.com/static/ct/
4 KB
4 KB
Script
General
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.d1ecc6ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5b15aac9c392958d54b67f8eadb0985ced801f635f7edd5cbf80fa95fae4061a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:16 GMT
x-cdn
fastly
age
4704
etag
"00a3e23e5609ea9564eca6ae4e3949f4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
timing-allow-origin
https://ct.pinterest.com
alt-svc
h3=":443";ma=600
content-length
4103
ct.html
ct.pinterest.com/ Frame 5B5B
0
0
Document
General
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.d1ecc6ee.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.216.231 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-216-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.lovesac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

akamai-grn
0.d6931102.1712714716.b2442d0
alt-svc
h3=":443"; ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Wed, 10 Apr 2024 02:05:16 GMT
pinterest-version
ac3b543087eea8bca8514cd590925156836e98c1
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
0
x-pinterest-rid
6081456582755516
pixel
cm.g.doubleclick.net/ Frame 1D82
170 B
409 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-KwfoeDwL7k3hm7rctRHGPMC9UOZbMNw8IQcTCg&google_cm&google_hm=ay1Ld2ZvZUR3TDdrM2htN3JjdFJIR1BNQzlVT1piTU53OElRY1RDZw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 1D82
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-sYEWYjwL7k3hm7rctRHGPMC9UOYREnh7jRoT4g&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 02:05:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 1D82
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4911237510449773568
43 B
369 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4911237510449773568
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
953551
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:16 GMT
an-x-request-uuid
9bc68533-b985-4242-8d19-70b2a17b8e78
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4911237510449773568
x-proxy-origin
185.213.155.177; 185.213.155.177; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 1D82
57 B
812 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-LJVDATwL7k3hm7rctRHGPMC9UOYeGpyp898DrQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-216-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f77309a3390de4674d1b9179d69de9c1e284256e9c14bbf5a86e0c80586640bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 10 Apr 2024 02:05:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Wed, 10 Apr 2024 02:05:16 GMT
tap.php
pixel.rubiconproject.com/ Frame 1D82
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-yBG9JDwL7k3hm7rctRHGPMC9UOa0_v8o7pNi5w&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame 1D82
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-MZFidzwL7k3hm7rctRHGPMC9UOYphfk62kv75w
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.172 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:15 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1D82
0
99 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-RnD3aTwL7k3hm7rctRHGPMC9UOZB04lqyLonnw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:16 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13343
um
criteo-sync.teads.tv/ Frame 1D82
23 B
163 B
Image
General
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-P75eQjwL7k3hm7rctRHGPMC9UOZI-FmOSRBi_g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 10 Apr 2024 02:05:16 GMT
pragma
no-cache
date
Wed, 10 Apr 2024 02:05:16 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 1D82
37 B
140 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-FBhJKzwL7k3hm7rctRHGPMC9UOah443naaNylQ&dongle=013b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
cksync.php
hb.yahoo.net/ Frame 1D82
56 B
319 B
Image
General
Full URL
https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-nSM8GTwL7k3hm7rctRHGPMC9UOalOzQNz1aGKA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5eeb0081366c82d6237c6e16e9af56188182db7669e6916a9018bbf8d16b5b7a
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Wed, 10 Apr 2024 02:05:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
56
x-mnet-hl2
E
expires
Wed, 10 Apr 2024 02:05:16 GMT
pixel
cm.adform.net/ Frame 1D82
43 B
163 B
Image
General
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-JxKNTjwL7k3hm7rctRHGPMC9UOZe-7Giim-5NA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:16 GMT
last-modified
Mon, 14 Nov 2022 09:52:50 GMT
server
nginx
accept-ranges
bytes
etag
"63720ff2-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 1D82
49 B
342 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-8fOvmTwL7k3hm7rctRHGPMC9UOZLnRFBcAXtqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:16 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 1D82
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-FgcL6zwL7k3hm7rctRHGPMC9UOatBtdCvBbvKA
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-FgcL6zwL7k3hm7rctRHGPMC9UOatBtdCvBbvKA&C=1
43 B
328 B
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-FgcL6zwL7k3hm7rctRHGPMC9UOatBtdCvBbvKA&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BUQXEXcmcxnUI0wF1SgAhNqXqD7U6T0vr6vkDUgOzSsa1mlOJCc9Y1DMmydOzy%2FhuGm%2FVZq91Iim0fBGKa4kpG9MHul8t2bUq1uU%2Fu%2B6q43FjrzPjmJouB8ORzd%2B1QT4aHwD"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
871f2bc228711daa-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mOaMi%2Fs0AJ4NfGViUmOab6Z53OfnVXYVJk6n%2B90ddrz32qN79URotIvmpW4G7w7E3OaygkGLwU81wnEppxraz5eiXAg7tNoaYjLAKnhofoVl13NcQPQ%2FDXhB03CnP%2FQgAhIV"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-FgcL6zwL7k3hm7rctRHGPMC9UOatBtdCvBbvKA&C=1
cache-control
no-cache
cf-ray
871f2bc208611daa-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
demconf.jpg
dpm.demdex.net/ Frame 1D82
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=PqgNQWzAgao-Y22c0jndWC2gDfwEowWW
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=PqgNQWzAgao-Y22c0jndWC2gDfwEowWW
42 B
717 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=PqgNQWzAgao-Y22c0jndWC2gDfwEowWW
Protocol
H2
Server
52.17.32.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-32-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v060-04c802d32.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Wed, 10 Apr 2024 02:05:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
TTWSwI60Q8Y=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v060-0cf0f301d.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Wed, 10 Apr 2024 02:05:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
Jzk4gc05SWU=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=PqgNQWzAgao-Y22c0jndWC2gDfwEowWW
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame 1D82
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-VIJ3LTwL7k3hm7rctRHGPMC9UOYphBio8GwMqA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 10 Apr 2024 02:05:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame 1D82
43 B
199 B
Image
General
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-fyDbKDwL7k3hm7rctRHGPMC9UOYXDqSIdYRdOQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.217.116.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-116-3.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 10 Apr 2024 02:05:16 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 1D82
42 B
265 B
Image
General
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-usLGUjwL7k3hm7rctRHGPMC9UOZduSrklVJ5Hw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:16 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 1D82
0
878 B
Image
General
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-SnQ4TTwL7k3hm7rctRHGPMC9UOY5eec0Px_KMg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.235.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-235-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:16 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame 1D82
43 B
422 B
Image
General
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-cpyvJzwL7k3hm7rctRHGPMC9UOZc8R7wxbTvoA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.18.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-18-43.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:17 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 1D82
0
218 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-dIolGDwL7k3hm7rctRHGPMC9UObu_FDNOTP0rA&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 10 Apr 2024 02:05:16 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
aaf28c6ad9aa09be43c69eb5c03daa0e
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1D82
0
225 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-kLFCVzwL7k3hm7rctRHGPMC9UOanPxDc1GMc4g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/html; charset=utf-8
date
Wed, 10 Apr 2024 02:05:15 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
match.sharethrough.com/sync/ Frame 1D82
0
35 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-clzzXDwL7k3hm7rctRHGPMC9UOYto-1Ety_B3w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.148.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-148-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:16 GMT
sync
criteo-partners.tremorhub.com/ Frame 1D82
43 B
400 B
Image
General
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-a_OuOjwL7k3hm7rctRHGPMC9UOazPuTEFWNrJA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:cecf:cf1:37f4:7c02 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Wed, 10 Apr 2024 02:05:16 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 1D82
43 B
153 B
Image
General
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-L8-xWjwL7k3hm7rctRHGPMC9UOYho4X6_6WIVw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 10 Apr 2024 02:05:16 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame 1D82
0
235 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-qLcAOTwL7k3hm7rctRHGPMC9UObWBIVEq4EFmQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 10 Apr 2024 02:05:16 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Tue, 09 Apr 2024 02:05:16 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 1D82
0
38 B
Image
General
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-m4e5wjwL7k3hm7rctRHGPMC9UOZhyCx9GN15ng&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.129.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-129-177.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:16 GMT
content-length
0
put
e1.emxdgt.com/ Frame 1D82
0
44 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-W0ahgzwL7k3hm7rctRHGPMC9UOaGmAEdS60ZtQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.89.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-89-164.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 02:05:16 GMT
server
awselb/2.0
match
c1.adform.net/serving/cookie/ Frame 1D82
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10015&cid=k-JxKNTjwL7k3hm7rctRHGPMC9UOZe-7Giim-5NA
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10015&cid=k-JxKNTjwL7k3hm7rctRHGPMC9UOZe-7Giim-5NA
35 B
591 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=10015&cid=k-JxKNTjwL7k3hm7rctRHGPMC9UOZe-7Giim-5NA
Protocol
H2
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://c1.adform.net/serving/cookie/match?CC=1&party=10015&cid=k-JxKNTjwL7k3hm7rctRHGPMC9UOZe-7Giim-5NA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic1711466415659.js
resources.digital-cloud-west.medallia.com/wdcwest/541901/onsite/
383 KB
85 KB
Script
General
Full URL
https://resources.digital-cloud-west.medallia.com/wdcwest/541901/onsite/generic1711466415659.js
Requested by
Host: resources.digital-cloud-west.medallia.com
URL: https://resources.digital-cloud-west.medallia.com/wdcwest/541901/onsite/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.121.230 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
049174c132f9100a6cab7ecd7d5521e6f1d866f30c6a73133f563e451c85e418
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
t7H5Fzosbf1F8isXijKbPvQ3N1tXujuE
content-encoding
gzip
via
1.1 varnish
date
Wed, 10 Apr 2024 02:05:16 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
V3HGANHAGEKY58N6
age
132423
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
86664
x-amz-id-2
xLl6Z8crevgWaABMQJzvALURYD83DlWzSHyiW9aPCUvhNHU+pam5K5lyH3DkfiLgvVw4fpxRdik=
x-served-by
cache-fra-etou8220063-FRA
last-modified
Tue, 26 Mar 2024 15:20:16 GMT
server
AmazonS3
x-timer
S1712714716.350045,VS0,VE1
etag
"10e11595da0746c0071f76f2e44d7f67"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
0
up
insight.adsrvr.org/track/ Frame 61AE
0
0
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=zse13w5&ref=https%3A%2F%2Fwww.lovesac.com%2F&upid=f5dihhn&upv=1.1.0&orderid=false&td1=&td2=0&td3=false&td4=false&td5=false&td6=false&td7=false&td8=undefined&td9=undefined&td10=undefined&v=false&vf=USD
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Referer
https://www.lovesac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
0
content-type
text/html
date
Wed, 10 Apr 2024 02:05:16 GMT
server
Kestrel
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1811724153&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.lovesac.com%2F&ul=en-us&de=UTF-8&dt=Lovesac%20-%20Modern%20Furniture%20%7C%20Modular%20Sectionals%20%26%20Bean%20Bag%20Chairs&sd=24-bit&sr=800x600&vp=1600x1200&je=0&ec=Scroll&ea=10&el=vertical&_u=aBDAAEABAAAAACAAI~&jid=&gjid=&cid=1936275137.1712714714&tid=UA-9091319-1&_gid=966537536.1712714714&gtm=45He4480n81NJ2KRD5v831672054za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=161272334
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 09 Apr 2024 21:52:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
15147
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1D82
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-LBHZCTwL7k3hm7rctRHGPMC9UOaDF5lWctA2oA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:16 GMT
an-x-request-uuid
ab4475b1-6892-4b7c-93d3-53f86333a7ab
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.155.177; 185.213.155.177; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
getDUH
photos.pixlee.co/ Frame B0AA
Redirect Chain
  • https://photos.pixlee.com/getDUH
  • https://photos.pixlee.co/getDUH
0
0
Document
General
Full URL
https://photos.pixlee.co/getDUH
Requested by
Host: assets.pixlee.com
URL: https://assets.pixlee.com/assets/pixlee_events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src http: https:;script-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.feedshop.net *.pxlecdn.com *.pixlee.gallery *.pixleeteam.com data: *.nanovisor.io http://photos.test localhost:8000 http://photos.pixlee.test *.pixlee.com *.pixlee.co *.pixlee.io https://cdn.ravenjs.com https://browser.sentry-cdn.com cdnjs.cloudflare.com https://*.cloudfront.net *.pusher.com *.pinterest.com *.googleapis.com https://api-ssl.bitly.com *.google-analytics.com graph.instagram.com connect.facebook.net googletagmanager.com pixlee.gallery https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com 'unsafe-inline' 'unsafe-eval';style-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.pixleeteam.com http://photos.test localhost:8000 http://photos.pixlee.test *.pixlee.com *.pixlee.co *.pixlee.io *.pxlecdn.com https://cdnjs.cloudflare.com fonts.googleapis.com graph.instagram.com https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com 'unsafe-inline';font-src http: https: data:;img-src *.kube.pixlee.io *.pixleeteam.com android-webview-video-poster: *.pixlee.com *.pixlee.co *.pixlee.io *.pxlecdn.com http: https: data: blob:;connect-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.feedshop.net *.pxlecdn.com *.pixlee.gallery *.pixleeteam.com *.nanovisor.io *.pixlee.com *.pixlee.co *.pixlee.io *.pixlee.test localhost:8000 distillery.test photos.test *.pixleeteam.com:9000 *.pixleeteam.com:9001 ws://*.pixlee.com wss://*.pixlee.com ws://*.pixlee.co wss://*.pixlee.co ws://*.pxlecdn.com wss://*.pxlecdn.com *.pusherapp.com ws://*.pusherapp.com wss://*.pusherapp.com https://api-ssl.bitly.com *.facebook.com pixlee-staging-distillery.herokuapp.com s3.amazonaws.com youtube.com sentry.io code.jquery.com *.googleapis.com pixlee-backstage-analytics.herokuapp.com https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com ws://localhost:3036 ;report-to csp;report-uri https://sentry.io/api/1227414/security/?sentry_key=a8d877c6035547e193eff7baa44c7501
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.lovesac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
47
cache-control
max-age=300,s-maxage=300
content-encoding
gzip
content-length
1280
content-security-policy
default-src http: https:;script-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.feedshop.net *.pxlecdn.com *.pixlee.gallery *.pixleeteam.com data: *.nanovisor.io http://photos.test localhost:8000 http://photos.pixlee.test *.pixlee.com *.pixlee.co *.pixlee.io https://cdn.ravenjs.com https://browser.sentry-cdn.com cdnjs.cloudflare.com https://*.cloudfront.net *.pusher.com *.pinterest.com *.googleapis.com https://api-ssl.bitly.com *.google-analytics.com graph.instagram.com connect.facebook.net googletagmanager.com pixlee.gallery https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com 'unsafe-inline' 'unsafe-eval';style-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.pixleeteam.com http://photos.test localhost:8000 http://photos.pixlee.test *.pixlee.com *.pixlee.co *.pixlee.io *.pxlecdn.com https://cdnjs.cloudflare.com fonts.googleapis.com graph.instagram.com https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com 'unsafe-inline';font-src http: https: data:;img-src *.kube.pixlee.io *.pixleeteam.com android-webview-video-poster: *.pixlee.com *.pixlee.co *.pixlee.io *.pxlecdn.com http: https: data: blob:;connect-src *.kube.pixlee.io *.dev.pixlee.com:9001 *.feedshop.net *.pxlecdn.com *.pixlee.gallery *.pixleeteam.com *.nanovisor.io *.pixlee.com *.pixlee.co *.pixlee.io *.pixlee.test localhost:8000 distillery.test photos.test *.pixleeteam.com:9000 *.pixleeteam.com:9001 ws://*.pixlee.com wss://*.pixlee.com ws://*.pixlee.co wss://*.pixlee.co ws://*.pxlecdn.com wss://*.pxlecdn.com *.pusherapp.com ws://*.pusherapp.com wss://*.pusherapp.com https://api-ssl.bitly.com *.facebook.com pixlee-staging-distillery.herokuapp.com s3.amazonaws.com youtube.com sentry.io code.jquery.com *.googleapis.com pixlee-backstage-analytics.herokuapp.com https://*.tiktok.com https://*.ibytedtos.com https://*.byteoversea.com https://*.tiktokcdn.com https://*.ttwstatic.com https://*.tiktokcdn-us.com ws://localhost:3036 ;report-to csp;report-uri https://sentry.io/api/1227414/security/?sentry_key=a8d877c6035547e193eff7baa44c7501
content-type
text/html; charset=utf-8
date
Wed, 10 Apr 2024 02:05:16 GMT
etag
W/"5d950f736efb25d047b4e46267d921f3"
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
referrer-policy
strict-origin-when-cross-origin
report-to
{ "group": "csp", "max-age": 10886400, "endpoints": [{ "url": "https://sentry.io/api/1227414/security/?sentry_key=a8d877c6035547e193eff7baa44c7501;" }] }
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1712712868&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=QdRvyCX1IrqnA4hWENg6Z0eMe1yxGgQlsJSlifiAAqs%3D
server
Cowboy
strict-transport-security
max-age=31557600
true-client-ip
185.213.155.177
vary
Origin, Accept-Encoding
via
1.1 vegur, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, HIT, HIT
x-cache-hits
0, 582, 1
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
3a6c976f-cf05-467c-9836-b14d7d28dcb5
x-runtime
0.003897
x-served-by
cache-iad-kjyo7100044-IAD, cache-iad-kjyo7100163-IAD, cache-fra-eddf8230149-FRA
x-timer
S1712714716.463752,VS0,VE1
x-xss-protection
1; mode=block

Redirect headers

accept-ranges
bytes
age
340
cache-control
max-age=300,s-maxage=300
content-length
218
content-type
text/html
date
Wed, 10 Apr 2024 02:05:16 GMT
location
https://photos.pixlee.co/getDUH
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1712714376&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=87Wl6cml5xakjkbxLnx8T1yAA93F0tBItQApYEuIeT4%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1712714376&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=87Wl6cml5xakjkbxLnx8T1yAA93F0tBItQApYEuIeT4%3D
server
Cowboy
strict-transport-security
max-age=31557600
true-client-ip
185.213.155.177
via
1.1 vegur, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, HIT, HIT
x-cache-hits
0, 376, 1
x-served-by
cache-iad-kiad7000077-IAD, cache-iad-kiad7000077-IAD, cache-fra-eddf8230024-FRA
x-timer
S1712714716.454374,VS0,VE1
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/
0
318 B
Image
General
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiODAweDYwMCIsInNlc3Npb25fZHVhIjogIk1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjMuMC4wLjAgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIkxvdmVzYWMgLSBNb2Rlcm4gRnVybml0dXJlIHwgTW9kdWxhciBTZWN0aW9uYWxzICYgQmVhbiBCYWcgQ2hhaXJzIiwicGFnZV91cmwiOiAiaHR0cHM6Ly93d3cubG92ZXNhYy5jb20vIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE3MTI3MTQ3MTY0NTYiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAyLCJ1c2VyX2lkIjogIjE4ZWM1YzA5NTIzOGRjLTA1ODQyYzYyZmUzMDYxLTI2MDAxYTUxLTc1MzAwLTE4ZWM1YzA5NTI0ZDZhIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXdlc3QiLCJhY2NvdW50SWQiOiA1NDE5MDAsInVybCI6ICJodHRwczovL3d3dy5sb3Zlc2FjLmNvbS8iLCJ3ZWJzaXRlSWQiOiA1NDE5MDEsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogImQzMTEtZTMyYy02NWMyLWMxMDUtYTU4My1kOTJkLThkYzMtYzI3MCIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNzEyNzE0NzE2NDU0Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDM2OTUsImthbXB5bGVfdmVyc2lvbiI6ICIyLjU0LjEiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjU0LjEiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE3MTI3MTQ3MTY0NTYsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-me
prod-instance-gatewayservice-green-cjdh
date
Wed, 10 Apr 2024 02:05:16 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
Favicons_128x128.jpg
www.lovesac.com/media/favicon/stores/1/
436 B
815 B
Other
General
Full URL
https://www.lovesac.com/media/favicon/stores/1/Favicons_128x128.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a7393075ea566ae98e5d21d6b9ddfd0e7f920dde1c3690e0a892412291045fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
45, 0
date
Wed, 10 Apr 2024 02:05:16 GMT
strict-transport-security
max-age=31536000
x-platform-server
i-06d8f9e5143926b77, i-06d8f9e5143926b77
fastly-io-served-by
vpop-haf2300705
traceresponse
00-17c2698d5f26bf37e755ccada27bebcd-1d1184c9129bb89c-01
age
667852
x-cache
HIT, HIT
fastly-io-info
ifsz=1474 idim=128x128 ifmt=jpeg ofsz=436 odim=128x128 ofmt=webp
fastly-stats
io=1
content-length
436
x-served-by
cache-bfi-krnt7300085-BFI, cache-fra-eddf8230114-FRA
etag
"F7eC++dMbU4kkKRKJXfrAsT3q5hnegVc26uu/gliSlY"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
x-debug-info
eyJyZXRyaWVzIjowfQ==
accept-ranges
bytes
x-robots-tag
index, follow
expires
Wed, 02 Apr 2025 08:34:24 GMT
Favicons_128x128.jpg
www.lovesac.com/media/favicon/stores/1/
436 B
487 B
Other
General
Full URL
https://www.lovesac.com/media/favicon/stores/1/Favicons_128x128.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a7393075ea566ae98e5d21d6b9ddfd0e7f920dde1c3690e0a892412291045fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
45, 1
date
Wed, 10 Apr 2024 02:05:16 GMT
strict-transport-security
max-age=31536000
x-platform-server
i-06d8f9e5143926b77, i-06d8f9e5143926b77
fastly-io-served-by
vpop-haf2300705
traceresponse
00-17c2698d5f26bf37e755ccada27bebcd-1d1184c9129bb89c-01
age
667852
x-cache
HIT, HIT
fastly-io-info
ifsz=1474 idim=128x128 ifmt=jpeg ofsz=436 odim=128x128 ofmt=webp
fastly-stats
io=1
content-length
436
x-served-by
cache-bfi-krnt7300085-BFI, cache-fra-eddf8230114-FRA
etag
"F7eC++dMbU4kkKRKJXfrAsT3q5hnegVc26uu/gliSlY"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
x-debug-info
eyJyZXRyaWVzIjowfQ==
accept-ranges
bytes
x-robots-tag
index, follow
expires
Wed, 02 Apr 2025 08:34:24 GMT
cookie-consent-latest.css
cdn-prod.securiti.ai/consent/ Frame D80E
59 KB
10 KB
Stylesheet
General
Full URL
https://cdn-prod.securiti.ai/consent/cookie-consent-latest.css
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-lovesac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8000:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efa4f89780a78abef1f045ba08a1a690bdec1863627230aca463a6954f701c9d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://www.lovesac.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
6h9bdcmZlFbchw8pfHX4DKlTX35DUkwk
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding
gzip
date
Wed, 10 Apr 2024 01:54:02 GMT
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
age
676
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 08 Apr 2024 21:50:15 GMT
server
AmazonS3
etag
W/"423e31b23c8848dee2654eb5bd0d745f"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
x-frame-options
DENY
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
Ai9xRfHZumgntZhOETVNskV1FGBvb7N1hKNX27iJXOxiIW6I9b6yIQ==
fonts.css
origin.xtlo.net/type=core:clientId=1747449748:coreAssetsVersion=120/media/ Frame D80E
6 KB
844 B
Stylesheet
General
Full URL
https://origin.xtlo.net/type=core:clientId=1747449748:coreAssetsVersion=120/media/fonts.css
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-lovesac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-90.fra53.r.cloudfront.net
Software
Extole /
Resource Hash
57ff7743da500efe31449ed8c7b5d5861e7e9004725185e3671042edb10dfae7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://www.lovesac.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 09:16:44 GMT
content-encoding
gzip
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
last-modified
Wed, 03 Apr 2024 09:16:37 GMT
server
Extole
x-amz-cf-pop
FRA53-C1
age
578913
access-control-max-age
2592000
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
no-transform, max-age=2592000
content-length
455
x-amz-cf-id
Yrp4J9t6BJcdRsKWqKEFl_3crmam5DvbtRc156W0cZhsSgY0zKPWLA==
tpe
csm.va.us.criteo.net/1.0/
43 B
203 B
Image
General
Full URL
https://csm.va.us.criteo.net/1.0/tpe?cpp=JgR0-HxRWGtQTzdLUlVITi9PUzFnVFNSM3pmNDlBcUwrbkpNbG9aUkpCQ1FQM1BaSy91Qm5aZ09pKzR4bmJaSzh3OGdteGFZUmM0WEkrT2pBaEJqVVR1SDdydz09fA&cppv=2&p=%7B%22cp%22%3A%5B%7B%22c%22%3Afalse%2C%22ct%22%3A%22static%22%2C%22dlt%22%3A0%2C%22rdt%22%3A0%2C%22rpt%22%3A1%2C%22rqt%22%3A28%2C%22sct%22%3A15%2C%22tct%22%3A29%7D%2C%7B%22c%22%3Afalse%2C%22ct%22%3A%22widget%22%2C%22dlt%22%3A0%2C%22rdt%22%3A125%2C%22rpt%22%3A13%2C%22rqt%22%3A127%2C%22sct%22%3A96%2C%22tct%22%3A190%7D%5D%2C%22mtp%22%3A%7B%22cqt%22%3A0%2C%22it%22%3A2%7D%7D&dtycbr=51981
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.lovesac.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 02:05:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
43
expires
0
lovesac
ingest.quantummetric.com/ Frame D80E
90 B
245 B
XHR
General
Full URL
https://ingest.quantummetric.com/lovesac?T=B&u=https%3A%2F%2Fwww.lovesac.com%2F&t=1712714716525&v=1712714717611&S=0&N=0&P=0&z=1
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.29.182.184 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.182.29.34.bc.googleusercontent.com
Software
/
Resource Hash
0284123b51e36d10ded27589473aa7d05b5a5f0fae60ff6e6d04eba670889812
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lovesac.com
date
Wed, 10 Apr 2024 02:05:17 GMT
strict-transport-security
max-age=31536000
access-control-allow-credentials
true
content-length
90
content-type
application/json
lovesac
ingest.quantummetric.com/ Frame D80E
0
144 B
XHR
General
Full URL
https://ingest.quantummetric.com/lovesac?T=B&u=https%3A%2F%2Fwww.lovesac.com%2F&t=1712714716525&v=1712714718021&H=ddf31566dd765a889f605984&s=1ae554415e03591931f2022eaf502620&Q=1&Y=1&X=76cea94bb14d46b3a5de358a6c8eec78&z=1
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.29.182.184 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.182.29.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lovesac.com
date
Wed, 10 Apr 2024 02:05:18 GMT
strict-transport-security
max-age=31536000
access-control-allow-credentials
true
content-length
0
content-type
application/json
lovesac
ingest.quantummetric.com/ Frame D80E
0
144 B
XHR
General
Full URL
https://ingest.quantummetric.com/lovesac?T=B&u=https%3A%2F%2Fwww.lovesac.com%2F&t=1712714716525&v=1712714718022&H=ddf31566dd765a889f605984&s=1ae554415e03591931f2022eaf502620&U=d7488c1384c75d211c50fbc72783ebbd&Q=2&S=0&N=0&z=1
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.29.182.184 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.182.29.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lovesac.com
date
Wed, 10 Apr 2024 02:05:18 GMT
strict-transport-security
max-age=31536000
access-control-allow-credentials
true
content-length
0
content-type
application/json
lovesac
ingest.quantummetric.com/ Frame D80E
0
144 B
XHR
General
Full URL
https://ingest.quantummetric.com/lovesac?T=B&u=https%3A%2F%2Fwww.lovesac.com%2F&t=1712714716525&v=1712714718365&H=ddf31566dd765a889f605984&s=1ae554415e03591931f2022eaf502620&S=1834&N=6&P=1&z=1
Requested by
Host: cdn.noibu.com
URL: https://cdn.noibu.com/collect.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.29.182.184 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.182.29.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lovesac.com
date
Wed, 10 Apr 2024 02:05:18 GMT
strict-transport-security
max-age=31536000
access-control-allow-credentials
true
content-length
0
content-type
application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
widgets.syfpayments.com
URL
https://widgets.syfpayments.com/?partnerId=PI20013066&productCategoryNames=&offerNumber=&processInd=undefined&cid=unifitest&syfPlatform=

Verdicts & Comments Add Verdict or Comment

360 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 function| Animation object| dlObjects object| wpCookies function| getWpCookie object| dataLayer object| match object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| LOCALE string| BASE_URL function| require function| requirejs function| define string| klevu_lang string| klevu_baseCurrencyCode string| klevu_currentCurrencyCode boolean| klevu_pubIsInUse string| klevu_current_version object| _klvWebhook object| _klvReady function| klevu object| _klvAnalyticsCollect object| _klvAnalyticsEvent object| klevu_addPriceSuffixToQueryControl function| initUnitfiWidget function| loadUnifiJS object| syfWidgetObject number| nowUnixtime function| klevufejs_getCookie object| klevufejs_cookie object| klevuData object| xhttp object| cookiesConfig object| checkout object| elemluVcekcwArray object| authenticationPopup function| klevu_redirectURLSetup object| extole function| updateKlevuSessionDataElementsFromLocalStorage function| MPPAnywhereIdApply object| MPPAnywhereIdElements object| Gladly function| klevu_addtocart boolean| klevu_cms_module_enabled boolean| klevu_cmsSearchEnabled undefined| $ function| jQuery object| blueConicPreListeners function| BCClass object| blueConicClient object| Cookies object| cookieStorage function| initCmp function| setConsentBannerParams function| showConsentPreferencesPopup function| overrideThemeMatching function| loadConfigFile function| enableUsableNetAssistive function| onYouTubeIframeAPIReady function| _ function| tinycolor object| __syfMPP__ object| syfMPP object| webpackChunkweb function| iFrameResize object| Pixlee object| adobeDataLayer object| magentoStorefrontEvents object| GCMUtils object| TCFUtils function| ARIAtabs object| bannerConfigUtils object| bannerGenerator object| commonConstants object| commonUtils object| consentBannerUtils object| consentTuningUtils object| cookieconsent object| getterUtils object| GPPBannerGeneration object| GPPUtils object| preferenceCenterGeneration object| regeneratorRuntime function| mediaCheck object| klevu_currencySymbols object| klevu_priceFormatters string| klevu_urlProtocol string| klevu_javascriptDomain object| klevunoUiSlider object| noUiSlider function| wNumb object| _syfMpp_ object| extoleData function| Fingerprint2 function| VideoWorker boolean| VimeoPlayerResizeEmbeds_ object| Vimeo object| bc_json301 boolean| isUsNationalEnabled object| NOIBUJS_CONFIG boolean| noibuJSLoaded object| NOIBUJS_DOCUMENT_READY_PROMISE object| NOIBUJS object| BV object| _bvaq object| $BV function| onBvLoaded object| _bva object| GlobalSnowplowNamespace function| gladly_snowplow object| Snowplow function| InteractionTypeImpl number| abtiming function| pintrk object| criteo_q function| fbq function| _fbq function| snaptr object| r function| zync_call string| TiktokAnalyticsObject object| ttq number| ftRandom object| script string| GoogleAnalyticsObject function| ga object| webpackChunktag boolean| ABTastyTagPerforming object| ABTasty function| ABTastyStartTest function| ABTastyReload function| ABTastyPageView object| abtasty function| ABTastyClickTracking function| ABTastyEvent object| _abtasty object| CJApi object| cjApi object| SSKY function| UET function| UET_init function| UET_push object| ueto_8c8189bdc7 object| uetq string| token object| Module object| moduleOverrides object| arguments_ string| thisProgram function| quit_ boolean| ENVIRONMENT_IS_WEB boolean| ENVIRONMENT_IS_WORKER string| scriptDirectory function| locateFile function| read_ function| readAsync undefined| readBinary function| setWindowTitle function| out function| err undefined| wasmBinary boolean| noExitRuntime object| wasmMemory boolean| ABORT number| EXITSTATUS function| assert object| UTF8Decoder function| UTF8ArrayToString function| UTF8ToString function| stringToUTF8Array function| stringToUTF8 function| lengthBytesUTF8 object| buffer object| HEAP8 object| HEAPU8 object| HEAP16 object| HEAPU16 object| HEAP32 object| HEAPU32 object| HEAPF32 object| HEAPF64 function| updateGlobalBufferAndViews number| INITIAL_MEMORY object| wasmTable object| __ATPRERUN__ object| __ATINIT__ object| __ATMAIN__ object| __ATPOSTRUN__ boolean| runtimeInitialized function| keepRuntimeAlive function| preRun function| initRuntime function| preMain function| postRun function| addOnPreRun function| addOnInit function| addOnPostRun number| runDependencies object| runDependencyWatcher object| dependenciesFulfilled function| addRunDependency function| removeRunDependency function| abort string| dataURIPrefix function| isDataURI string| wasmBinaryFile function| getBinary function| getBinaryPromise function| createWasm function| js_cloud_adclick function| js_cloud_click function| positive_wait function| ppc_pos function| Base64EncodeUrl function| get_url function| get_token function| ExitStatus function| callRuntimeCallbacks function| intArrayToString function| ___assert_fail function| _abort function| abortOnCannotGrowMemory function| _emscripten_resize_heap object| SYSCALLS function| _proc_exit function| exitJS function| handleException boolean| ASSERTIONS function| decodeBase64 function| intArrayFromBase64 function| tryParseAsDataURI object| asmLibraryArg object| asm function| ___wasm_call_ctors function| _main function| _malloc number| ___start_em_js number| ___stop_em_js boolean| calledRun function| callMain function| run boolean| shouldRunNow object| _scPxHelper object| _scPxTeller object| gaGlobal function| bt object| _bt object| _bcp function| FormRuleService object| justDetectAdblock function| RuleService object| bcConnectionUtil function| BlueConicDataLayerUtility function| md5 object| gaplugins object| gaData object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| nlp object| bc_json302 object| DIGIOH_LOADER function| lightboxjs function| lightboxlib object| TrackersTimingCallType function| MakeTrackersTimingRecord function| CsmLogger object| criteo_perf_q string| qmErrString function| QuantumMetricInstrumentationStart object| QuantumMetricAPI function| consoleError function| qmFindObject object| DIGIOH_API object| LIGHTBOX_API boolean| SENT_LIGHTBOX_PV number| 9ca0f631-6a7d-4379-99b8-c72c4301f2f8_1628789858964_8644745103_lastDataLayerIndex number| 9ca0f631-6a7d-4379-99b8-c72c4301f2f8_1630349814598_8560080726_lastDataLayerIndex boolean| __attnLoaded object| attn_d0x0b_evt object| attentive string| __attentive_domain object| __attentive object| __attentive_cfg boolean| __poll_for_path_change string| attn_d0x0b_cfg function| consentToTracking function| Pixlee_Analytics object| PixleeTrackingPixel function| initVisibility boolean| pixleeDisableLegacyCookie object| pixlee_analytics object| KAMPYLE_EMBED function| ckieRLSckoo function| neustar_response object| myCookie number| dt string| mrkl string| liveintent string| uuid string| cookieName string| cookieValue number| expirationTime object| ck_date number| dateTimeNow string| ck_date_string undefined| scriptTag object| _svq function| ttd_dom_ready function| TTDUniversalPixelApi object| ttdPixel object| jQuery11240595450259161417 object| __attentive_client_cfg boolean| sv_DNT object| _svt number| char object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata object| segment

113 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 38b33afdb36f494aa03f175381ce5c1b
j730.lovesac.com/DG/DEFAULT Name: BCSessionID
Value: 4ea04070-b7c3-407a-bc16-5f6aa68ffdcb
lovesac.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 4ea04070-b7c3-407a-bc16-5f6aa68ffdcb
lovesac.usablenet.com/ Name: X-Mapping-mhmffnck
Value: 298FD8C0A3FA2F8997AEC5F2D80C5E2B
.www.lovesac.com/ Name: PHPSESSID
Value: wrCPyM-%2CViIeMWWwDrPStbiaSxfMg56nirUj2PRhS2t9mMom
www.lovesac.com/ Name: klv_mage
Value: {"expire_sections":{"customerData":1712715312}}
www.lovesac.com/ Name: amzn-checkout-session
Value: {}
www.lovesac.com/ Name: form_key
Value: EjoPHeEPxOaJ74Yj
www.lovesac.com/ Name: mage-cache-storage
Value: {}
www.lovesac.com/ Name: mage-cache-storage-section-invalidation
Value: {}
www.lovesac.com/ Name: mage-cache-sessid
Value: true
www.lovesac.com/ Name: mage-banners-cache-storage
Value: {}
www.lovesac.com/ Name: recently_viewed_product
Value: {}
www.lovesac.com/ Name: recently_viewed_product_previous
Value: {}
www.lovesac.com/ Name: recently_compared_product
Value: {}
www.lovesac.com/ Name: recently_compared_product_previous
Value: {}
www.lovesac.com/ Name: product_data_storage
Value: {}
www.lovesac.com/ Name: mage-messages
Value:
.www.lovesac.com/ Name: form_key
Value: EjoPHeEPxOaJ74Yj
.www.lovesac.com/ Name: wp_customerGroup
Value: NOT%20LOGGED%20IN
www.lovesac.com/ Name: __privaci_cookie_consent_uuid
Value: 5b35f7f4-4ac6-472a-b368-e8b96ceac4ce:7
www.lovesac.com/ Name: __privaci_cookie_consent_generated
Value: 5b35f7f4-4ac6-472a-b368-e8b96ceac4ce:7
.syfpayments.com/ Name: _abck
Value: 64AB46D85C81903ABD1C37559D3DCF5C~-1~YAAQj15swY2NUL+OAQAAhonAxQvBjSk0rJql5B1HEktQSmrYQNEZn+eVUkCBnwfDHadjiNC819yImcOQjDbTu/PzP5r8nZaoxvX8/5Khn0kXtPVmYjJKHZePpyKNrmpOZEFU6HgS6UK8J6nQ7VqTBG0yTjXkXJDqBZmcHZRLnYNBlQxZ9+LKfXSdYu+udIR2JCYPyfgF9ULs3J3O9Px/1KRlLQEznI8sqKehVGmbaMk6o0RgLSMc72wvAve+q173iNNgECixnkanmN4wpXv62gpSQxGv44PbLr2vli8pUXmB12jNdCi6j8BFs8TxlrggJHFAna2S1vRsEso6WGdSrg3wcHO52TknD8sx2fkNicSiUnQSijPblb5Y8yNJX3tqrw==~-1~-1~-1
.syfpayments.com/ Name: ak_bmsc
Value: C8DD39A41C8C97919820925D895E7F18~000000000000000000000000000000~YAAQj15swY6NUL+OAQAAhonAxRdVlLHcZp4Ff22HGJJrK7XkncRrjVf+xf1KIU0upg9p0xjlfasyZ0/CBRMzQ4wta2adHwWRfkbG4UdVcaAA/21xgP2LNrD2XpRJbj4XCI+qj9M7xkOVsTLV7m4eVtaGgdWyK4bf2AzPIP4OaZ6UgbHVzBdQOYxVSgFU88drzAdtVDHBYzJbRVbqwhidI6UtuPHv/KY5vToUF1OWknMCL+/tvhPTWFXoF0qcHZd68wvsfafggXNKV9BdfsPvkhWUp7Hxefc3RDZNZvX14H/fNgDctjiF2X5tN/anDA9OotEtRk1ohr4aGXeFWvLPFCB/Nas9pkuGuLssSwfJxXVgFqZIszoZp+Lp2hRcwW8ssJFrl7uZ8Q==
.syfpayments.com/ Name: bm_sz
Value: 87B644A22E345ABD6A23D3C79834AD30~YAAQj15swY+NUL+OAQAAhonAxRdv592P9ugGPpMaEAqLy6w5MHSoMdeX0ZtDqrR+SmkiSLmWO5LGKhJVXMTGyhZY5e9NEvacTZg0F7ZL20LcfuDb85sPomghX9NZFSF938aXgzF7Lbl8SdQMsGuW4GdtDsuGf2XkYFh7w+gIkkao9XA9F8wetx59pvXra+s3lYJNua7HrW4zFNBXfKhjhlWsGNrJP0RVNT01uAVg7IEL7J2YMa29whrvkeEaodWdSWHv4Z5TciszyBM+XWpn/3LbwgbHORBKnVuI4oT7qVWvPuIfYY+0uGj5bcNz1KDuJlcIwYZDoBsrMYSNyS4UBKQ4xZeKmqoOQW7JDeIONvCh1VpLDQ==~4403513~3491382
.lovesac.com/ Name: BVBRANDID
Value: e3d748b9-f6b2-4ece-a47d-8f4200f8e245
.lovesac.com/ Name: BVBRANDSID
Value: 6088b9cf-c089-45f6-871c-65cc81198e2b
.share.lovesac.com/ Name: xtl_bid
Value: 7356053683137249746
.share.lovesac.com/ Name: access_token
Value: H70LAH4GJE50EVDCSULDBNVLQM
.lovesac.com/ Name: _gcl_au
Value: 1.1.136348060.1712714714
www.lovesac.com/ Name: extole_access_token
Value: H70LAH4GJE50EVDCSULDBNVLQM
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=5944541DF6C5F7|segment=(aj3d)"
.lovesac.com/ Name: ABTastySession
Value: mrasn=&lp=https%253A%252F%252Fwww.lovesac.com%252F
.lovesac.com/ Name: cjConsent
Value: MHxZfDB8Tnww
.lovesac.com/ Name: _uetsid
Value: c4bd6710f6de11eea92cf14a401131f2
.lovesac.com/ Name: _uetvid
Value: c4bd94f0f6de11ee86fef1637521f10f
.lovesac.com/ Name: ABTasty
Value: uid=ecxxgxzfskke38yv&fst=1712714713864&pst=-1&cst=1712714713864&ns=1&pvt=1&pvis=1&th=1081254.1341214.1.1.1.1.1712714713922.1712714713922.1.1_1161931.1440957.1.1.1.1.1712714713920.1712714713920.1.1
.lovesac.com/ Name: _scid
Value: 7ebf31d5-ff62-4b93-95b9-aad2f9c7e687
.lovesac.com/ Name: _scid_r
Value: 7ebf31d5-ff62-4b93-95b9-aad2f9c7e687
.criteo.com/ Name: uid
Value: 018dcbc0-b6b0-447e-9aee-35a1104bf289
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.pinterest.com/ Name: ar_debug
Value: 1
.bing.com/ Name: MUID
Value: 266C025466876AD334BD160967876BBB
.lovesac.com/ Name: _pin_unauth
Value: dWlkPU5qVmpaalV6WldVdE0yWTFOaTAwTWpabExXRTFOalV0WldRNU1UQmtZbVF6TUdRMA
.lovesac.com/ Name: _ga_SN4TBNHBCF
Value: GS1.1.1712714713.1.0.1712714713.0.0.0
.tiktok.com/ Name: _ttp
Value: 2etCuzbkkEvvO6CyCNKSkhsN9zT
.lovesac.com/ Name: _ga_EE9DYJBNV5
Value: GS1.1.1712714714.1.0.1712714714.0.0.0
.rezync.com/ Name: zync-uuid
Value: a65fc773-c72b-4a20-ac73-47f84e4ee159:1712714713.948829
live.rezync.com/ Name: sd-session-id
Value: eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiYTY1ZmM3NzMtYzcyYi00YTIwLWFjNzMtNDdmODRlNGVlMTU5OjE3MTI3MTQ3MTMuOTQ4ODI5In0.ZhXz2Q.EnPD8HIiO2WZ7nPLRkcqJ2u57Uk
.lovesac.com/ Name: _fbp
Value: fb.1.1712714714029.459497391
.lovesac.com/ Name: cto_bundle
Value: nkAilF9BdlhURHZUa3ExQlVoMWdpNHNvNGlIQk8lMkIyN0lHR0N4bFVXT0E5bnlERFdEUkFUWWdHc3Y5aGloWUFDMHNKcyUyQkZCcHJ3Q0NKZnIzUmFocUEwTEFoSVY4NUVPNDZIZEt3R0lsU2ZqUlBJR3lxV2VUMDJqTENaeTNhdnFGVjFRNEdTeTlUNjklMkZqb3gxU3lQaUI2N2FYbkElM0QlM0Q
www.lovesac.com/ Name: BCSessionID
Value: 4ea04070-b7c3-407a-bc16-5f6aa68ffdcb
.lovesac.com/ Name: _ga
Value: GA1.2.1936275137.1712714714
.lovesac.com/ Name: _gid
Value: GA1.2.966537536.1712714714
.lovesac.com/ Name: _gat_UA-9091319-1
Value: 1
.lovesac.com/ Name: _tt_enable_cookie
Value: 1
.lovesac.com/ Name: _ttp
Value: 76yXliBGk9QJpm0OVKquV7lMaLo
www.lovesac.com/ Name: __privaci_cookie_consents
Value: {"consents":{"1":1,"2":1,"3":1,"4":1},"location":"HE#DE","lang":"en","gpcInBrowserOnConsent":false,"gpcStatusInPortalOnConsent":false,"status":"record-consent-success","implicit_consent":true}
www.lovesac.com/ Name: __privaci_latest_published_version
Value: 2
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
lovesac.blueconic.net/ Name: AWSALBCORS
Value: C4jpBcxwH3UCPGsKl2qXvfYvIEtNyAHZImi0YlhpGLAE++kZZ8VWNH8G9NJT3de2U1mOMHs2RZlRuStBSQGsajHHhdBNrzndVL6MZks9RV65wGNQjv3zUs6XcGVG
.lovesac.com/ Name: _sc_cspv
Value: https%3A%2F%2Ftr6.snapchat.com%2Fp
.lovesac.com/ Name: btIdentify
Value: ea9933ad-48dd-42ed-8cea-52069504dd40
.lovesac.com/ Name: _bts
Value: f6846104-4edc-4a49-f19d-0e5103967b25
.lightboxcdn.com/ Name: _cfuvid
Value: uD.Rch3tovUg49t9ueVMb8_pcGpAUp_IwP6RX3sZvdg-1712714714513-0.0.1.1-604800000
j730.lovesac.com/ Name: AWSALB
Value: VWLYbCMz3QZCpRMakZRLNgDp5QDnc6TfrFaIMy46XbE7sbTjvQbAWSbeZreTPnXDh6of3ljvpUiIUS5l0Z3FyXljqee/9llLW86nWYfMhunyYFmuj1A6BAq34GDq
j730.lovesac.com/ Name: AWSALBCORS
Value: VWLYbCMz3QZCpRMakZRLNgDp5QDnc6TfrFaIMy46XbE7sbTjvQbAWSbeZreTPnXDh6of3ljvpUiIUS5l0Z3FyXljqee/9llLW86nWYfMhunyYFmuj1A6BAq34GDq
.lovesac.com/ Name: smartDash
Value: 2e1c998a-2cda-4f0f-b0e0-42256ffe3d43
www.lovesac.com/ Name: __attentive_id
Value: fa624219aef041e9890b771c238703df
www.lovesac.com/ Name: _attn_
Value: eyJ1Ijoie1wiY29cIjoxNzEyNzE0NzE1MTU4LFwidW9cIjoxNzEyNzE0NzE1MTU4LFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcImZhNjI0MjE5YWVmMDQxZTk4OTBiNzcxYzIzODcwM2RmXCJ9In0=
www.lovesac.com/ Name: __attentive_cco
Value: 1712714715159
.agkn.com/ Name: ab
Value: 0001%3APgv%2F2GilGbwLZwSaE%2F90V%2B8oXvzYM8kP
.lovesac.com/ Name: smartDashLRX
Value: 000
.lovesac.com/ Name: _bti
Value: %7B%22app_id%22%3A%22lovesac-furniture%22%2C%22bsin%22%3A%22tso7dONESvWXuVDRtQYwlVPVgeqkjtrSm5L%2F9WoG40nrr6YDJ8sios32L5UjVIUbcfxk76OYMnrim%2B65Cv%2FsOw%3D%3D%22%2C%22is_identified%22%3Afalse%7D
.api.lightboxcdn.com/ Name: TiPMix
Value: 8.229119448661471
.api.lightboxcdn.com/ Name: x-ms-routing-name
Value: self
www.lovesac.com/ Name: __attentive_pv
Value: 1
www.lovesac.com/ Name: __attentive_ss_referrer
Value: ORGANIC
www.lovesac.com/ Name: __attentive_dv
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: G3Um0KzSWgZNoX5z018aKkaSzF0sDcA9yN_m8x1HS6c8KS73AI4S3HEwzlwVu1zoWsmNXAJ9xfMkfFomuI3_9LQQlpzakMoC1yXqGldqsGA.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 4911237510449773568
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2GVJw?+45!]tbPl@/D!9hy6]/CwiCf[svlYyo!UlKlK3bM>@=fQY3ZkDdv28PMLu4fgHwe9l!o??kfpqTsN'*bpRz*qF1`*bbGK+Xw-a
www.lovesac.com/ Name: mdLogger
Value: false
www.lovesac.com/ Name: kampyle_userid
Value: d311-e32c-65c2-c105-a583-d92d-8dc3-c270
www.lovesac.com/ Name: kampyleUserSession
Value: 1712714716454
www.lovesac.com/ Name: kampyleUserSessionsCount
Value: 1
www.lovesac.com/ Name: kampyleSessionPageCounter
Value: 1
www.lovesac.com/ Name: kampyleUserPercentile
Value: 23.588176365644564
.media.net/ Name: visitor-id
Value: 3557163168398517000V10
.media.net/ Name: data-c-ts
Value: 1712714716
.media.net/ Name: data-c
Value: k-LJVDATwL7k3hm7rctRHGPMC9UOYeGpyp898DrQ~~3
.casalemedia.com/ Name: CMID
Value: ZhXz3FVbLcMAADK4Ab36BwAA
.casalemedia.com/ Name: CMPS
Value: 3381
.casalemedia.com/ Name: CMPRO
Value: 3381
.omnitagjs.com/ Name: ayl_visitor
Value: 097f3698e53ab5773338a2f4d4faca0e
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22c6520260-f6de-11ee-8d20-efc6c7bece43%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22c6520260-f6de-11ee-8d20-efc6c7bece43%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%22c6520260-f6de-11ee-8d20-efc6c7bece43%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22c6520260-f6de-11ee-8d20-efc6c7bece43%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-SnQ4TTwL7k3hm7rctRHGPMC9UOY5eec0Px_KMg%22%2C%22version%22%3A%22criteo%22%7D
.demdex.net/ Name: demdex
Value: 65304150327228677723792879267237375865
.adform.net/ Name: C
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 65304150327228677723792879267237375865
.adform.net/ Name: uid
Value: 1570903999803651185
.lovesac.com/ Name: pixlee_analytics_cookie
Value: %7B%22CURRENT_PIXLEE_USER_ID%22%3A%2204a50257-dd38-a96a-fd61-aec484037a63%22%7D
.tremorhub.com/ Name: tvid
Value: 03f46955d1b6462c8f4a53168a9954f6
.tremorhub.com/ Name: tv_UICR
Value: k-a_OuOjwL7k3hm7rctRHGPMC9UOazPuTEFWNrJA
.postrelease.com/ Name: opt_out
Value: 1
.lovesac.com/ Name: QuantumMetricSessionID
Value: 1ae554415e03591931f2022eaf502620
.lovesac.com/ Name: QuantumMetricUserID
Value: d7488c1384c75d211c50fbc72783ebbd
.lovesac.com/ Name: pixlee_analytics_cookie_legacy
Value: %7B%22CURRENT_PIXLEE_USER_ID%22%3A%2204a50257-dd38-a96a-fd61-aec484037a63%22%2C%22TIME_SPENT%22%3A3%7D

108 Console Messages

Source Level URL
Text
other warning URL: https://www.lovesac.com/(Line 595)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://pdpone.syfpos.com/mpp/UniFi.js(Line 1)
Message:
[Report Only] Refused to load the script 'https://widgets.syfpayments.com/?partnerId=PI20013066&productCategoryNames=&offerNumber=&processInd=undefined&cid=unifitest&syfPlatform=' because it violates the following Content Security Policy directive: "script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com unpkg.com/@adobe/ cdn.jsdelivr.net/npm/@adobe/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com *.magento-ds.com *.googleapis.com *.gstatic.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com www.xtento.com cdn.xtento.com *.lovesac.com lovesac.com *.threekit.com *.lovesac.pages.dev lovesac.usablenet.com cdn.gladly.qa cdn.gladly.com assets.pixlee.com assets.pxlecdn.com cdnjs.cloudflare.com *.securiti.ai lovesac.blueconic.net *.scene7.com *.abtasty.com *.digitalsurgeons.cloud *.wufoo.com cdn.noibu.com *.bazaarvoice.com cdn.quantummetric.com www.mczbf.com bat.bing.com *.criteo.net *.criteo.com *.sundaysky.com connect.facebook.net www.lightboxcdn.com sc-static.net analytics.tiktok.com *.xtlo.net live.rezync.com *.mplat-ppcprotect.com *.medallia.com tr.snapchat.com *.boomtrain.com lightboxapi.azurewebsites.net safevisit.online track.securedvisit.com *.rkdms.com *.agkn.com sts.eccmp.com gateway.foresee.com mpsnare.iesnare.com *.syfpos.com analytics.synchrony.com *.mysynchrony.com maps.googleapis.com get.geojs.io js.klevu.com *.ksearchnet.com https://www.googletagmanager.com tagmanager.google.com https://knowledgetags.yextpages.net https://cdn-scripts.signifyd.com https://imgs.signifyd.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
deprecation warning URL: https://assets.pxlecdn.com/assets/pixlee_widget_1_0_0.js(Line 18)
Message:
Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://cdn.noibu.com/collect.js
Message:
[Report Only] Refused to connect to 'https://cdn.noibu.com/collect-worker.js' because it violates the following Content Security Policy directive: "connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com data: *.threekit.com *.gladly.qa *.gladly.com *.securiti.ai lovesac.blueconic.net *.abtasty.com *.lovesac.com wss://input.noibu.com/ *.bazaarvoice.com *.mplat-ppcprotect.com analytics.tiktok.com tr.snapchat.com *.boomtrain.com *.xtlo.net *.criteo.com *.quantummetric.com *.pixlee.com bat.bing.com sts.eccmp.com analytics.foresee.com conversions.lunio.ai www.mczbf.com *.doubleclick.net analytics.pangle-ads.com *.4seeresults.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net maps.googleapis.com *.klevu.com *.ksearchnet.com https://www.google-analytics.com https://imgs.signifyd.com 'self' 'unsafe-inline'".
security error URL: https://cdn.noibu.com/collect.js
Message:
[Report Only] Refused to connect to 'https://cdn.noibu.com/collect-worker.js' because it violates the following Content Security Policy directive: "connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com data: *.threekit.com *.gladly.qa *.gladly.com *.securiti.ai lovesac.blueconic.net *.abtasty.com *.lovesac.com wss://input.noibu.com/ *.bazaarvoice.com *.mplat-ppcprotect.com analytics.tiktok.com tr.snapchat.com *.boomtrain.com *.xtlo.net *.criteo.com *.quantummetric.com *.pixlee.com bat.bing.com sts.eccmp.com analytics.foresee.com conversions.lunio.ai www.mczbf.com *.doubleclick.net analytics.pangle-ads.com *.4seeresults.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net maps.googleapis.com *.klevu.com *.ksearchnet.com https://www.google-analytics.com https://imgs.signifyd.com 'self' 'unsafe-inline'".
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5(Line 151)
Message:
[Report Only] Refused to load the script 'https://s.pinimg.com/ct/core.js' because it violates the following Content Security Policy directive: "script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com unpkg.com/@adobe/ cdn.jsdelivr.net/npm/@adobe/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com *.magento-ds.com *.googleapis.com *.gstatic.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com www.xtento.com cdn.xtento.com *.lovesac.com lovesac.com *.threekit.com *.lovesac.pages.dev lovesac.usablenet.com cdn.gladly.qa cdn.gladly.com assets.pixlee.com assets.pxlecdn.com cdnjs.cloudflare.com *.securiti.ai lovesac.blueconic.net *.scene7.com *.abtasty.com *.digitalsurgeons.cloud *.wufoo.com cdn.noibu.com *.bazaarvoice.com cdn.quantummetric.com www.mczbf.com bat.bing.com *.criteo.net *.criteo.com *.sundaysky.com connect.facebook.net www.lightboxcdn.com sc-static.net analytics.tiktok.com *.xtlo.net live.rezync.com *.mplat-ppcprotect.com *.medallia.com tr.snapchat.com *.boomtrain.com lightboxapi.azurewebsites.net safevisit.online track.securedvisit.com *.rkdms.com *.agkn.com sts.eccmp.com gateway.foresee.com mpsnare.iesnare.com *.syfpos.com analytics.synchrony.com *.mysynchrony.com maps.googleapis.com get.geojs.io js.klevu.com *.ksearchnet.com https://www.googletagmanager.com tagmanager.google.com https://knowledgetags.yextpages.net https://cdn-scripts.signifyd.com https://imgs.signifyd.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ2KRD5(Line 739)
Message:
[Report Only] Refused to load the script 'https://js.adsrvr.org/up_loader.1.1.0.js' because it violates the following Content Security Policy directive: "script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com unpkg.com/@adobe/ cdn.jsdelivr.net/npm/@adobe/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com *.magento-ds.com *.googleapis.com *.gstatic.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com www.xtento.com cdn.xtento.com *.lovesac.com lovesac.com *.threekit.com *.lovesac.pages.dev lovesac.usablenet.com cdn.gladly.qa cdn.gladly.com assets.pixlee.com assets.pxlecdn.com cdnjs.cloudflare.com *.securiti.ai lovesac.blueconic.net *.scene7.com *.abtasty.com *.digitalsurgeons.cloud *.wufoo.com cdn.noibu.com *.bazaarvoice.com cdn.quantummetric.com www.mczbf.com bat.bing.com *.criteo.net *.criteo.com *.sundaysky.com connect.facebook.net www.lightboxcdn.com sc-static.net analytics.tiktok.com *.xtlo.net live.rezync.com *.mplat-ppcprotect.com *.medallia.com tr.snapchat.com *.boomtrain.com lightboxapi.azurewebsites.net safevisit.online track.securedvisit.com *.rkdms.com *.agkn.com sts.eccmp.com gateway.foresee.com mpsnare.iesnare.com *.syfpos.com analytics.synchrony.com *.mysynchrony.com maps.googleapis.com get.geojs.io js.klevu.com *.ksearchnet.com https://www.googletagmanager.com tagmanager.google.com https://knowledgetags.yextpages.net https://cdn-scripts.signifyd.com https://imgs.signifyd.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://s.pinimg.com/ct/core.js
Message:
[Report Only] Refused to load the script 'https://s.pinimg.com/ct/lib/main.d1ecc6ee.js' because it violates the following Content Security Policy directive: "script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com unpkg.com/@adobe/ cdn.jsdelivr.net/npm/@adobe/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com *.magento-ds.com *.googleapis.com *.gstatic.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com www.xtento.com cdn.xtento.com *.lovesac.com lovesac.com *.threekit.com *.lovesac.pages.dev lovesac.usablenet.com cdn.gladly.qa cdn.gladly.com assets.pixlee.com assets.pxlecdn.com cdnjs.cloudflare.com *.securiti.ai lovesac.blueconic.net *.scene7.com *.abtasty.com *.digitalsurgeons.cloud *.wufoo.com cdn.noibu.com *.bazaarvoice.com cdn.quantummetric.com www.mczbf.com bat.bing.com *.criteo.net *.criteo.com *.sundaysky.com connect.facebook.net www.lightboxcdn.com sc-static.net analytics.tiktok.com *.xtlo.net live.rezync.com *.mplat-ppcprotect.com *.medallia.com tr.snapchat.com *.boomtrain.com lightboxapi.azurewebsites.net safevisit.online track.securedvisit.com *.rkdms.com *.agkn.com sts.eccmp.com gateway.foresee.com mpsnare.iesnare.com *.syfpos.com analytics.synchrony.com *.mysynchrony.com maps.googleapis.com get.geojs.io js.klevu.com *.ksearchnet.com https://www.googletagmanager.com tagmanager.google.com https://knowledgetags.yextpages.net https://cdn-scripts.signifyd.com https://imgs.signifyd.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://cdn.noibu.com/collect.js
Message:
[Report Only] Refused to connect to 'https://ct.pinterest.com/user/?tid=2619248618442&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1712714713875&dep=2%2CPAGE_LOAD' because it violates the following Content Security Policy directive: "connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com data: *.threekit.com *.gladly.qa *.gladly.com *.securiti.ai lovesac.blueconic.net *.abtasty.com *.lovesac.com wss://input.noibu.com/ *.bazaarvoice.com *.mplat-ppcprotect.com analytics.tiktok.com tr.snapchat.com *.boomtrain.com *.xtlo.net *.criteo.com *.quantummetric.com *.pixlee.com bat.bing.com sts.eccmp.com analytics.foresee.com conversions.lunio.ai www.mczbf.com *.doubleclick.net analytics.pangle-ads.com *.4seeresults.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net maps.googleapis.com *.klevu.com *.ksearchnet.com https://www.google-analytics.com https://imgs.signifyd.com 'self' 'unsafe-inline'".
security error URL: https://cdn.noibu.com/collect.js
Message:
[Report Only] Refused to connect to 'https://ct.pinterest.com/v3/?tid=2619248618442&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.lovesac.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A600%2C%22sw%22%3A800%2C%22mh%22%3A%22d1ecc6ee%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22123.0.6312.105%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1712714713894' because it violates the following Content Security Policy directive: "connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com data: *.threekit.com *.gladly.qa *.gladly.com *.securiti.ai lovesac.blueconic.net *.abtasty.com *.lovesac.com wss://input.noibu.com/ *.bazaarvoice.com *.mplat-ppcprotect.com analytics.tiktok.com tr.snapchat.com *.boomtrain.com *.xtlo.net *.criteo.com *.quantummetric.com *.pixlee.com bat.bing.com sts.eccmp.com analytics.foresee.com conversions.lunio.ai www.mczbf.com *.doubleclick.net analytics.pangle-ads.com *.4seeresults.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net maps.googleapis.com *.klevu.com *.ksearchnet.com https://www.google-analytics.com https://imgs.signifyd.com 'self' 'unsafe-inline'".
security error URL: https://cdn.noibu.com/collect.js
Message:
[Report Only] Refused to connect to 'https://ct.pinterest.com/v3/?tid=2619248618442&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.lovesac.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A600%2C%22sw%22%3A800%2C%22mh%22%3A%22d1ecc6ee%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22123.0.6312.105%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1712714713894' because it violates the following Content Security Policy directive: "connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com data: *.threekit.com *.gladly.qa *.gladly.com *.securiti.ai lovesac.blueconic.net *.abtasty.com *.lovesac.com wss://input.noibu.com/ *.bazaarvoice.com *.mplat-ppcprotect.com analytics.tiktok.com tr.snapchat.com *.boomtrain.com *.xtlo.net *.criteo.com *.quantummetric.com *.pixlee.com bat.bing.com sts.eccmp.com analytics.foresee.com conversions.lunio.ai www.mczbf.com *.doubleclick.net analytics.pangle-ads.com *.4seeresults.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net maps.googleapis.com *.klevu.com *.ksearchnet.com https://www.google-analytics.com https://imgs.signifyd.com 'self' 'unsafe-inline'".
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-SN4TBNHBCF&l=dataLayer&cx=c(Line 140)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-SN4TBNHBCF&gtm=45je4480v886192096z8831672054za200&_p=1712714711309&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1936275137.1712714714&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712714713&sct=1&seg=0&dl=https%3A%2F%2Fwww.lovesac.com%2F&dt=Lovesac%20-%20Modern%20Furniture%20%7C%20Modular%20Sectionals%20%26%20Bean%20Bag%20Chairs&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2753' because it violates the following Content Security Policy directive: "connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com data: *.threekit.com *.gladly.qa *.gladly.com *.securiti.ai lovesac.blueconic.net *.abtasty.com *.lovesac.com wss://input.noibu.com/ *.bazaarvoice.com *.mplat-ppcprotect.com analytics.tiktok.com tr.snapchat.com *.boomtrain.com *.xtlo.net *.criteo.com *.quantummetric.com *.pixlee.com bat.bing.com sts.eccmp.com analytics.foresee.com conversions.lunio.ai www.mczbf.com *.doubleclick.net analytics.pangle-ads.com *.4seeresults.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net maps.googleapis.com *.klevu.com *.ksearchnet.com https://www.google-analytics.com https://imgs.signifyd.com 'self' 'unsafe-inline'".
security error URL: https://www.googletagmanager.com/gtag/js?id=G-SN4TBNHBCF&l=dataLayer&cx=c(Line 140)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-SN4TBNHBCF&gtm=45je4480v886192096z8831672054za200&_p=1712714711309&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1936275137.1712714714&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712714713&sct=1&seg=0&dl=https%3A%2F%2Fwww.lovesac.com%2F&dt=Lovesac%20-%20Modern%20Furniture%20%7C%20Modular%20Sectionals%20%26%20Bean%20Bag%20Chairs&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2753' because it violates the following Content Security Policy directive: "connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com data: *.threekit.com *.gladly.qa *.gladly.com *.securiti.ai lovesac.blueconic.net *.abtasty.com *.lovesac.com wss://input.noibu.com/ *.bazaarvoice.com *.mplat-ppcprotect.com analytics.tiktok.com tr.snapchat.com *.boomtrain.com *.xtlo.net *.criteo.com *.quantummetric.com *.pixlee.com bat.bing.com sts.eccmp.com analytics.foresee.com conversions.lunio.ai www.mczbf.com *.doubleclick.net analytics.pangle-ads.com *.4seeresults.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net maps.googleapis.com *.klevu.com *.ksearchnet.com https://www.google-analytics.com https://imgs.signifyd.com 'self' 'unsafe-inline'".
security error URL: https://www.googletagmanager.com/gtag/js?id=G-EE9DYJBNV5&l=dataLayer&cx=c(Line 137)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-EE9DYJBNV5&gtm=45je4480v872365513z8867000499za200&_p=1712714711309&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1936275137.1712714714&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fwww.lovesac.com%2F&dt=Lovesac%20-%20Modern%20Furniture%20%7C%20Modular%20Sectionals%20%26%20Bean%20Bag%20Chairs&dp=%2F&sid=1712714714&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.client_container_info=GTM-WNGFJS5%20v16&ep.client_timestamp_iso=2024-04-10T04%3A05%3A13.804%2B02%3A00&ep.client_timezone=%2B2&ep.value=&up.last_timezone=%2B2&tfd=2769' because it violates the following Content Security Policy directive: "connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com data: *.threekit.com *.gladly.qa *.gladly.com *.securiti.ai lovesac.blueconic.net *.abtasty.com *.lovesac.com wss://input.noibu.com/ *.bazaarvoice.com *.mplat-ppcprotect.com analytics.tiktok.com tr.snapchat.com *.boomtrain.com *.xtlo.net *.criteo.com *.quantummetric.com *.pixlee.com bat.bing.com sts.eccmp.com analytics.foresee.com conversions.lunio.ai www.mczbf.com *.doubleclick.net analytics.pangle-ads.com *.4seeresults.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net maps.googleapis.com *.klevu.com *.ksearchnet.com https://www.google-analytics.com https://imgs.signifyd.com 'self' 'unsafe-inline'".
security error URL: https://www.googletagmanager.com/gtag/js?id=G-EE9DYJBNV5&l=dataLayer&cx=c(Line 137)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-EE9DYJBNV5&gtm=45je4480v872365513z8867000499za200&_p=1712714711309&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1936275137.1712714714&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fwww.lovesac.com%2F&dt=Lovesac%20-%20Modern%20Furniture%20%7C%20Modular%20Sectionals%20%26%20Bean%20Bag%20Chairs&dp=%2F&sid=1712714714&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.client_container_info=GTM-WNGFJS5%20v16&ep.client_timestamp_iso=2024-04-10T04%3A05%3A13.804%2B02%3A00&ep.client_timezone=%2B2&ep.value=&up.last_timezone=%2B2&tfd=2769' because it violates the following Content Security Policy directive: "connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com data: *.threekit.com *.gladly.qa *.gladly.com *.securiti.ai lovesac.blueconic.net *.abtasty.com *.lovesac.com wss://input.noibu.com/ *.bazaarvoice.com *.mplat-ppcprotect.com analytics.tiktok.com tr.snapchat.com *.boomtrain.com *.xtlo.net *.criteo.com *.quantummetric.com *.pixlee.com bat.bing.com sts.eccmp.com analytics.foresee.com conversions.lunio.ai www.mczbf.com *.doubleclick.net analytics.pangle-ads.com *.4seeresults.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net maps.googleapis.com *.klevu.com *.ksearchnet.com https://www.google-analytics.com https://imgs.signifyd.com 'self' 'unsafe-inline'".
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/1690459044350386?v=2.9.153&r=stable&domain=www.lovesac.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://sc-static.net/scevent.min.js(Line 8)
Message:
[Report Only] Refused to connect to 'https://tr6.snapchat.com/p' because it violates the following Content Security Policy directive: "connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com data: *.threekit.com *.gladly.qa *.gladly.com *.securiti.ai lovesac.blueconic.net *.abtasty.com *.lovesac.com wss://input.noibu.com/ *.bazaarvoice.com *.mplat-ppcprotect.com analytics.tiktok.com tr.snapchat.com *.boomtrain.com *.xtlo.net *.criteo.com *.quantummetric.com *.pixlee.com bat.bing.com sts.eccmp.com analytics.foresee.com conversions.lunio.ai www.mczbf.com *.doubleclick.net analytics.pangle-ads.com *.4seeresults.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net maps.googleapis.com *.klevu.com *.ksearchnet.com https://www.google-analytics.com https://imgs.signifyd.com 'self' 'unsafe-inline'".
security error URL: https://sc-static.net/scevent.min.js(Line 8)
Message:
[Report Only] Refused to connect to 'https://tr6.snapchat.com/p' because it violates the following Content Security Policy directive: "connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com data: *.threekit.com *.gladly.qa *.gladly.com *.securiti.ai lovesac.blueconic.net *.abtasty.com *.lovesac.com wss://input.noibu.com/ *.bazaarvoice.com *.mplat-ppcprotect.com analytics.tiktok.com tr.snapchat.com *.boomtrain.com *.xtlo.net *.criteo.com *.quantummetric.com *.pixlee.com bat.bing.com sts.eccmp.com analytics.foresee.com conversions.lunio.ai www.mczbf.com *.doubleclick.net analytics.pangle-ads.com *.4seeresults.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net maps.googleapis.com *.klevu.com *.ksearchnet.com https://www.google-analytics.com https://imgs.signifyd.com 'self' 'unsafe-inline'".
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://www.lightboxcdn.com/vendor/dd608e6d-75ec-4b01-990d-b4a448031a5e/user.js?cb=638477252510047176(Line 131)
Message:
[Report Only] Refused to load the script 'https://api.lightboxcdn.com/z9gd/42882/www.lovesac.com/jsonp/z?cb=1712714714931&dre=l&callback=jQuery11240595450259161417_1712714714919&_=1712714714920' because it violates the following Content Security Policy directive: "script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com unpkg.com/@adobe/ cdn.jsdelivr.net/npm/@adobe/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com *.magento-ds.com *.googleapis.com *.gstatic.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com www.xtento.com cdn.xtento.com *.lovesac.com lovesac.com *.threekit.com *.lovesac.pages.dev lovesac.usablenet.com cdn.gladly.qa cdn.gladly.com assets.pixlee.com assets.pxlecdn.com cdnjs.cloudflare.com *.securiti.ai lovesac.blueconic.net *.scene7.com *.abtasty.com *.digitalsurgeons.cloud *.wufoo.com cdn.noibu.com *.bazaarvoice.com cdn.quantummetric.com www.mczbf.com bat.bing.com *.criteo.net *.criteo.com *.sundaysky.com connect.facebook.net www.lightboxcdn.com sc-static.net analytics.tiktok.com *.xtlo.net live.rezync.com *.mplat-ppcprotect.com *.medallia.com tr.snapchat.com *.boomtrain.com lightboxapi.azurewebsites.net safevisit.online track.securedvisit.com *.rkdms.com *.agkn.com sts.eccmp.com gateway.foresee.com mpsnare.iesnare.com *.syfpos.com analytics.synchrony.com *.mysynchrony.com maps.googleapis.com get.geojs.io js.klevu.com *.ksearchnet.com https://www.googletagmanager.com tagmanager.google.com https://knowledgetags.yextpages.net https://cdn-scripts.signifyd.com https://imgs.signifyd.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://safevisit.online/?lcid=11083(Line 97)
Message:
[Report Only] Refused to load the script 'https://ghs4.safevisit.online/?lcid=11083&ncookie=2e1c998a-2cda-4f0f-b0e0-42256ffe3d43&furl=aHR0cHM6Ly93d3cubG92ZXNhYy5jb20v' because it violates the following Content Security Policy directive: "script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com unpkg.com/@adobe/ cdn.jsdelivr.net/npm/@adobe/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com *.magento-ds.com *.googleapis.com *.gstatic.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com www.xtento.com cdn.xtento.com *.lovesac.com lovesac.com *.threekit.com *.lovesac.pages.dev lovesac.usablenet.com cdn.gladly.qa cdn.gladly.com assets.pixlee.com assets.pxlecdn.com cdnjs.cloudflare.com *.securiti.ai lovesac.blueconic.net *.scene7.com *.abtasty.com *.digitalsurgeons.cloud *.wufoo.com cdn.noibu.com *.bazaarvoice.com cdn.quantummetric.com www.mczbf.com bat.bing.com *.criteo.net *.criteo.com *.sundaysky.com connect.facebook.net www.lightboxcdn.com sc-static.net analytics.tiktok.com *.xtlo.net live.rezync.com *.mplat-ppcprotect.com *.medallia.com tr.snapchat.com *.boomtrain.com lightboxapi.azurewebsites.net safevisit.online track.securedvisit.com *.rkdms.com *.agkn.com sts.eccmp.com gateway.foresee.com mpsnare.iesnare.com *.syfpos.com analytics.synchrony.com *.mysynchrony.com maps.googleapis.com get.geojs.io js.klevu.com *.ksearchnet.com https://www.googletagmanager.com tagmanager.google.com https://knowledgetags.yextpages.net https://cdn-scripts.signifyd.com https://imgs.signifyd.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://s.pinimg.com/ct/lib/main.d1ecc6ee.js
Message:
[Report Only] Refused to load the script 'https://ct.pinterest.com/static/ct/token_create.js' because it violates the following Content Security Policy directive: "script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com unpkg.com/@adobe/ cdn.jsdelivr.net/npm/@adobe/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com *.magento-ds.com *.googleapis.com *.gstatic.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com www.xtento.com cdn.xtento.com *.lovesac.com lovesac.com *.threekit.com *.lovesac.pages.dev lovesac.usablenet.com cdn.gladly.qa cdn.gladly.com assets.pixlee.com assets.pxlecdn.com cdnjs.cloudflare.com *.securiti.ai lovesac.blueconic.net *.scene7.com *.abtasty.com *.digitalsurgeons.cloud *.wufoo.com cdn.noibu.com *.bazaarvoice.com cdn.quantummetric.com www.mczbf.com bat.bing.com *.criteo.net *.criteo.com *.sundaysky.com connect.facebook.net www.lightboxcdn.com sc-static.net analytics.tiktok.com *.xtlo.net live.rezync.com *.mplat-ppcprotect.com *.medallia.com tr.snapchat.com *.boomtrain.com lightboxapi.azurewebsites.net safevisit.online track.securedvisit.com *.rkdms.com *.agkn.com sts.eccmp.com gateway.foresee.com mpsnare.iesnare.com *.syfpos.com analytics.synchrony.com *.mysynchrony.com maps.googleapis.com get.geojs.io js.klevu.com *.ksearchnet.com https://www.googletagmanager.com tagmanager.google.com https://knowledgetags.yextpages.net https://cdn-scripts.signifyd.com https://imgs.signifyd.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security warning URL: https://sslwidget.criteo.com/event?a=45255&v=5.23.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=nkAilF9BdlhURHZUa3ExQlVoMWdpNHNvNGlIQk8lMkIyN0lHR0N4bFVXT0E5bnlERFdEUkFUWWdHc3Y5aGloWUFDMHNKcyUyQkZCcHJ3Q0NKZnIzUmFocUEwTEFoSVY4NUVPNDZIZEt3R0lsU2ZqUlBJR3lxV2VUMDJqTENaeTNhdnFGVjFRNEdTeTlUNjklMkZqb3gxU3lQaUI2N2FYbkElM0QlM0Q&tld=lovesac.com&fu=https%253A%252F%252Fwww.lovesac.com%252F&ceid=6f25325b-cb83-4d65-9a0d-a4cf46151c3e&dtycbr=26807
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.lovesac.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://cdn.noibu.com/collect.js
Message:
[Report Only] Refused to connect to 'https://input.noibu.com/metrics' because it violates the following Content Security Policy directive: "connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com data: *.threekit.com *.gladly.qa *.gladly.com *.securiti.ai lovesac.blueconic.net *.abtasty.com *.lovesac.com wss://input.noibu.com/ *.bazaarvoice.com *.mplat-ppcprotect.com analytics.tiktok.com tr.snapchat.com *.boomtrain.com *.xtlo.net *.criteo.com *.quantummetric.com *.pixlee.com bat.bing.com sts.eccmp.com analytics.foresee.com conversions.lunio.ai www.mczbf.com *.doubleclick.net analytics.pangle-ads.com *.4seeresults.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net maps.googleapis.com *.klevu.com *.ksearchnet.com https://www.google-analytics.com https://imgs.signifyd.com 'self' 'unsafe-inline'".
security error URL: https://cdn.noibu.com/collect.js
Message:
[Report Only] Refused to connect to 'https://input.noibu.com/metrics' because it violates the following Content Security Policy directive: "connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com data: *.threekit.com *.gladly.qa *.gladly.com *.securiti.ai lovesac.blueconic.net *.abtasty.com *.lovesac.com wss://input.noibu.com/ *.bazaarvoice.com *.mplat-ppcprotect.com analytics.tiktok.com tr.snapchat.com *.boomtrain.com *.xtlo.net *.criteo.com *.quantummetric.com *.pixlee.com bat.bing.com sts.eccmp.com analytics.foresee.com conversions.lunio.ai www.mczbf.com *.doubleclick.net analytics.pangle-ads.com *.4seeresults.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net maps.googleapis.com *.klevu.com *.ksearchnet.com https://www.google-analytics.com https://imgs.signifyd.com 'self' 'unsafe-inline'".
security error URL: https://www.googletagmanager.com/gtag/js?id=G-SN4TBNHBCF&l=dataLayer&cx=c(Line 140)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-SN4TBNHBCF&gtm=45je4480v886192096za200&_p=1712714711309&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1936275137.1712714714&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&sid=1712714713&sct=1&seg=0&dl=https%3A%2F%2Fwww.lovesac.com%2F&dt=Lovesac%20-%20Modern%20Furniture%20%7C%20Modular%20Sectionals%20%26%20Bean%20Bag%20Chairs&en=user_engagement&_et=7458&tfd=10213' because it violates the following Content Security Policy directive: "connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com data: *.threekit.com *.gladly.qa *.gladly.com *.securiti.ai lovesac.blueconic.net *.abtasty.com *.lovesac.com wss://input.noibu.com/ *.bazaarvoice.com *.mplat-ppcprotect.com analytics.tiktok.com tr.snapchat.com *.boomtrain.com *.xtlo.net *.criteo.com *.quantummetric.com *.pixlee.com bat.bing.com sts.eccmp.com analytics.foresee.com conversions.lunio.ai www.mczbf.com *.doubleclick.net analytics.pangle-ads.com *.4seeresults.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net maps.googleapis.com *.klevu.com *.ksearchnet.com https://www.google-analytics.com https://imgs.signifyd.com 'self' 'unsafe-inline'".
security error URL: https://www.googletagmanager.com/gtag/js?id=G-SN4TBNHBCF&l=dataLayer&cx=c(Line 140)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-SN4TBNHBCF&gtm=45je4480v886192096za200&_p=1712714711309&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1936275137.1712714714&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&sid=1712714713&sct=1&seg=0&dl=https%3A%2F%2Fwww.lovesac.com%2F&dt=Lovesac%20-%20Modern%20Furniture%20%7C%20Modular%20Sectionals%20%26%20Bean%20Bag%20Chairs&en=user_engagement&_et=7458&tfd=10213' because it violates the following Content Security Policy directive: "connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com data: *.threekit.com *.gladly.qa *.gladly.com *.securiti.ai lovesac.blueconic.net *.abtasty.com *.lovesac.com wss://input.noibu.com/ *.bazaarvoice.com *.mplat-ppcprotect.com analytics.tiktok.com tr.snapchat.com *.boomtrain.com *.xtlo.net *.criteo.com *.quantummetric.com *.pixlee.com bat.bing.com sts.eccmp.com analytics.foresee.com conversions.lunio.ai www.mczbf.com *.doubleclick.net analytics.pangle-ads.com *.4seeresults.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net maps.googleapis.com *.klevu.com *.ksearchnet.com https://www.google-analytics.com https://imgs.signifyd.com 'self' 'unsafe-inline'".
security error URL: https://www.googletagmanager.com/gtag/js?id=G-EE9DYJBNV5&l=dataLayer&cx=c(Line 137)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-EE9DYJBNV5&gtm=45je4480v872365513za200&_p=1712714711309&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1936275137.1712714714&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&dl=https%3A%2F%2Fwww.lovesac.com%2F&dt=Lovesac%20-%20Modern%20Furniture%20%7C%20Modular%20Sectionals%20%26%20Bean%20Bag%20Chairs&dp=%2F&sid=1712714714&sct=1&seg=0&en=user_engagement&ep.client_container_info=GTM-WNGFJS5%20v16&ep.client_timestamp_iso=2024-04-10T04%3A05%3A13.802%2B02%3A00&ep.client_timezone=%2B2&ep.value=&_et=7446&tfd=10218' because it violates the following Content Security Policy directive: "connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com data: *.threekit.com *.gladly.qa *.gladly.com *.securiti.ai lovesac.blueconic.net *.abtasty.com *.lovesac.com wss://input.noibu.com/ *.bazaarvoice.com *.mplat-ppcprotect.com analytics.tiktok.com tr.snapchat.com *.boomtrain.com *.xtlo.net *.criteo.com *.quantummetric.com *.pixlee.com bat.bing.com sts.eccmp.com analytics.foresee.com conversions.lunio.ai www.mczbf.com *.doubleclick.net analytics.pangle-ads.com *.4seeresults.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net maps.googleapis.com *.klevu.com *.ksearchnet.com https://www.google-analytics.com https://imgs.signifyd.com 'self' 'unsafe-inline'".
security error URL: https://www.googletagmanager.com/gtag/js?id=G-EE9DYJBNV5&l=dataLayer&cx=c(Line 137)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-EE9DYJBNV5&gtm=45je4480v872365513za200&_p=1712714711309&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1936275137.1712714714&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&dl=https%3A%2F%2Fwww.lovesac.com%2F&dt=Lovesac%20-%20Modern%20Furniture%20%7C%20Modular%20Sectionals%20%26%20Bean%20Bag%20Chairs&dp=%2F&sid=1712714714&sct=1&seg=0&en=user_engagement&ep.client_container_info=GTM-WNGFJS5%20v16&ep.client_timestamp_iso=2024-04-10T04%3A05%3A13.802%2B02%3A00&ep.client_timezone=%2B2&ep.value=&_et=7446&tfd=10218' because it violates the following Content Security Policy directive: "connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.googleapis.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.affirm.com *.affirm.ca *.attn.tv events.attentivemobile.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com data: *.threekit.com *.gladly.qa *.gladly.com *.securiti.ai lovesac.blueconic.net *.abtasty.com *.lovesac.com wss://input.noibu.com/ *.bazaarvoice.com *.mplat-ppcprotect.com analytics.tiktok.com tr.snapchat.com *.boomtrain.com *.xtlo.net *.criteo.com *.quantummetric.com *.pixlee.com bat.bing.com sts.eccmp.com analytics.foresee.com conversions.lunio.ai www.mczbf.com *.doubleclick.net analytics.pangle-ads.com *.4seeresults.com *.syfpos.com *.syf.com *.d1.sc.omtrdc.net maps.googleapis.com *.klevu.com *.ksearchnet.com https://www.google-analytics.com https://imgs.signifyd.com 'self' 'unsafe-inline'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13921035.fls.doubleclick.net
a.twiago.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
analytics.tiktok.com
api.lightboxcdn.com
app.securiti.ai
apps.bazaarvoice.com
ariane.abtasty.com
assets.pixlee.com
assets.pxlecdn.com
bat.bing.com
c1.adform.net
cdn-prod.securiti.ai
cdn.attn.tv
cdn.boomtrain.com
cdn.gladly.com
cdn.noibu.com
cdn.quantummetric.com
cdn1-res.sundaysky.com
cdnjs.cloudflare.com
click.prod.mplat-ppcprotect.com
client.prod.mplat-ppcprotect.com
cm.adform.net
cm.g.doubleclick.net
commerce.adobedtm.com
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
csm.va.us.criteo.net
ct.pinterest.com
data.adxcel-ec2.com
dcinfos-cache.abtasty.com
dis.criteo.com
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
events.api.boomtrain.com
events.attentivemobile.com
exchange.mediavine.com
ghs4.safevisit.online
gum.criteo.com
hb.yahoo.net
ib.adnxs.com
id5-sync.com
ingest.quantummetric.com
insight.adsrvr.org
j730.lovesac.com
jadserve.postrelease.com
js.adsrvr.org
js.klevu.com
live.rezync.com
lovesac.attn.tv
lovesac.blueconic.net
lovesac.usablenet.com
match.sharethrough.com
matching.ivitrack.com
maxcdn.bootstrapcdn.com
network-a.bazaarvoice.com
origin.xtlo.net
p.typekit.net
pdpone.syfpos.com
people.api.boomtrain.com
photos.pixlee.co
photos.pixlee.com
pixel.rubiconproject.com
r.casalemedia.com
region1.google-analytics.com
resources.digital-cloud-west.medallia.com
rtb-csync.smartadserver.com
s-vop.sundaysky.com
s.pinimg.com
s7d4.scene7.com
safevisit.online
sc-static.net
servedby.flashtalking.com
share.lovesac.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tr.snapchat.com
tr6.snapchat.com
track.sv.rkdms.com
try.abtasty.com
udc-neb.kampyle.com
unpkg.com
use.typekit.net
visitor.omnitagjs.com
visitor.service.ksearchnet.com
widget.us.criteo.com
widgets.syfpayments.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.lightboxcdn.com
www.lovesac.com
www.mczbf.com
x.bidswitch.net
widgets.syfpayments.com
104.126.37.129
104.17.24.14
104.18.10.207
104.18.36.155
104.18.39.221
104.18.43.135
108.138.7.55
13.32.121.79
13.32.27.28
141.226.228.48
142.250.184.198
142.250.185.226
142.250.186.110
143.204.207.250
143.204.215.90
146.75.121.230
15.197.226.17
151.101.130.132
151.101.192.84
151.101.193.124
151.101.194.132
151.101.66.132
157.240.252.13
162.19.138.83
169.47.214.218
172.217.16.211
172.67.20.158
178.250.1.9
18.172.103.101
18.172.112.60
18.172.112.82
18.197.235.123
18.245.86.97
184.30.17.243
185.255.84.153
198.47.127.205
2.17.190.22
2.19.216.231
2.19.216.27
2.19.217.101
20.40.202.0
2001:4860:4802:32::15
2001:4860:4802:32::36
216.58.206.72
23.215.22.232
23.48.23.22
2600:1f18:612b:4232:cecf:cf1:37f4:7c02
2600:9000:20eb:b000:16:4ed5:12c0:93a1
2600:9000:21f3:fe00:1c:9484:cec0:93a1
2600:9000:236e:4c00:7:4973:1b00:93a1
2600:9000:2644:8000:12:1bf:30c0:93a1
2600:9000:26e8:2800:d:274d:a6c0:93a1
2600:9000:2724:5e00:c:2652:1440:93a1
2600:9000:2724:c200:c:8c1e:5700:93a1
2606:4700:10::ac43:fd5
2606:4700::6811:f6cb
2606:4700::6813:d383
2620:100:a001::16
2620:1ec:c11::237
2a00:1450:4001:803::200e
2a00:1450:4001:81d::2008
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:587::1e80
2a02:26f0:3500:58e::9b6
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:8e::84
3.220.94.22
3.33.220.150
34.117.157.22
34.234.6.154
34.238.18.43
34.249.143.0
34.29.182.184
34.36.178.232
35.156.148.181
35.156.226.249
35.175.156.69
35.190.43.134
35.214.149.91
35.241.45.82
37.157.6.233
37.252.172.123
52.17.32.208
52.59.89.164
52.86.11.20
52.87.59.181
54.204.188.67
54.210.74.8
54.217.116.3
54.229.129.177
54.235.91.184
64.202.112.223
69.173.144.138
74.119.119.150
76.223.111.18
81.17.55.172
85.215.5.31
009cdbbbac6c649ca417e6f52e56f639e51a5fc9570d6069a3c18939842e8450
012ec14c43206654b2b1015ae17c67436ab1767d7d9ac9878c75c74c5e13af00
0284123b51e36d10ded27589473aa7d05b5a5f0fae60ff6e6d04eba670889812
02c045b5a38b1e9a01bf15ab6d48d526dc60a726bf041fe32d153b4ffd71e761
049174c132f9100a6cab7ecd7d5521e6f1d866f30c6a73133f563e451c85e418
0876c3e213c65c47619e2b96830c7ce52b5cf6ee9e8bfb8eef7edb635242861e
09244974d9decf20f9cd3402621e4844a454f3ae43cdf509538f43c0456ba6c4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
107fc2ce0a096cd103fa0660ca6b30b083ab33d5e121b75227a1f0ae8d3d584e
12eaf60f8c5146cccd3f414e4dde5cea93390d943f7137ef944dc7efe185deaf
14dfdd4a7b1ae0d19c37f4a9a07425148ee0e78c2f863058b35668b0264e6c9c
17263714d72ad714f1f1a7074ee7b97765b950c8e32b7e127fec7f4c1394a991
1881fff271bbc7bf282c41d2772a5e8150c594147f6b51db9680e4b8828f77e4
18d43e902c867460d9121b44a9bf2ace12d2d72e5c97dff1b230358b3f1a8f33
18d7d2d03c9b4c037b5979e4d5cdc57d23d8a422149432872ec127f5f758eb4e
1b3041129f89cebe041390aed7e64e124afdb6d3070620a08b70469b4f23b978
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c7a13438386b27ae3874ff95ac5cb2ed21b805261427e9da870e93c35e788de
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e24e3264d2d702b3fd7d018c228e4f380b129b471658e75ce096e87c49c8eca
1e70b91c30fa6b31f9b24c9c60c9ec05ab57ea52a99aaa664906dacb154aace7
238c057dcc9299913cd9cda1011cc4395ca6343cd774aa69b36b7f5e2400a313
25ba86f8d39eff073555bfe0a6dc306c98824ec2b4879f0496f0f4b0b98bb829
265c33916e1b0a20d7b9ed9221c90213ea347b40d0346385ab0f55580c462bf8
27059d93395a5c6318e0859b544b9023687e0c2db11dd9bc2f3023c0226f0e73
2a7393075ea566ae98e5d21d6b9ddfd0e7f920dde1c3690e0a892412291045fd
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
348f8aee8b366208cf861a97f66ff6f38072c6ac8f2740a7383c7c88259828d5
3583b6dc59dcaa82d3a33eff6c6e80d8be53ba0d89d2522865d4d33c13dd4b96
36620858bac089c31ac25ee89ebac718e2d7814a0fb9f76dacc134dd2597256c
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3c5e422cf84c74ee31feff16c35e2f1ff00f6fd9c32a91a4e34f1a38e3237794
3d31ef610450e6866499b72e26e5fd1a697428fd89475efed752fc3c956b5abb
3f216ba1556b37ec1d15959f46b8bc374fedca9daf19db6193478ab686e747c5
3f803cd3ad083b2dfc46f628f1a0fd79e37aaafb09cadb4eecf7a1cdc1186858
40253372ad1a75dee6584820d85460caf7e0a4bb5a254ccb1f625ca85ab7f297
42e9ab9978bb7db9d38632c334fa2c2032686ff95dde62dabd912b7b130b90ae
44a3a91d62052c51893b2366c41a2cc36903c450734081cbb771b9ef5b572a19
46428f2c539eecc8b06fecb7ea74dc8f945fd9ab25b8b4cabba1aa55f6d91239
49816e3ef480597e5ea3b2eaf8b0167006a1a00965dc2b83df237da88ca5b4ce
49b1d77700bd94f37e38f438267753cc2ebec887a889fb1b5ef687d12bb09ef8
49f494a792999e895b2a35d265ed2fb330caa74a107065c4fb56c6d9e8bf5c10
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c4b37e1a1a629c838a519652ddb794ff357eb469ea309904b70831a37541f26
4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d
4d16c3e405ef62aa4fdf11e447cae70eab3ae1a9bdc4345f988a50f4d47b3cde
4d319cdc58687cd652ed4be1d855fdbc9d93076fb064ba9c52e541c572ace3b8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
518874f5026365612b8745b48c42540f48edeb6c79d2dde99b985e28ec3aab7b
521d5f3b24dd316c91d13f6194b6234faddcef94cb96bbd51b2f8208b0495c65
52634f6d2221b6070db80886274021999f7a51900891981a3bc6c2e929451d14
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549a7f74babc11e45af4e3ccff75b6107dbff2aca3de87e59738e54d5accede0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
574b89267740137db8fb4e4c2b9b7b5cf3093e07d5c387620b2ed10ad433f866
57ff7743da500efe31449ed8c7b5d5861e7e9004725185e3671042edb10dfae7
5980971806e9157338245ac1cc6ebe977dcc3a333dbfe7b0468f5f8a1251069a
5b15aac9c392958d54b67f8eadb0985ced801f635f7edd5cbf80fa95fae4061a
5c0c3b3bf32663a4ecf687042363bc1dd97bc8ce8f777e53e7f78aa4fab247fe
5c9a27d96fe6322278b3ec67e677fe61b59314f38fe8659f983451a7c895e45c
5d1b3d626ef2fe0a08f49f3eee2c5a769c36da469e7f8e7e557658effa3dc81a
5dc0780bfec24d902a3fa2cb15b04424a35b4979f527438edcab7efcfa10f875
5eeb0081366c82d6237c6e16e9af56188182db7669e6916a9018bbf8d16b5b7a
603c3c93d9ffe3eebc33fbcac450de04f75eb83b8022f6da7994826ec4709e07
618ad76495dd6d322f6e225fd6bee12db7ad4479d7e0aaf39cd76e0a368342ac
6230be7f1c2df8467e61d16c515d9ed19f5cec072099729336e78be92ffffae0
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
651bc68d38f20fa91d464a65236563766e944d28b80f4bc6d003fb36dc8e930c
6555173ae3295784e0f1a516b4b21ca190254f9815c6efc7d75c14d5a6f3b611
65b1a0abe41c4a7ba639094570f6d3fd0e6be08a7f41d132d21e37171e422205
65e4278d3c6e7cc283dc31650e6ac335d5a986ba62c79cb468d6dc7ff8a1606e
66e8f21e3c39203bf554b88ebe4bdf2b40b5e51d3b4e6d64a6e3084e437df2fe
671f45b510d0d9f8dce438c09de8b12425889a9489ec71f8a60e5bc8428a04e2
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6a65b3ef286424b14ce84fa0f4746337a42a84466bb6454d8d455a752f6d6afb
6bd345c467a60039b26ab72c40e8e69d645379b058df1f51c17c9f004b7c4768
6c34504bb483557b88daa010179eae9ef09fb7bb95ce5dceefc2996097cc782c
6ca123db8c4e1ce21b2eec77f927c0563c64f04d8fc6c94aff8739eef4ebc9af
6d0a8dc2e017e84488862a59ec3b0152346aac4df59e84439672ca1a6b90ef56
6f36e1fe5a2ba01855d5dc3e18c90f92031b49bc635f817389ee5b283f8bea1e
6ffa15751217e1b387d19c78af620ade1e8eb0ae569fd94ef51083c15adf78c8
7204700359b5ce5edccf01ef8cb8acee593a2f2ee85c8bb2befb4cef0ea32479
7529a233012acfc70172d4056e383acefe146ef1d4277e4cf0dc431a0a88300e
767241b24eddcc432bd8653ec0dc5591bcbea2b66c6030042d6233593d16a434
78e6372ef8fd01e1eb0f7bb4ee123396238d673e1275c86099fb9177695c1afe
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c478f46c9ee99c272583e92d4c5152a4db668fba9983ef92cc956981ab1b282
7cc2e9383273604c39b525dc366bb6467ea148236649caa15e1e7c2dc6c052c0
7d22f48243f28ae0d3cfbbc0ec1919450e5249f32645dfdf104c83d0b5cfd00c
7d2e4384bf9dec3221e693225c190951dcffb4388fb378b23c6b85f99f66c0e8
80bc381fb95bf13c6da34766988d56756182811ad051f6dbc48ee5a7501bcd9e
811c13b5ffa267fe2b53adbf1d40cc42ee7cffa7374297297159d629051fcefa
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85326aaf67e79a0d93cfb02f296bafd06fa881132f637b6eeead380832154081
880400736aa698a07645274501d08a9893b2ad9b6971919c49ea4f98f1b84e14
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a3f3911bbf8fb43f6855c6bc59b87e945af4332fea3d8c6ebff6e36e958aa6b
8b9e78ffb8f95338652eda3d07e0f5fd60a21c3899291e20ceca65e95b2490a3
8ed94fec22390f02e70feb82e97de8fbad0db7ed2115b95fa0c9814bf892d336
97cd023ca71864cb3cf4062710f7d73709cbcd952da41373ac610b3d3d8fb713
97f752f1bdffe4e12de8fe349f77012495c8926f74f64874a3e740960b365977
98a219ed132aa2c1b13f7c43014e619d57a808c96ac7f6e3264da15b70bfb07e
991d8f6a815a4d6fc7d7a9a81a8fe9596651147ca561ee9a2e05a9e8e014fd4e
9b194a579929d361265b4838cfa4593111bd4e6df69a5c2bee55149e7d50d58f
9bc79f1d81188afcab7bfa069fad6e4dc62180f471409c34b24771d627dbc6c2
9bd928fd1a0f92367fd7f323668d0eab16af378ae8ad448000fb3b92a9e824f3
9c559f676d0b6dfc2a830336777ac3d7eefe4b4e790a9c3293427db7e29a8ece
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a29554e154e43f24d177b51984cb9adbe1e3c9e032e3295e278744ebb9267481
a3079657dfdc9d6cf095aa78e354abd79b829219afd5f6244452323f5101fccd
a4c37d5259154f3b0c5e31d4891b8e12c9cf4f462d4e9a03d8dde81203485f92
a90af4a730b06193369a7869c0b33d1357c4577da489dfc9fbf35f0e7694bde7
a9b0532b65ba02d47c68a8139c5b64eafdbaefd4ec465082f57a329305ca4822
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaa6700ae2cf1939b4a7b3e83995ceb39130488da49dcf0fe57b7d82e83239eb
aaa90a1bad6673f52e385fb165afc4796ed90cc8725fc04f3e6de47c7b60fc8c
ab0fb56b429401b7565f4a6437362924bd8d0e6d54cc1871526af85a630d5c86
b063c7e5c7b6a45bff7a74902d6143a929b4384da4ff6315cb3e3a74338663a8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16e35f8e00776e41006c00e1bad964d33c4e7f82e8bb8121469342b822f5bad
b299dcdada0c8da285740061362e1d74d1a9daa7eb7c8afe97347b04f8b0dfac
b34334896be909f4ebf4fa3c32bf4ffdbcf0a1470ece25df24082181f29d8392
b739efae8ba64d9626c038af26e476b94ff08374bde827f5aaf638e66a4c52e8
b8773b0f5764baa0bb0439c2804cea2490af7b3a0af6ec57fb9498632eebcd08
bb02604971e6f366ea8529b7139db776458a466fdbd0169c357fcddb139c05fe
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4ef84b3231a1abf465beb67c072bb1f43a689bc63adc957fa869f71ed4829e
bd158800d498620addc89b9f8294862d4952d97de4bd49e867e41a38f93505fb
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
bf1501b1433275aff2adeeaf1cd942cff32d7677719f9908a57ba1a80e2366e1
c0d8d3f65feaa57324b16781b24f4999220a7496fcfbc534bc4d24923d763937
c6dd53c85e7f4713dcbe503f518904e4f819d259192a7b3c67120a55af72e002
caefc900beabcb8b438e7e4861b34f560d256675a09c417fd201574cd257741c
cc402a8a091839202f523a7482d8adfdc092be9fbdb85d9a4c092f8edfd92e19
cf59eebad97bdd1490c98d00280dc4a95a5e0543ff6e05030793e8756abc9443
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d29151ef6b3648bf41f3f0849645ac4a8fb8cc59371363d15703c93120ed5efc
d4a5d596bd8a62cef7a1ca4f4313d987976e106e57343a7bd033a57ff8aac366
d4cdc51b133f652b99fe6fedf32177bf3025bd63d0fc1156c6ddaad8827ccbba
d588b9f638ed3982aec3e3aad666ac5714b7a2369575733aa276601013b136fb
d9bebb114b3965591eac32eba2cdbe8c1c97692e4ec140fd52c4b78df4c8ed6a
da1f9c5fb29d5308e676713e72b653b807b91c95c9001117160822d9b1e4195b
db6ca6a5b8028f7453cd251643284c854570ae1f56870f3931b5e564f5c8a6f9
dbc5626f889266ac44282836e28305cb579b7342c9475e0427ea767b34a1caca
dccfc3418e69f6ca37f92a3459c360d871b36744be9a4e2b96bbe3ae4e45e4fd
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd9b9ea95885374cf9ac53d03f8d71a4f2db481ecc77d1da160e3a3b2bffd9c6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ded4c55be62571e6bd26403102fed0dc116e337cd542bbd43cda78ba68d3ac20
dfce54a47dfb79409e1482c3dcd7d1bbf1c81ae25c19bb7ed763c81f4e237c61
e0976e981656b1069fd8fedc798296b35ce87fc2d2df6b9fb99b8cc1fa8a2e84
e183c6eeb9a3d2e36bfec17059b9cb7293e607ef25b23b34de5c6acd188167f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e400cd30777e17efe3066485259980648528389e7305b028f35976b8c865d8b1
e523aa5e27537a98d6d5a88ac7ac51a00e36362c0207a860d8bcb84fba58f35d
e77edf908aeda5c8a02e6994fe08d6b915fb28fe69cd973e5324c6baf99e1bd7
e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621
eacf9e1167fcb6e762b91f9096cea304dc1df5223f6aab64faf556dc5e9a0217
ed6d3879e83eea603a014f1a6918ebfbec89aa7abc0abc1a51daee288a10715f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa4f89780a78abef1f045ba08a1a690bdec1863627230aca463a6954f701c9d
f05f9f5864c469739532a1186d109af408464da5d88d636ebf2f8470ab98784e
f1242da76cb5b9dd42e781799d519d21f16ffcc0aeb0bbee28205bb1781c51dc
f1e25328be62ee5aca4777d33ecfbaf64a502f80dac2008bd7197e236cac8dc7
f241f8e70dfee5a7d052c2529c239c877ed7463bb74f9e075d0a73a7d802433f
f25b5b2a64e817bce0e52bcac880692ddbe58be0715a9114b4102fb9a73e567b
f563aec552103867adcb967e41b1699c9d15e1aa257c7a210f70f5cd71e6a0ef
f5c2ba19c6d5b3736aed2ec9e806a3d6633b653a72a1d7160ad30368f82292a1
f62e44d3e4b7377192393fdb772e347500448bfe7658f42ce0e62efaa0ae9ec5
f66c01dbba68ee08a0d37142cbc5e9c4ec584620f2a01a854bb3e8c40b8230c8
f77309a3390de4674d1b9179d69de9c1e284256e9c14bbf5a86e0c80586640bd
f7c20d02ef54341b1562afe8db32d1bc701bb7974db2ffc0a560097e3875c1be
f8158f2dfb4c7e7376c37298b1194bd0c44d31486a9ad9910218d3e9e79fe22a
f9dbd8e60971f7a0660028aadde537b3b6d9f4abb8e9eab8dec59b841d60fbfe
fa7dc1f49c37b28d767e1ad64998a1c0c2f7b44d3a6ae68a9dce72bdc6574019
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd6a26d1597c43b3207eebb4393f7c6fce787fd4c584ef358fc59b63c1d73fa1
fe0f66f6b803a180cac1d83ec9e1a34708273365ba19846cfee2f6f259bb7b93