urlscan.io logo urlscan.io
SecurityTrails logo

us.getcarstep.com Open in urlscan Pro
23.227.38.65  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://us.getcarstep.com/
Effective URL: https://us.getcarstep.com/
Submission: On January 25 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 10 domains to perform 87 HTTP transactions. The main IP is 23.227.38.65, located in Ottawa, Canada and belongs to CLOUDFLARENET, US. The main domain is us.getcarstep.com.
TLS certificate: Issued by R3 on December 3rd 2023. Valid for: 3 months.
This is the only time us.getcarstep.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 41 23.227.38.65 13335 (CLOUDFLAR...)
9 68.70.205.1 44239 (PROINITY ...)
17 23.227.60.200 13335 (CLOUDFLAR...)
1 142.251.40.234 15169 (GOOGLE)
1 13.225.242.105 16509 (AMAZON-02)
5 34.147.215.88 396982 (GOOGLE-CL...)
4 142.251.32.99 15169 (GOOGLE)
1 68.70.205.3 44239 (PROINITY ...)
4 172.66.0.96 13335 (CLOUDFLAR...)
1 13.226.34.11 16509 (AMAZON-02)
2 34.107.203.234 396982 (GOOGLE-CL...)
2 185.146.173.20 13335 (CLOUDFLAR...)
87 13
41    23.227.38.65 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com
us.getcarstep.com
9    68.70.205.1 (United States)

ASN44239 (PROINITY PROINITY, CH)
cdn.judge.me
17    23.227.60.200 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com
cdn.shopify.com
1    142.251.40.234 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f10.1e100.net
fonts.googleapis.com
1    13.225.242.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-242-105.lis50.r.cloudfront.net
d1um8515vdn9kb.cloudfront.net
5    34.147.215.88 (London, United Kingdom)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 88.215.147.34.bc.googleusercontent.com
widebundle.com
4    142.251.32.99 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f3.1e100.net
fonts.gstatic.com
1    68.70.205.3 (United States)

ASN44239 (PROINITY PROINITY, CH)
cdn1.judge.me
4    172.66.0.96 (United States)

ASN13335 (CLOUDFLARENET, US)
pixel.wetracked.io
1    13.226.34.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-11.ewr53.r.cloudfront.net
tools.luckyorange.com
2    34.107.203.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.203.107.34.bc.googleusercontent.com
settings.luckyorange.com
2    185.146.173.20 (Sweden)

ASN13335 (CLOUDFLARENET, US)
fonts.shopifycdn.com
Apex Domain
Subdomains		 Transfer
41 getcarstep.com
us.getcarstep.com
886 KB
17 shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 2215
935 KB
10 judge.me
cdn.judge.me — Cisco Umbrella Rank: 11638
cdn1.judge.me — Cisco Umbrella Rank: 14119
106 KB
5 widebundle.com
widebundle.com — Cisco Umbrella Rank: 85814
126 KB
4 wetracked.io
pixel.wetracked.io — Cisco Umbrella Rank: 126644
3 KB
4 gstatic.com
fonts.gstatic.com
32 KB
3 luckyorange.com
tools.luckyorange.com — Cisco Umbrella Rank: 13640
settings.luckyorange.com — Cisco Umbrella Rank: 13616
5 KB
2 shopifycdn.com
fonts.shopifycdn.com — Cisco Umbrella Rank: 5020
36 KB
1 cloudfront.net
d1um8515vdn9kb.cloudfront.net
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
87 10
Domain Requested by
41 us.getcarstep.com 1 redirects us.getcarstep.com
17 cdn.shopify.com us.getcarstep.com
9 cdn.judge.me us.getcarstep.com
5 widebundle.com us.getcarstep.com
widebundle.com
4 pixel.wetracked.io us.getcarstep.com
4 fonts.gstatic.com fonts.googleapis.com
2 fonts.shopifycdn.com us.getcarstep.com
2 settings.luckyorange.com us.getcarstep.com
1 tools.luckyorange.com us.getcarstep.com
1 cdn1.judge.me us.getcarstep.com
1 d1um8515vdn9kb.cloudfront.net us.getcarstep.com
1 fonts.googleapis.com cdn.shopify.com
87 12

This site contains links to these domains. Also see Links.

Domain
www.shopify.com
Subject Issuer Validity Valid
us.getcarstep.com
R3		 2023-12-03 -
2024-03-02		 3 months crt.sh
cdn.judge.me
R3		 2023-12-03 -
2024-03-02		 3 months crt.sh
cdn.shopify.com
E1		 2024-01-06 -
2024-04-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
widebundle.com
R3		 2024-01-10 -
2024-04-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
cdn1.judge.me
R3		 2023-12-20 -
2024-03-19		 3 months crt.sh
pixel.wetracked.io
E1		 2024-01-02 -
2024-04-01		 3 months crt.sh
luckyorange.com
Amazon RSA 2048 M03		 2023-11-18 -
2024-12-15		 a year crt.sh
settings.luckyorange.com
R3		 2023-12-13 -
2024-03-12		 3 months crt.sh
fonts.shopifycdn.com
E1		 2024-01-20 -
2024-04-19		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://us.getcarstep.com/
Frame ID: 1E9CF45621F37CD9DE7ED76E6A6CDBA5
Requests: 90 HTTP requests in this frame

Frame: https://us.getcarstep.com/wpm@3c0b1769wc1f578dfp245c945cmc18b238d/web-pixel-shopify-custom-pixel@0575/sandbox/modern/
Frame ID: 0413313B0209BAA2A788D6E64A0B1562
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CarStep USAmerican ExpressApple PayGoogle PayMaestroMastercardPayPalShop PayUnion PayVisa

Page URL History Show full URLs

  1. http://us.getcarstep.com/ HTTP 301
    https://us.getcarstep.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <script id="apple-pay
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

87
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

13
IPs

4
Countries

2130 kB
Transfer

4180 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://us.getcarstep.com/ HTTP 301
    https://us.getcarstep.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
us.getcarstep.com/
Redirect Chain
  • http://us.getcarstep.com/
  • https://us.getcarstep.com/
231 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
3c6dc1d9fe844fc2ab82dab4fd8e2435bb03ff9403f450067c96f026c23f3adb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84b279917b042d54-YVR
content-encoding
br
content-language
en
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Thu, 25 Jan 2024 18:10:47 GMT
etag
W/"cacheable:05687f07750d14ca6efaad11f3f6ebe1"
link
<https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by
Shopify
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZvgl28EO3CudJZnAlwhw6ExO4Oq1ggsHk4mG2HRGfMHlOZlBsmx0bzv3igMpJRfVOmogbYfQT4mpadEgBbSussGsBG%2F32fudv4bMrk7ivuA9Ux7%2BidWhuyGBwZAXgY7WMHo"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
processing;dur=272;desc="gc:46", db;dur=76, fetch;dur=63, render;dur=42, wasm, wasmDownload;dur=63, asn;desc="147049", edge;desc="YVR", country;desc="CA", theme;desc="153746211148", pageType;desc="index", servedBy;desc="9fpz", requestID;desc="e36c8646-f3c7-4027-b9da-d5855483171c" cfRequestDuration;dur=467.999935, earlyhints
strict-transport-security
max-age=7889238
vary
Accept
x-cache
miss
x-content-type-options
nosniff
x-dc
gcp-us-west1,gcp-europe-west4,gcp-europe-west4
x-download-options
noopen
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-request-id
e36c8646-f3c7-4027-b9da-d5855483171c
x-shardid
331
x-shopid
78241923404
x-shopify-stage
production
x-sorting-hat-podid
331
x-sorting-hat-shopid
78241923404
x-storefront-renderer-rendered
1
x-xss-protection
1; mode=block

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
84b2798eab6861e9-YVR
Connection
keep-alive
Content-Security-Policy
frame-ancestors 'none';
Content-Type
text/html; charset=utf-8
Date
Thu, 25 Jan 2024 18:10:46 GMT
Location
https://us.getcarstep.com/
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3uUnOqx%2FEyprUOLYuNzkIVuAVzbrkRAJH5qxBpRQGif67tKESEF24tyWlb924RUcKHN%2BekYOD0hP%2ByH54aSA6Cros9wcaraIqBVQQWjCyUBzlkktkRzCSkFrWMhHroX8mh5"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Server-Timing
processing;dur=9, db;dur=5, asn;desc="147049", edge;desc="YVR", country;desc="CA", pageType;desc="index", servedBy;desc="w8n4", requestID;desc="a42324c1-3455-47bb-bddd-b76340f33121" cfRequestDuration;dur=197.000027
Transfer-Encoding
chunked
Vary
Accept
X-Content-Type-Options
nosniff
X-Dc
gcp-us-west1,gcp-europe-west4,gcp-europe-west4
X-Download-Options
noopen
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
none
X-Redirect-Reason
https_required
X-Request-ID
a42324c1-3455-47bb-bddd-b76340f33121
X-ShardId
331
X-ShopId
78241923404
X-Shopify-Stage
production
X-Sorting-Hat-PodId
331
X-Sorting-Hat-ShopId
78241923404
X-Storefront-Renderer-Rendered
1
X-XSS-Protection
1; mode=block
alt-svc
h3=":443"; ma=86400
powered-by
Shopify
montserrat_n6.7a3c341961dc23aaabcc116124b80f2a7abec1a2.woff2
us.getcarstep.com/cdn/fonts/montserrat/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cdn/fonts/montserrat/montserrat_n6.7a3c341961dc23aaabcc116124b80f2a7abec1a2.woff2?h1=ZDMyMGY4LTYuYWNjb3VudC5teXNob3BpZnkuY29t&h2=dXMuZ2V0Y2Fyc3RlcC5jb20&hmac=7009c9d98d68d1003dc85b91e7efd664c5f0ab644d7b144c4c6bc978d509c940
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
6c0723e9ee801384a798da53971c28404c287f4fefaef78b8d3647380b056872
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
204393
server-timing
imagery;dur=33.475, imageryFetch;dur=33.188, cfRequestDuration;dur=9.000063, cfRequestDuration;dur=26.999950
alt-svc
h3=":443"; ma=86400
content-length
22692
x-xss-protection
1; mode=block
x-request-id
b377928b-df49-4912-b099-fa33ca0bba20
last-modified
Thu, 23 Nov 2023 18:19:05 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEIqJSuKwum76RxjZP2SUYin0gFp4wxc%2B%2Bf8MJH%2FR9r1NMkMETIl86x3C6FEdnORejws47f38dhWEW5zVCd%2FmE4V%2FHYDj%2Fjsa2XzuqNqd1Qy0Ib7cjnENQJN8vVj1GsD1MW4"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2629800, immutable
accept-ranges
bytes
cf-ray
84b2799519142d54-YVR
timing-allow-origin
*
theme.css
us.getcarstep.com/cdn/shop/t/2/assets/ 		456 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cdn/shop/t/2/assets/theme.css?v=113185860768738724361698065526
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
ab789afa606b341c8317b4aaa0ec6573167ad35d2469daaaf66f4630cd1ba0d5
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:47 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
140472
content-encoding
br
server-timing
imagery;dur=124.403, imageryFetch;dur=79.080, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
78241923404
x-request-id
4a47cc94-b9c1-401a-ab3f-c77b07c0411b
last-modified
Fri, 19 Jan 2024 17:36:44 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTZmiH%2BWgW35NOZgiC9ZQ7Ka1Op87OiG%2FaCO5uPZzPzX8y5uO4akCkKXxTsAy8a75g7y4frgXb4fEj5iTjZaL34lKL9WqnQnq0Q6eoMMO6L9NN7Pf0NY308tL%2Bn%2Bo4Mz6na1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
84b2799519122d54-YVR
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0782/4192/3404/t/2/assets/theme.css>; rel="canonical"
x-sorting-hat-podid
331
preloads.js
us.getcarstep.com/checkouts/internal/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/checkouts/internal/preloads.js?permanent-domain=d320f8-6.myshopify.com&locale=en-CA
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
c5cc99063a1f39bad4546a67e46910caf553474ff7860d81ca4319cab247c0c4
Security Headers
Name Value
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:47 GMT
strict-transport-security
max-age=7889238
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tf0Eaks%2BVIax8UP1e6NT1SArGeKBG%2B1w2tX04GZN6FfO3N78mvg2zLO8eNa6RuYrMwZci3LyBo3OJM%2FItdAgLhv4kTyCF%2BB2t81%2Br6IncQSwNSehLdX%2BZ2nHasuAbjTt7fub"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; encoding=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
server-timing
cfRequestDuration;dur=21.000147
timing-allow-origin
*
cf-ray
84b27996dbe42da5-YVR
alt-svc
h3=":443"; ma=86400
load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js
us.getcarstep.com/cdn/shopifycloud/shopify/assets/storefront/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
1185656
content-encoding
br
server-timing
imagery;dur=24.577, imageryFetch;dur=23.388, cfRequestDuration;dur=12.000084
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
148a8053-057b-40a3-87a0-cdade3e3a702
last-modified
Thu, 30 Nov 2023 10:19:02 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMjS%2Fk2jEHK4EuEG%2FLMum4rrBeP0aVcWnYpZ18HCHO41i1lU8MZjd4evlCxsYqWDLwaOrXsJUt0VcFsmJbH7aQcqpKwutdUB7M85%2BZfzqdwQZkz3aToLk%2F0DtwJwqFd134%2FO"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
cf-ray
84b2799a79e52da5-YVR
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js>; rel="canonical"
x-sorting-hat-podid
-1
features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js
us.getcarstep.com/cdn/shopifycloud/shopify/assets/storefront/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
1190012
content-encoding
br
server-timing
imagery;dur=32.260, imageryFetch;dur=30.132, cfRequestDuration;dur=10.999918
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
5c701581-e100-441f-b8d8-96c85d179c80
last-modified
Thu, 11 Jan 2024 23:37:16 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJuEeXYW8sA7M1UE4DXudbzRw3GrO16MP0LIcBD8zO8GM9tPE4myA3tXqCbOY1ZQAPi%2FndJ7zPbKAuWrnF0fIgqr6OdiXJpufmRPqUtkpVth36%2B6EvIppLwfDB6w6bRCMiVS"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
cf-ray
84b2799a79e62da5-YVR
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js>; rel="canonical"
x-sorting-hat-podid
-1
leex.js
cdn.judge.me/shopify_v2/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.judge.me/shopify_v2/leex.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.70.205.1 , United States, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
1520a7eb62589e04830089fb0bb24ed711f3710c286a4ef9ab6d22b8e58f1890
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
via
1.1 vegur
x-edge-location
usse
x-cache
HIT
x-xss-protection
1; mode=block
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706087538&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=DoS5Lip8S8lJ66BN81shxrvkBy6nnK%2BnscwgNrclsNE%3D
x-request-id
a0ab6441-1f6e-48a2-b7a1-04845c12ab32
x-runtime
0.008146
server
keycdn
etag
W/"14b4cf49cd4f608c6c3f26bf710ec227"
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706087538&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=DoS5Lip8S8lJ66BN81shxrvkBy6nnK%2BnscwgNrclsNE%3D"}]}
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=604800, public
link
<https://judge.me/shopify_v2/leex.js>; rel="canonical"
countdown_timer_essential_apps.min.js
cdn.shopify.com/extensions/48039061-a788-4fbf-9a27-aa52f91d3388/essential-countdown-11/assets/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/extensions/48039061-a788-4fbf-9a27-aa52f91d3388/essential-countdown-11/assets/countdown_timer_essential_apps.min.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
f8aec0caa403d468ebbd044456c68d24b905233649c492197db91dcdaf7c3db2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
1202064
content-encoding
br
server-timing
imagery;dur=20.797, imageryFetch;dur=19.602, cfRequestDuration;dur=14.999866
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
0a8e8046-e403-40a1-9ec7-8a59c9eaa32a
last-modified
Thu, 30 Nov 2023 07:04:03 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhkcnBHrT4X9%2Bp8GhkaMSeNeKkI7dYxV%2FYp%2F8ygHmCfNNKSPoQv60WOv4tbacF631XWSdzfDSDpComazHV9kTQ%2F5m1%2Bf%2FSJhSsbpYnDFrjAK1Pr9bWTI8goUjLMiqN%2BEYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/48039061-a788-4fbf-9a27-aa52f91d3388/essential-countdown-11/assets/countdown_timer_essential_apps.min.js>; rel="canonical"
cf-ray
84b2799a8eee2db9-YVR
upcart-bundle.js
cdn.shopify.com/extensions/08837af6-a93d-4d54-b5b7-2fa3f07a7c14/upcart-cart-drawer-21/assets/ 		541 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/extensions/08837af6-a93d-4d54-b5b7-2fa3f07a7c14/upcart-cart-drawer-21/assets/upcart-bundle.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
13fab31731feb9790f92548ea55db704bfb32ab9d5e9efce5d4085ad22c5f5be
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
493696
content-encoding
br
server-timing
imagery;dur=56.403, imageryFetch;dur=56.147, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
979be2b3-cfdf-42e0-9005-1dc1837a8b33
last-modified
Sat, 20 Jan 2024 01:02:22 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wc%2BPSm5ui%2Fakfh7DtGvMuiQGbCE23EpLGyP1SKlY4GDL7y3N1R72Fog%2Fhrwh%2BuwJ5ePFnFMfdr0fdaJ%2BlligLUkWh13fJZXGEA8Bb57ZzGzwrA6LX8EyBsK0LduyDXEBpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/08837af6-a93d-4d54-b5b7-2fa3f07a7c14/upcart-cart-drawer-21/assets/upcart-bundle.js>; rel="canonical"
cf-ray
84b2799a8ef12db9-YVR
upcart-stylesheet.css
cdn.shopify.com/extensions/08837af6-a93d-4d54-b5b7-2fa3f07a7c14/upcart-cart-drawer-21/assets/ 		39 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/extensions/08837af6-a93d-4d54-b5b7-2fa3f07a7c14/upcart-cart-drawer-21/assets/upcart-stylesheet.css
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
9f1a5d361357fc3540adb04e700c5c353574efe2cf552994a665ecbe750e17ab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
493696
content-encoding
br
server-timing
imagery;dur=43.012, imageryFetch;dur=41.190, cfRequestDuration;dur=37.000179
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
f708d749-5051-4e55-bfb6-ede2e9b704d1
last-modified
Sat, 20 Jan 2024 01:02:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NJ1Kh7Oa4m3RIyRHf6xIzvh%2BQLEcYinReMsvNqhdWiHpONo37Paq0fm4KmKJRaSLk2rluzz9utDrdgfHhS9HvlMO8kfBc8qq6y1hkq6vsKTZuWOLF7HUCe9qpSeV3Wi4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/08837af6-a93d-4d54-b5b7-2fa3f07a7c14/upcart-cart-drawer-21/assets/upcart-stylesheet.css>; rel="canonical"
cf-ray
84b279953e0e2db9-YVR
leex.css
cdn.judge.me/widget_v3/theme/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.judge.me/widget_v3/theme/leex.css
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.70.205.1 , United States, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
8d21a6b3c943104663871718d3eb5ec813643423742d64dae1bd46e22a9fe350
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
via
1.1 vegur
x-edge-location
usse
x-cache
HIT
x-xss-protection
1; mode=block
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706202693&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=3FJGqwdzsX9GLoVPc6DXaCaqPfGMVRQ0vrDwQTlpIWo%3D
x-request-id
c593f1c6-2052-421d-914f-5a286dd1b989
x-runtime
0.009676
server
keycdn
etag
W/"b44b2f0a17cd89abb5ff3d3e66a59018"
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706202693&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=3FJGqwdzsX9GLoVPc6DXaCaqPfGMVRQ0vrDwQTlpIWo%3D"}]}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=604800, public
link
<https://judge.me/widget_v3/theme/leex.css>; rel="canonical"
css2
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/extensions/08837af6-a93d-4d54-b5b7-2fa3f07a7c14/upcart-cart-drawer-21/assets/upcart-stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f10.1e100.net
Software
ESF /
Resource Hash
f390eabd445bedb02aedbcee02f60cf89571b61ed7b5a39b73f637f4292e8784
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.shopify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 Jan 2024 18:10:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 17:14:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Jan 2024 18:10:47 GMT
Carstep_logo_Farg_652x150.png
us.getcarstep.com/cdn/shop/files/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.getcarstep.com/cdn/shop/files/Carstep_logo_Farg_652x150.png?v=1696416673
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
993aee3808ae762dc14c56a94a2f8f1ec8f8bca8fa7b2825507e5128356f795b
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:49 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
source-type
image/png
server-timing
imagery;dur=2060.601, imageryFetch;dur=64.100, imageryProcess;dur=1995.363;desc="image", cfRequestDuration;dur=2250.999928
source-length
82690
content-length
7443
x-xss-protection
1; mode=block
x-sorting-hat-shopid
78241923404
x-request-id
cfd970ad-e003-4033-8052-18a594bf0d56
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 Jan 2024 18:10:49 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvozE6IR0SK7NfBpCJuFQjIDslyp3EjYU%2BIME2i4C0n5q3AWKtjCJWJDk68bZhozvYmM39D4HxZPj3CO5WB%2BmUG7hLigEzcW5mTEhtllW191LndgRYkMtyEg3uCMaj69x6Bf"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84b279970c532da5-YVR
x-sorting-hat-podid
331
CarStep_PP_2_75x75_crop_center.jpg
us.getcarstep.com/cdn/shop/files/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.getcarstep.com/cdn/shop/files/CarStep_PP_2_75x75_crop_center.jpg?v=1704274326
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
955c3a55545609b5856bdd088b16b2e45bcbf36a79ce4400f7a729a9682c1b4a
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:47 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
source-type
image/jpeg
server-timing
imagery;dur=209.632, imageryFetch;dur=62.832, imageryProcess;dur=145.909;desc="image", cfRequestDuration;dur=375.000000
source-length
819460
content-length
2458
x-xss-protection
1; mode=block
x-sorting-hat-shopid
78241923404
x-request-id
db566af7-ed91-4206-afc0-79f5bdc8c6f8
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 Jan 2024 18:10:47 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkOHGk%2F4DM23yC%2FHbNuR2lZMfOQl3dMCdh1pELgMhbqlBeZq7t%2BMEEKj4FoFh0MMjadGWA5lLgVAsfQhGTFRxhwk0VXiqdKoqDfb5rEWxJyO7v%2FQJUxQrrMe9YRFfjjS8tiD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84b279970c5c2da5-YVR
x-sorting-hat-podid
331
CarStep_PP_3_75x75_crop_center.jpg
us.getcarstep.com/cdn/shop/files/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.getcarstep.com/cdn/shop/files/CarStep_PP_3_75x75_crop_center.jpg?v=1704274326
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
021d04612a995af5e7d1e6b3cd0f183e0036f4180d98c73471a5e536decb54a0
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
source-type
image/jpeg
server-timing
imagery;dur=268.142, imageryFetch;dur=103.493, imageryProcess;dur=163.384;desc="image", cfRequestDuration;dur=430.000067
source-length
995996
content-length
2738
x-xss-protection
1; mode=block
x-sorting-hat-shopid
78241923404
x-request-id
88a07346-4886-41c8-bfd0-f6c2dc85c2bb
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 Jan 2024 18:10:48 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYsRQKCRrtleNlcRd0SDSTTk9yzyRIgwoxnrau%2FhaZkPiwDVnQzZdsx0Xay%2FaH8ir5%2B18wj%2BalgqxzgSdEBdfVl7O2g15PEHTcqO7K8c24Sv8QeL2dxzXE5nOLRTHu%2BYV2xg"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84b27999e8f02da5-YVR
x-sorting-hat-podid
331
CarStep_PP_4_75x75_crop_center.jpg
us.getcarstep.com/cdn/shop/files/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.getcarstep.com/cdn/shop/files/CarStep_PP_4_75x75_crop_center.jpg?v=1704274326
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
06e42c72ab1f782d50913ec3355836ebdceda95d2522cc42520ad63479485d7c
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
source-type
image/jpeg
server-timing
imagery;dur=296.231, imageryFetch;dur=81.443, imageryProcess;dur=213.311;desc="image", cfRequestDuration;dur=478.999853
source-length
1736575
content-length
3597
x-xss-protection
1; mode=block
x-sorting-hat-shopid
78241923404
x-request-id
1faf53ad-b045-45c7-a149-1e46fb0465b1
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 Jan 2024 18:10:48 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4tuBlHLuu%2Bd0TpEAFJQQhCgCgfCPsR41B5HxVIPbS%2BfxpV3clhlqqV4p4NOxE%2BvEftbNEmWQW8IcFn2tliWHbbVWH0MfL1zozN8k0moGHwpcNlQgLUG3KQ8EbdxC0oAVynY"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84b2799a79da2da5-YVR
x-sorting-hat-podid
331
CarStep_PP_5_75x75_crop_center.jpg
us.getcarstep.com/cdn/shop/files/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.getcarstep.com/cdn/shop/files/CarStep_PP_5_75x75_crop_center.jpg?v=1704274326
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
17d3c1e609741148317a4c41b4929e6873d8652acff617fda05650c7a4e46178
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
source-type
image/jpeg
server-timing
imagery;dur=524.316, imageryFetch;dur=74.245, imageryProcess;dur=206.830;desc="image", cfRequestDuration;dur=883.000135
source-length
1246181
content-length
3396
x-xss-protection
1; mode=block
x-sorting-hat-shopid
78241923404
x-request-id
120c0464-d61c-4fd3-9f7e-d45ff16c4bce
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 Jan 2024 18:10:48 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VL6QV56tkxyC0KNUETp6S8TFeDn91JqQXIBbfY9K7ExTlDDcVvtBg5XzqwIn%2BI37GZ7Rtiy33ozwfzuDSuN1FRkuwZIfAuQSDParOADsUuHP4GntQ7tdTvdaw1QCjZQMKLt"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84b2799a79de2da5-YVR
x-sorting-hat-podid
331
empire.js
us.getcarstep.com/cdn/shop/t/2/assets/ 		1 MB
301 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cdn/shop/t/2/assets/empire.js?v=174451889206311979421696416441
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
17db58f826346e71c2936595c83639693ffea0a76f4dcb1a7c156bb55185c2a9
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
140473
content-encoding
br
server-timing
imagery;dur=265.860, imageryFetch;dur=136.451, cfRequestDuration;dur=19.999981
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
78241923404
x-request-id
a272b64b-4015-4e91-9298-5584625593f2
last-modified
Thu, 11 Jan 2024 21:35:18 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uj0aW%2FUgo4hO3F4cRRyIZNWj2vJQMEqXKop1XRRHIulrLpF0bmf6j%2FTbIF5Hfng%2FnaJb%2FtcnZO597KhQarqMU4A%2BUowvEq5RhteRtaOWDwatzfcAhJR9Sq9tRr3k9uPUZUwF"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
84b2799a79e12da5-YVR
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0782/4192/3404/t/2/assets/empire.js>; rel="canonical"
x-sorting-hat-podid
331
ripple.css
us.getcarstep.com/cdn/shop/t/2/assets/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cdn/shop/t/2/assets/ripple.css?v=155372253603313463661696416440
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
a12690c0ebb7c111beb5e830ec93fe0cd6eb0d7684967766cefc7b4f5a3cb421
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
4869
content-encoding
br
server-timing
imagery;dur=70.825, imageryFetch;dur=69.058, cfRequestDuration;dur=9.999990
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
78241923404
x-request-id
551d53b6-0bd5-4840-b938-04c3c62b7592
last-modified
Sat, 20 Jan 2024 15:44:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAVUfYJiirsQ0ShI%2BDuXEjb%2F03H6cDwL56pp3ptBd3HHgmYVTz9RbS16gTQJInrB2dn%2BHe4X4jyZWxnRQBe4ZbuwH7oXz88xFpT%2BB3cQRPiIwxryJuPrv75D7sLLppEqtJ5Z"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
84b2799a79e22da5-YVR
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0782/4192/3404/t/2/assets/ripple.css>; rel="canonical"
x-sorting-hat-podid
331
instantPage.min.js
us.getcarstep.com/cdn/shop/t/2/assets/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cdn/shop/t/2/assets/instantPage.min.js?v=69201896817482939891696416417
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
d78e39f5f81702ecb5ef679a120db762e3005bc77955c06fc955a5d82e030d85
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:47 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
140472
content-encoding
br
server-timing
imagery;dur=114.923, imageryFetch;dur=114.335, cfRequestDuration;dur=14.999866
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
78241923404
x-request-id
5c8fd748-a9eb-4057-b520-fdff65258da8
last-modified
Mon, 22 Jan 2024 00:11:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrLDSbUXAk2YrvpZQsZEw0pGycX5HxmyqsMXuHXg4ShGvTO6u71hOTKPFP38n8shyyaeAEZy%2BhgVAv4%2FZcGfQfpMbqwoBEyBYYCukQ2MbyR7kBGa8Ae6Is84GzTA9agsAdO%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
cf-ray
84b279973cac2da5-YVR
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0782/4192/3404/t/2/assets/instantPage.min.js>; rel="canonical"
x-sorting-hat-podid
331
gempagev2.js
d1um8515vdn9kb.cloudfront.net/files/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1um8515vdn9kb.cloudfront.net/files/gempagev2.js?v=1.0
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.242.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-242-105.lis50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5bf2097e2b5ed60ccd56b4bce0c9eec04573bcd1bd92aaf836735548da839329

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:49 GMT
content-encoding
gzip
via
1.1 9e74091adccc3cb9bf5c935f0eb95c38.cloudfront.net (CloudFront)
last-modified
Tue, 26 Dec 2023 09:35:45 GMT
server
AmazonS3
x-amz-cf-pop
LIS50-C1
age
2
x-amz-server-side-encryption
AES256
etag
W/"fc0540bf35256d37de302edabbc503db"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
GGvZMGnT_2k2NKSlHkH450CFZEsdiM1bvqzvDvKJCs86KMb-qhgJLQ==
scripttag.php
widebundle.com/ 		290 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widebundle.com/scripttag.php?shop=d320f8-6.myshopify.com&v=1706206246
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.147.215.88 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
88.215.147.34.bc.googleusercontent.com
Software
istio-envoy / PHP/7.4.33
Resource Hash
e78f4e6b5648c81537e78fbc7c382fb72030d319026f7366e69392e0cf62bd6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
istio-envoy
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-envoy-upstream-service-time
16
scripttag.php
widebundle.com/ 		290 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widebundle.com/scripttag.php?shop=footstep-9605.myshopify.com&v=1706206246
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.147.215.88 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
88.215.147.34.bc.googleusercontent.com
Software
istio-envoy / PHP/7.4.33
Resource Hash
702b02ebd0da3275b2aa8504cd7309d7d50f21eefa723104e3906ae8456d3483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
istio-envoy
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-envoy-upstream-service-time
11
b3c0b1769wc1f578dfp245c945cmc18b238dm.js
us.getcarstep.com/cdn/wpm/ 		83 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cdn/wpm/b3c0b1769wc1f578dfp245c945cmc18b238dm.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
a608b27ad56483b11c7421b58dacca20448f6db1d407e969aa2ab68286655607
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
83159
content-encoding
br
server-timing
imagery;dur=67.637, imageryFetch;dur=67.394, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
9a999efe-fb1e-4fae-ac54-20ed5e1f7fc9
last-modified
Wed, 24 Jan 2024 19:04:48 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQe8Fb4QUVq6wP34g%2BtJrcPEATUqQ8ITYjLl0KT74qC%2BmDeicLlF8ci%2B4RRtkfS78q067rHj2BlzL%2ByzeeOU60BMvRsIEIN7Ff8OVK6XfSmCXJu1jMdRjhWixz3fwgj7Tiq5"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84b2799a79e92da5-YVR
timing-allow-origin
*
link
<https://cdn.shopify.com/wpm/b3c0b1769wc1f578dfp245c945cmc18b238dm.js>; rel="canonical"
x-sorting-hat-podid
-1
trekkie.storefront.b597bc04265e924d663a7fe9c6f1c4b1628c7678.min.js
us.getcarstep.com/cdn/s/ 		116 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cdn/s/trekkie.storefront.b597bc04265e924d663a7fe9c6f1c4b1628c7678.min.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
9ceba4d80747ef5dfabe16fc05e845d3235615c2386212e1327b6e2ed2140bdb
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
4483
content-encoding
br
server-timing
imagery;dur=62.224, imageryFetch;dur=61.966, cfRequestDuration;dur=10.999918
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
e580e5c4-9d8f-493b-8fe4-6a0644269d1d
last-modified
Thu, 25 Jan 2024 16:56:03 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hxQFfFgNJq%2B5INuPj3UZSMXH6r9W0Akm3souO%2Fu1QBZEI9PVgP%2FXLaas17pc84P%2Fxw17mfgq8vOY2OCbeu6YYMlzHphHJgnM56D2nGHQBH3bnmXid4%2F3bKgrloMvaZjfQ2Z"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
cf-ray
84b2799a79ec2da5-YVR
timing-allow-origin
*
link
<https://cdn.shopify.com/s/trekkie.storefront.b597bc04265e924d663a7fe9c6f1c4b1628c7678.min.js>; rel="canonical"
x-sorting-hat-podid
-1
shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
us.getcarstep.com/cdn/shopifycloud/shopify/assets/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
1187008
content-encoding
br
server-timing
imagery;dur=46.987, imageryFetch;dur=33.108, cfRequestDuration;dur=9.999990
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
9748d227-7360-4e85-9b70-a72776c04ab1
last-modified
Sat, 18 Nov 2023 14:22:14 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGcgme22%2BbEB%2F1wEP6lOmiDjkmJnTa3c3I2eVmoZf6767mbnlPEjCm4QQtgUadNcOJmfoigHwmEbczHOChw%2B8wBAL%2FHhY%2B383RksZer6zaaSChvsE%2FREh0slbX2HQuF8L9Id"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
cf-ray
84b2799a79ee2da5-YVR
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js>; rel="canonical"
x-sorting-hat-podid
-1
shopify-boomerang-1.0.0.min.js
us.getcarstep.com/cdn/shopifycloud/boomerang/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
1199210
content-encoding
br
server-timing
imagery;dur=83.098, imageryFetch;dur=20.165, cfRequestDuration;dur=12.000084
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
a54e1d9d-7251-478c-a274-039d141c64fa
last-modified
Thu, 30 Nov 2023 08:54:32 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHKfP6W7mwoOKxkakDBZtHW9z8HXOtwNz0CO07r1hSLkUWGdYk%2F5xym2D3nzPe00dRUkGgEC1yGil7ZzxKC7Vr75qkvm1UfUQUtoCKuxZW6TS0rBI6XKJfkPOOCidpwL8Bm7"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=3600, must-revalidate
cf-ray
84b2799a69ce2da5-YVR
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-sorting-hat-podid
-1
truncated
/ 		72 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9372eb590668a293d1f3a6b0fa86a21dc07b6ad5fde7148ea7a78d91936cd55

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		72 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ae596868ca62a5920d4ad87a563be4cdf47c7fe82da9a03c7df226641052732

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d502bdb2063441789a0a3cc398c37cbf9cb4f34c486367b6758a7a6d7d9e0963

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9430d445d0dc14813bc8841318f8580f06be3c7519105676ab1cab10684283ca

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f7027360c0824e7c0992a6ed4f06e9288eb860b9beaea607c147b089b4a41b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ede2e5d3e89ca43d7bfdca8a0c8bb7a496af593f28507b83b6ca2dd343048c0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
montserrat_n5.e72d00d31ae5399d260a80ec70322c62c1819762.woff2
us.getcarstep.com/cdn/fonts/montserrat/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cdn/fonts/montserrat/montserrat_n5.e72d00d31ae5399d260a80ec70322c62c1819762.woff2?h1=ZDMyMGY4LTYuYWNjb3VudC5teXNob3BpZnkuY29t&h2=dXMuZ2V0Y2Fyc3RlcC5jb20&hmac=dead749a2bb71bda720e6d98cde9a9c8add72f67a0cf220098b78f3662c0811a
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/shop/t/2/assets/theme.css?v=113185860768738724361698065526
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
4cf3f54a68e9a00da43ed9ad4a370ec4312be90656aa4622527d66593e3bef6b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/cdn/shop/t/2/assets/theme.css?v=113185860768738724361698065526
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
214532
server-timing
imagery;dur=39.274, imageryFetch;dur=38.443, cfRequestDuration;dur=7.999897, cfRequestDuration;dur=19.000053
alt-svc
h3=":443"; ma=86400
content-length
22728
x-xss-protection
1; mode=block
x-request-id
431a38b1-55f8-435a-ae7c-29cc386bb3da
last-modified
Thu, 30 Nov 2023 15:06:36 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NjYYFrqwJ7VnOYf%2BpPtsCe5a5oxighMWkEc%2BtgAiwX6McKwxXh0umgTJxCpF7UzuCNE%2ByuPfdQU8yp%2Biq1wR%2BT7rzl4hy8KddK5%2B%2FvNcUzXR%2FnxVNgT%2B%2FLVPu13AoVj83vt"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2629800, immutable
accept-ranges
bytes
cf-ray
84b2799aca692da5-YVR
timing-allow-origin
*
montserrat_n7.c496e9cf2031deec4c4bca338faa81971c8631d4.woff2
us.getcarstep.com/cdn/fonts/montserrat/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cdn/fonts/montserrat/montserrat_n7.c496e9cf2031deec4c4bca338faa81971c8631d4.woff2?h1=ZDMyMGY4LTYuYWNjb3VudC5teXNob3BpZnkuY29t&h2=dXMuZ2V0Y2Fyc3RlcC5jb20&hmac=13678199c7d8ebf9ffc1b4c0883cccc1de58b73e5fd171a0ecaad992940ea248
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/shop/t/2/assets/theme.css?v=113185860768738724361698065526
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
b59d5f1c395f6c6931df5d01e7de4086834c7098cdfd6d043fb5199b5dae2236
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/cdn/shop/t/2/assets/theme.css?v=113185860768738724361698065526
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
207349
server-timing
imagery;dur=94.585, imageryFetch;dur=94.228, cfRequestDuration;dur=6.999969, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
content-length
22736
x-xss-protection
1; mode=block
x-request-id
b7eacacd-faf2-4d8b-99bd-e484acaab7d2
last-modified
Wed, 10 Jan 2024 02:49:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aN%2FMLV%2FyPkCss2fWYMH84BCOMdbIId%2BmROd9tcAvmGVZNzoXDLmRGsc0N4L5iXtepDJ8vbrEws5RLRGcB5SvpzNoOCkBYAEPlW0ko9j7Y5OT3wtBMd1un28lc4jKK%2BP%2BatOr"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2629800, immutable
accept-ranges
bytes
cf-ray
84b2799aca6b2da5-YVR
timing-allow-origin
*
montserrat_n8.d0ee6fdb3a3fec57b7ba86e76adad5b86d8b298f.woff2
us.getcarstep.com/cdn/fonts/montserrat/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cdn/fonts/montserrat/montserrat_n8.d0ee6fdb3a3fec57b7ba86e76adad5b86d8b298f.woff2?h1=ZDMyMGY4LTYuYWNjb3VudC5teXNob3BpZnkuY29t&h2=dXMuZ2V0Y2Fyc3RlcC5jb20&hmac=2866b3ca4d42a96eaaa53cece57a99fb4efaad9aae41109dc717446c6d4ec70d
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/shop/t/2/assets/theme.css?v=113185860768738724361698065526
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
7e1829acacc5a1b6ec314952d16085f21db18e0220b3728eb03156e8a4458f09
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/cdn/shop/t/2/assets/theme.css?v=113185860768738724361698065526
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
131684
server-timing
imagery;dur=66.577, imageryFetch;dur=66.273, cfRequestDuration;dur=32.000065, cfRequestDuration;dur=43.999910
alt-svc
h3=":443"; ma=86400
content-length
22700
x-xss-protection
1; mode=block
x-request-id
365de460-7114-4f92-ab40-7e47faf5ad3a
last-modified
Sun, 10 Dec 2023 17:14:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsus88I21vi2T1kZVBQFFZvZO%2FBb2oa487V50Y%2FUWyoCXYFEd9YASxBxsr5BPDjsJp1X1mHYAygzFarJjdZyQLPXcbHR8IxdPlirnDOdRKFjBH9V3lp4%2BhSmxq9TiVZHS5kO"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2629800, immutable
accept-ranges
bytes
cf-ray
84b2799aca6e2da5-YVR
timing-allow-origin
*
montserrat_i5.3a4750a300f30824a43384268712b76e0a04be8c.woff2
us.getcarstep.com/cdn/fonts/montserrat/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cdn/fonts/montserrat/montserrat_i5.3a4750a300f30824a43384268712b76e0a04be8c.woff2?h1=ZDMyMGY4LTYuYWNjb3VudC5teXNob3BpZnkuY29t&h2=dXMuZ2V0Y2Fyc3RlcC5jb20&hmac=0d520ae2bd3d40848547716bda99946a24db2edf58690c7f0833fe8cac653772
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/shop/t/2/assets/theme.css?v=113185860768738724361698065526
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
3aeebe42b569e87f7b8d797515fe0ad0463a497618044a8ef81470a60cb84a72
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/cdn/shop/t/2/assets/theme.css?v=113185860768738724361698065526
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
131879
server-timing
imagery;dur=75.711, imageryFetch;dur=75.458, cfRequestDuration;dur=6.000042, cfRequestDuration;dur=17.000198
alt-svc
h3=":443"; ma=86400
content-length
23316
x-xss-protection
1; mode=block
x-request-id
dbd9da72-0a48-4567-8ccc-bf25a82d1c44
last-modified
Sun, 31 Dec 2023 17:18:03 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHKKU39aH7g6CB55bE6K7hQKB1LGY1TOAdTAhGvTff8T6myvNmEr%2FNz7FeIrERhf8z52c2ZwL6KKyoz1TSkCwHh2FDRVshlpf0znxSVWWhQQnD5B%2BcLmqfIpB%2BFF0af4UjeA"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2629800, immutable
accept-ranges
bytes
cf-ray
84b2799aca6f2da5-YVR
timing-allow-origin
*
Carstep_-_NO_1602x728.png
us.getcarstep.com/cdn/shop/files/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.getcarstep.com/cdn/shop/files/Carstep_-_NO_1602x728.png?v=1696417744
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
cf9d568d3e4448fcf949dfe93b18264a42f47ce7d6af31ba7a63b56d83cca29c
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:51 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
source-type
image/png
server-timing
imagery;dur=1437.339, imageryFetch;dur=218.403, imageryProcess;dur=1193.287;desc="image", cfRequestDuration;dur=1740.000010
source-length
5968379
content-length
97200
x-xss-protection
1; mode=block
x-sorting-hat-shopid
78241923404
x-request-id
c45cd572-ee40-4745-a06f-c4e201c0809b
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 Jan 2024 18:10:51 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtI7dysToD%2FRe5bntKsguz%2B%2FOn1ML7Rq41sycizAxKI4p1tLbOXLJJs%2FRdgCIw2b6MbQEm1GSm8hNUNsE5zAuZJMauPRlvVrgjB3%2BXdhmDDVOMusw1qLOtyPbNTJV1OQW0jg"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84b279a43fce2da5-YVR
x-sorting-hat-podid
331
CarStep_PP_2_720x720.jpg
us.getcarstep.com/cdn/shop/files/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.getcarstep.com/cdn/shop/files/CarStep_PP_2_720x720.jpg?v=1704274326
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
0233657667266d68e96b4a7c3f5f8bf87547c6af01fc175840b9f562fed4ee90
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:50 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
source-type
image/jpeg
server-timing
imagery;dur=233.848, imageryFetch;dur=36.536, imageryProcess;dur=196.215;desc="image", cfRequestDuration;dur=390.000105
source-length
819460
content-length
36408
x-xss-protection
1; mode=block
x-sorting-hat-shopid
78241923404
x-request-id
04c7bad6-c873-46bb-bf2b-5a4324a39888
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 Jan 2024 18:10:50 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AFtwm08833jMISWnBprnJ5M3I4ywEUVfyRBKj%2FFKqjdne5JvUxPcN5PpPngZu%2Ff9OGA4fTC1tIZdUI4Ndn%2B%2FzRyiTe%2BOvJvaVpQI%2FezrhmyAtmSD7RVZHiPtOJVOwT9Y%2BC1"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84b279a509022da5-YVR
x-sorting-hat-podid
331
produce_batch
us.getcarstep.com/.well-known/shopify/monorail/unstable/ 		0
730 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/s/trekkie.storefront.b597bc04265e924d663a7fe9c6f1c4b1628c7678.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://us.getcarstep.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 25 Jan 2024 18:10:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing
cfRequestDuration;dur=106.000185
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
fa9d3e68-7bad-4bce-9bb3-61abac04ec96
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bt6VTmAm5u%2B08lGr2BJAWdseMqIu62lIFC6v8TW7up%2B69B5SFYfXiBG4uKN7joYLDVIdKjpUoOKYL5sIFfaoF8dgD8IYvU8e7%2FRIr2IL3GEvohAn7ua3RlVb2gXrnHT9fKu%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://us.getcarstep.com
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray
84b279a529272da5-YVR
/
us.getcarstep.com/wpm@3c0b1769wc1f578dfp245c945cmc18b238d/web-pixel-shopify-custom-pixel@0575/sandbox/modern/ Frame 0413 		40 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/wpm@3c0b1769wc1f578dfp245c945cmc18b238d/web-pixel-shopify-custom-pixel@0575/sandbox/modern/
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/wpm/b3c0b1769wc1f578dfp245c945cmc18b238dm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
643db69aa18f491cf5ee80777dc9f15c609c0f1324179602098cc56b04665029
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
4869
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000, public
cf-cache-status
HIT
cf-ray
84b279a579872da5-YVR
content-encoding
br
content-language
en-CA
content-security-policy
block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Thu, 25 Jan 2024 18:10:49 GMT
etag
W/"cacheable:e435a2e5e3c3fa18a24e77a5b6e0b760"
link
<https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by
Shopify
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FESidFnoDEpJ%2Ble33katYlUanFh78NP6vGI4MMcrBm0ReLJzfYNXTceI9c25M1Yx4oyhB7%2B8a0SAW0%2BIjPPg69DuLXs2OGtQsn1g7tF5R3vaOcsFyX0wntSrh%2Bo3EdkfeERB"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
processing;dur=16, db;dur=4, edge_cart;desc="count=1";dur=1.25, asn;desc="852", edge;desc="YVR", country;desc="CA", theme;desc="153746211148", servedBy;desc="rnl5", requestID;desc="5b323fc1-3242-4918-b982-4042f9686e8f" cfRequestDuration;dur=15.999794, earlyhints
strict-transport-security
max-age=7889238
vary
Accept, Accept-Encoding
x-cache
miss
x-content-type-options
nosniff
x-dc
gcp-us-west1,gcp-europe-west4,gcp-europe-west4
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
5b323fc1-3242-4918-b982-4042f9686e8f
x-robots-tag
noindex, nofollow
x-shardid
331
x-shopid
78241923404
x-shopify-stage
production
x-sorting-hat-podid
331
x-sorting-hat-shopid
78241923404
x-storefront-renderer-rendered
1
x-xss-protection
1; mode=block
scripttagAjax.php
widebundle.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://widebundle.com/scripttagAjax.php?shop=d320f8-6.myshopify.com&productHandle=isOnHomePage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.147.215.88 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
88.215.147.34.bc.googleusercontent.com
Software
istio-envoy / PHP/7.4.33
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://us.getcarstep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
content-length
5535
content-type
application/json
date
Thu, 25 Jan 2024 18:10:50 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
5
x-powered-by
PHP/7.4.33
scripttagAjax.php
widebundle.com/ 		5 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://widebundle.com/scripttagAjax.php?shop=d320f8-6.myshopify.com&productHandle=isOnHomePage
Requested by
Host: widebundle.com
URL: https://widebundle.com/scripttag.php?shop=d320f8-6.myshopify.com&v=1706206246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.147.215.88 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
88.215.147.34.bc.googleusercontent.com
Software
istio-envoy / PHP/7.4.33
Resource Hash
55ce286d7f43b7f72c9f997ee9fd1895bc556bb678e6e60d9050eaee95943d27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://us.getcarstep.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json;charset=UTF-8

Response headers

date
Thu, 25 Jan 2024 18:10:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
istio-envoy
x-powered-by
PHP/7.4.33
content-type
application/json
access-control-allow-origin
*
x-envoy-upstream-service-time
9
access-control-allow-headers
Content-Type
content-length
5535
base.css
cdn.judge.me/widget_v3/ 		22 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.judge.me/widget_v3/base.css
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.70.205.1 , United States, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
f730eecb91a97517f3f0886e38326c91acf4b66089f8150c830e4ef8829d2f3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
via
1.1 vegur
x-edge-location
usse
x-cache
HIT
x-xss-protection
1; mode=block
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706202692&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=yETXz4UNoIfLsLnmp4Td0V5VNqrlyB77V8IOQCqZUJ4%3D
x-request-id
e73a1d9d-06a9-4823-826e-c1e64d33fdeb
x-runtime
0.009791
server
keycdn
etag
W/"34ca1d80bb68a0e76aa3968b9d749547"
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706202692&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=yETXz4UNoIfLsLnmp4Td0V5VNqrlyB77V8IOQCqZUJ4%3D"}]}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=604800, public
link
<https://judge.me/widget_v3/base.css>; rel="canonical"
loader.js
cdn.judge.me/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.judge.me/loader.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/wpm/b3c0b1769wc1f578dfp245c945cmc18b238dm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.70.205.1 , United States, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
68f155793f1b72445508752d17358357445e85e6deb90500e132a029e1f08e46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
via
1.1 vegur
x-edge-location
usse
x-cache
HIT
x-xss-protection
1; mode=block
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706202691&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=aQEIeuOWZ50hjJGrGkqwRzSKFYVeByxzMy55P9k1pJo%3D
x-request-id
004a2f62-fd78-4f09-baeb-72690bf091eb
x-runtime
0.007973
server
keycdn
etag
W/"0c8eaa288c142bbbb613e65bf5bebf6d"
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706202691&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=aQEIeuOWZ50hjJGrGkqwRzSKFYVeByxzMy55P9k1pJo%3D"}]}
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=604800, public
link
<https://judge.me/loader.js>; rel="canonical"
api.jquery-b0af070cfe3f5cf7c92f9e2a5da2665ee07ed2aad63bb408f8d6672f894a5996.js
us.getcarstep.com/cdn/shopifycloud/shopify/assets/themes_support/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cdn/shopifycloud/shopify/assets/themes_support/api.jquery-b0af070cfe3f5cf7c92f9e2a5da2665ee07ed2aad63bb408f8d6672f894a5996.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/shop/t/2/assets/empire.js?v=174451889206311979421696416441
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
b0af070cfe3f5cf7c92f9e2a5da2665ee07ed2aad63bb408f8d6672f894a5996
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
1189020
content-encoding
br
server-timing
imagery;dur=54.977, imageryFetch;dur=54.163, cfRequestDuration;dur=9.999990
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
9d12ffe5-87ed-4a13-8d9c-c9610f9a4a0e
last-modified
Thu, 11 Jan 2024 23:53:49 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmNCUF%2BpPXrcFBRahRVfYXo9ebexjPPpPs2eKos4KQBpykMk%2BhJX%2BmMiPvmMAQS%2FSbg%2FZhhqvsRE8LvijE2DNREvXe7lXbw6rIyra1QEwq0HrdMGdllm7%2B23SqktviKrzya1"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
cf-ray
84b279a65aca2da5-YVR
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/api.jquery-b0af070cfe3f5cf7c92f9e2a5da2665ee07ed2aad63bb408f8d6672f894a5996.js>; rel="canonical"
x-sorting-hat-podid
-1
worker.modern.js
us.getcarstep.com/wpm@3c0b1769wc1f578dfp245c945cmc18b238d/web-pixel-101613900@74fb67c791aeb3013e202bd6c5357c9d/sandbox/ 		59 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/wpm@3c0b1769wc1f578dfp245c945cmc18b238d/web-pixel-101613900@74fb67c791aeb3013e202bd6c5357c9d/sandbox/worker.modern.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
256c18fc2999e6337e221d8f1daf9736bbfe00456146a4649b08644f2af6defe
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-encoding
br
x-permitted-cross-domain-policies
none
age
74231
server-timing
processing;dur=16, db;dur=6, asn;desc="6327", edge;desc="YVR", country;desc="CA", servedBy;desc="g27v", requestID;desc="b71202c1-7610-4b05-8990-58f0bb9e59fc", cfRequestDuration;dur=17.000198
x-sorting-hat-shopid
78241923404
x-shardid
331
x-storefront-renderer-rendered
1
etag
W/"cacheable:ed8bf0ee5afe2d6092fcdf37b69988b5"
x-shopid
78241923404
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Encoding
content-type
text/javascript; charset=utf-8
content-language
en
cache-control
max-age=31536000, public
x-robots-tag
noindex, nofollow
date
Thu, 25 Jan 2024 18:10:50 GMT
strict-transport-security
max-age=7889238
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-west1,gcp-europe-west4,gcp-europe-west4
x-cache
miss
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
b71202c1-7610-4b05-8990-58f0bb9e59fc
x-shopify-stage
production
server
cloudflare
x-download-options
noopen
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtQU3sRj15MCBFwdlkPc093CTTX8Q39r6AhNFO8ibmo49BFWhyc5o8q5PZZ9XU7DYGMxYXi9iMiFy2HfX0%2FzhuC40v9CclIB2zcU8SLZBD6vvVqNb8V2XL3AW7%2Fvuon4c1wZ"}],"group":"cf-nel","max_age":604800}
cf-ray
84b279a66ad32da5-YVR
x-sorting-hat-podid
331
worker.modern.js
us.getcarstep.com/wpm@3c0b1769wc1f578dfp245c945cmc18b238d/web-pixel-shopify-app-pixel@0575/sandbox/ 		40 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/wpm@3c0b1769wc1f578dfp245c945cmc18b238d/web-pixel-shopify-app-pixel@0575/sandbox/worker.modern.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
446b42770e94a8121f834ba49d0fad130116bf72dda57825cf9a86e95c9401f3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-encoding
br
x-permitted-cross-domain-policies
none
age
74230
server-timing
processing;dur=14, db;dur=5, asn;desc="6327", edge;desc="YVR", country;desc="CA", servedBy;desc="2sw7", requestID;desc="a0856d96-0bd3-4590-ba64-1213bed779d0", cfRequestDuration;dur=9.999990
x-sorting-hat-shopid
78241923404
x-shardid
331
x-storefront-renderer-rendered
1
etag
W/"cacheable:1993046c7eb6d9192f6bc208efb44e2d"
x-shopid
78241923404
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Encoding
content-type
text/javascript; charset=utf-8
content-language
en
cache-control
max-age=31536000, public
x-robots-tag
noindex, nofollow
date
Thu, 25 Jan 2024 18:10:49 GMT
strict-transport-security
max-age=7889238
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-west1,gcp-europe-west4,gcp-europe-west4
x-cache
miss
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
a0856d96-0bd3-4590-ba64-1213bed779d0
x-shopify-stage
production
server
cloudflare
x-download-options
noopen
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7sRIk8%2BbEmLuUhno1ncqNHi%2FbWMEeV6D4JAemcdk40YsRCfWd96hQULdAbEhesml2clOd6zT3bOa%2FiD%2BoxUuqm4ZczkVV6%2BxQWZ4gKW0gCs7Qendc5gebQR0twtsF0AOMgW"}],"group":"cf-nel","max_age":604800}
cf-ray
84b279a66ad52da5-YVR
x-sorting-hat-podid
331
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:40:13 GMT
x-content-type-options
nosniff
age
534637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:40:13 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:15:48 GMT
x-content-type-options
nosniff
age
536102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:15:48 GMT
pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
1ddb074f9963be8f6275c42dbd54d18625da8f91c85803121094ec81649f488b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:34:29 GMT
x-content-type-options
nosniff
age
534981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8504
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:30:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:34:29 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:09:10 GMT
x-content-type-options
nosniff
age
536500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:09:10 GMT
produce_batch
us.getcarstep.com/.well-known/shopify/monorail/unstable/ 		0
730 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/s/trekkie.storefront.b597bc04265e924d663a7fe9c6f1c4b1628c7678.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://us.getcarstep.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 25 Jan 2024 18:10:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing
cfRequestDuration;dur=108.999968
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
10568dee-2c32-413f-b7b1-f36bdc19c2c7
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LeXQbnY02XbRSrptzJUCnfIFtQp7DnfenzF6qijsGNqCBr4nKGKKbzkoi%2Bya1t3pfOzOvmUQJ3wN7BN8Dg%2FuWU30TyFbTdhMBfvnCIu0Z77jkatEPp%2BKf8oXamDQJQG9A%2F3"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://us.getcarstep.com
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray
84b279a6ab222da5-YVR
produce_batch
us.getcarstep.com/.well-known/shopify/monorail/unstable/ 		0
734 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/s/trekkie.storefront.b597bc04265e924d663a7fe9c6f1c4b1628c7678.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://us.getcarstep.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 25 Jan 2024 18:10:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing
cfRequestDuration;dur=108.999968
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
090611d0-bfee-40d4-a7c9-5426307a9ba8
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsx4z63Bi5qMtwS7O24rcx8YDKRk81%2Bn%2FFttMSTXRKQd1BUlAAjOcH38EXbFH8%2B2ZRzpe12%2FCJmHYSwRpQt42BU10p%2FYizD7o%2BKx5o3HnDN4lp4VYyobWoNzgdWnL1%2BKgK2q"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://us.getcarstep.com
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray
84b279a6ab252da5-YVR
produce_batch
us.getcarstep.com/.well-known/shopify/monorail/unstable/ 		0
731 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/s/trekkie.storefront.b597bc04265e924d663a7fe9c6f1c4b1628c7678.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://us.getcarstep.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 25 Jan 2024 18:10:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing
cfRequestDuration;dur=115.999937
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
fc655879-3204-4910-bd04-c69f6e0f8f14
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOcPQQqN6xcGW33jptXWLNKekAoV5suufrQPAIFBcKg5E%2Bq%2BJ2W6jF4LzPfLdRmfbkz%2BXfiOHd%2FualT6xGlgxCQhSA5ns2UdosmRjLsiJESwHubcgN4aDNifad4n3qzqEL1%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://us.getcarstep.com
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray
84b279a6ab292da5-YVR
cart.js
us.getcarstep.com/ 		283 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cart.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/wpm/b3c0b1769wc1f578dfp245c945cmc18b238dm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
a58351e10750fd537abe1eb2b5ad12f77011bb00d2ddd3d10d6bf448ce6f5abf
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://us.getcarstep.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:50 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-us-west1,gcp-europe-west4,gcp-europe-west4
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
server-timing
processing;dur=15, db;dur=4, asn;desc="147049", edge;desc="YVR", country;desc="CA", servedBy;desc="wg9z", requestID;desc="13fef59f-ab45-4644-a4e9-5e6c68daeae5", cfRequestDuration;dur=195.999861
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
78241923404
x-request-id
13fef59f-ab45-4644-a4e9-5e6c68daeae5
x-shardid
331
x-storefront-renderer-rendered
1
x-shopify-stage
production
server
cloudflare
x-shopid
78241923404
vary
Accept-Encoding, Accept
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
content-language
en
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMyDim8aP7EWzyP16s%2Fe3PhGDA46eyFvcrjUBk9cX1tS1WMleDZnnYtplEsbBlX38%2F%2BINdOxGB6fPK10VmLxOExTwvhfjGuo%2BL9JGwiSWw2wjIvB4W5oqc1v8oRRblxxwye5"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
84b279a6bb372da5-YVR
x-sorting-hat-podid
331
x-cartjs-updatedat
0
/
us.getcarstep.com/variants/47188732805452/ 		207 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/variants/47188732805452/?section_id=surface-pick-up
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/wpm/b3c0b1769wc1f578dfp245c945cmc18b238dm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
7d8c0bfbd2ffa8d45562a974676caf2fa8f0fc6583bdeaa0fea32d023ad9a686
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:50 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-us-west1,gcp-europe-west4,gcp-europe-west4
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
miss
server-timing
processing;dur=232;desc="gc:48", db;dur=11, fetch;dur=151, parse;dur=1, wasm, wasmDownload;dur=151, asn;desc="147049", edge;desc="YVR", country;desc="CA", theme;desc="153746211148", pageType;desc="variants", servedBy;desc="w8n4", requestID;desc="ff59bda1-2076-4ce8-9122-d0fd09bf7ec5", cfRequestDuration;dur=425.000191
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
78241923404
x-request-id
ff59bda1-2076-4ce8-9122-d0fd09bf7ec5
x-shardid
331
x-storefront-renderer-rendered
1
x-shopify-stage
production
server
cloudflare
etag
W/"cacheable:481a41c203f2702295e62c6fa6766270"
x-shopid
78241923404
x-frame-options
DENY
vary
Accept
content-type
text/html; charset=utf-8
content-language
en
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q09LJTiVsTJIRifRjwUXG5s7dNYzxNVFkXR%2F3k%2F3%2F9oAqcT%2Fj%2BqxCLF29T7fhDCPfid3inkEQET0PmtiCN5EkbEInPvTIDeXOgi6VrA6gSjIR%2FDYsgDF72uz1QTmxMETS%2FEw"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
84b279a71bd22da5-YVR
link
<https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid
331
base.js
cdn.judge.me/widget/ 		116 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.judge.me/widget/base.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/wpm/b3c0b1769wc1f578dfp245c945cmc18b238dm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.70.205.1 , United States, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
e3f76f0ffc3e0f2dd7fbd1ef6db00b96a6b7b01dd29ce9b7cd5aec5898611f90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
via
1.1 vegur
x-edge-location
usse
x-cache
HIT
x-xss-protection
1; mode=block
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706202691&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=aQEIeuOWZ50hjJGrGkqwRzSKFYVeByxzMy55P9k1pJo%3D
x-request-id
be40dbdb-7d43-42be-bebd-aa3a7cdca7a2
x-runtime
0.017282
server
keycdn
etag
W/"fd460c64ec085a32e7a9e313fc72ba13"
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706202691&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=aQEIeuOWZ50hjJGrGkqwRzSKFYVeByxzMy55P9k1pJo%3D"}]}
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=604800, public
link
<https://judge.me/widget/base.js>; rel="canonical"
common.js
cdn.judge.me/widget/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.judge.me/widget/common.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.70.205.1 , United States, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
via
1.1 vegur
x-edge-location
usse
x-cache
HIT
x-xss-protection
1; mode=block
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706202691&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=aQEIeuOWZ50hjJGrGkqwRzSKFYVeByxzMy55P9k1pJo%3D
x-request-id
02b502aa-334f-4640-b18a-49f6472a7655
x-runtime
0.007827
server
keycdn
etag
W/"21c3007fa3ebe6e73e1c473d8e0ea5dd"
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706202691&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=aQEIeuOWZ50hjJGrGkqwRzSKFYVeByxzMy55P9k1pJo%3D"}]}
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=604800, public
link
<https://judge.me/widget/common.js>; rel="canonical"
main.js
cdn.judge.me/widget/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.judge.me/widget/main.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.70.205.1 , United States, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
via
1.1 vegur
x-edge-location
usse
x-cache
HIT
x-xss-protection
1; mode=block
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706202691&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=aQEIeuOWZ50hjJGrGkqwRzSKFYVeByxzMy55P9k1pJo%3D
x-request-id
814af532-a07a-4bce-b833-fc59de1d68bc
x-runtime
0.009104
server
keycdn
etag
W/"19171e8a335bcc4e05aace48b08860aa"
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706202691&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=aQEIeuOWZ50hjJGrGkqwRzSKFYVeByxzMy55P9k1pJo%3D"}]}
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=604800, public
link
<https://judge.me/widget/main.js>; rel="canonical"
produce_batch
us.getcarstep.com/.well-known/shopify/monorail/unstable/ 		0
735 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/wpm/b3c0b1769wc1f578dfp245c945cmc18b238dm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://us.getcarstep.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 25 Jan 2024 18:10:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing
cfRequestDuration;dur=108.999968
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
aa1d7e43-4b76-4dbe-a2ec-c2f65cc1f445
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2F5CAnwRerpWYLKD9YPVmDOb9Bb51B99O6zRTecM%2FCoaiJTdrdJT%2BFmZUcXM0owe92Wr8tUSV%2BEDNDjbOv%2B%2F9yJzHBDKJaj4CZwSrRo93F0leLTILYN0App8uJN9ESJ%2BVb8j"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://us.getcarstep.com
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray
84b279a89dbf2da5-YVR
common.js
cdn.judge.me/widget/ 		56 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.judge.me/widget/common.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/wpm/b3c0b1769wc1f578dfp245c945cmc18b238dm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.70.205.1 , United States, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
eb3ccbf12a7a58a96b508fa38d3adb39475414cab7e5c8f3500103f81ff98956
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
via
1.1 vegur
x-edge-location
usse
x-cache
HIT
x-xss-protection
1; mode=block
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706202691&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=aQEIeuOWZ50hjJGrGkqwRzSKFYVeByxzMy55P9k1pJo%3D
x-request-id
02b502aa-334f-4640-b18a-49f6472a7655
x-runtime
0.007827
server
keycdn
etag
W/"21c3007fa3ebe6e73e1c473d8e0ea5dd"
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706202691&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=aQEIeuOWZ50hjJGrGkqwRzSKFYVeByxzMy55P9k1pJo%3D"}]}
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=604800, public
link
<https://judge.me/widget/common.js>; rel="canonical"
montserrat_n4.1d581f6d4bf1a97f4cbc0b88b933bc136d38d178.woff2
us.getcarstep.com/cdn/fonts/montserrat/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cdn/fonts/montserrat/montserrat_n4.1d581f6d4bf1a97f4cbc0b88b933bc136d38d178.woff2?h1=ZDMyMGY4LTYuYWNjb3VudC5teXNob3BpZnkuY29t&h2=dXMuZ2V0Y2Fyc3RlcC5jb20&hmac=102d7a3e392d639e49c0a8db744bfc5b4a6f7e5ead2e8da9b9a6f3f2cfc236ed
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/shop/t/2/assets/theme.css?v=113185860768738724361698065526
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
48ae9ed1cac75b617355bdb11b27d4455b02e13f51d8cdccfb3262c195314f66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/cdn/shop/t/2/assets/theme.css?v=113185860768738724361698065526
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
286685
server-timing
imagery;dur=59.441, imageryFetch;dur=59.108, cfRequestDuration;dur=12.000084, cfRequestDuration;dur=20.999908
alt-svc
h3=":443"; ma=86400
content-length
22716
x-xss-protection
1; mode=block
x-request-id
418ed83a-1027-486d-9418-1ebc0414f556
last-modified
Thu, 09 Nov 2023 05:42:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvBBQ4QmaBN%2FuloqVBktZ37LCHKgz9zKZ73YRDLNJxi7KqdpLkmJpATz5MUDe4JgiuQkHP3XQMRkDhk9Ao6%2B5T7hFSxY5Wh%2BEkTH9kACrOcJD1iFm4toRYhFkfr9hi8lG927"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2629800, immutable
accept-ranges
bytes
cf-ray
84b279a94eb72da5-YVR
timing-allow-origin
*
main.js
cdn.judge.me/widget/ 		17 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.judge.me/widget/main.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/wpm/b3c0b1769wc1f578dfp245c945cmc18b238dm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.70.205.1 , United States, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
c360cac936ba84ca808ce9cc07b3479067c994674059288a6848ee30eb9ed376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
via
1.1 vegur
x-edge-location
usse
x-cache
HIT
x-xss-protection
1; mode=block
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706202691&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=aQEIeuOWZ50hjJGrGkqwRzSKFYVeByxzMy55P9k1pJo%3D
x-request-id
814af532-a07a-4bce-b833-fc59de1d68bc
x-runtime
0.009104
server
keycdn
etag
W/"19171e8a335bcc4e05aace48b08860aa"
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706202691&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=aQEIeuOWZ50hjJGrGkqwRzSKFYVeByxzMy55P9k1pJo%3D"}]}
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=604800, public
link
<https://judge.me/widget/main.js>; rel="canonical"
scripttagsales.js
widebundle.com/JS/ 		2 KB
951 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widebundle.com/JS/scripttagsales.js?shop=d320f8-6.myshopify.com
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.147.215.88 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
88.215.147.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
706350e8a1389538ae5940c73f3bd3bfbe1b056d64d9725e791b9c31e261f4b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 25 Jan 2024 16:46:12 GMT
server
istio-envoy
etag
"7d5-60fc7ead2988e-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-envoy-upstream-service-time
2
accept-ranges
bytes
content-length
739
installed.js
cdn1.judge.me/assets/ 		40 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.judge.me/assets/installed.js?shop=d320f8-6.myshopify.com
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.70.205.3 , United States, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
9dde290518ca88ed8e0ba23350560cef9f4081ed78fc718125c4a32dcd92c227
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:51 GMT
content-encoding
gzip
via
1.1 vegur
strict-transport-security
max-age=31536000
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-edge-location
usse
x-cache
HIT
content-length
58
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1705482327&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=axoB0uMZ3o9JEISjJMUfFqyOoQEu7S9BJ6FHJEQ4TbM%3D
last-modified
Tue, 16 Jan 2024 09:56:28 GMT
server
keycdn
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705482327&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=axoB0uMZ3o9JEISjJMUfFqyOoQEu7S9BJ6FHJEQ4TbM%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://judge.me/assets/installed.js?shop=d320f8-6.myshopify.com>; rel="canonical"
expires
Thu, 01 Feb 2024 18:10:51 GMT
events.js
pixel.wetracked.io/d320f8-6.myshopify.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.wetracked.io/d320f8-6.myshopify.com/events.js?shop=d320f8-6.myshopify.com
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39d867a57d904d55592a505447d5ec19cdc6eb98c806cec83df828fa43b5b10f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:51 GMT
access-control-request-method
POST
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 25 Jan 2024 16:43:16 GMT
server
cloudflare
x-do-app-origin
68a4491b-0c72-4c14-be29-cc174069c152
x-do-orig-status
200
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=900
cf-ray
84b279b09f9f2dc1-YVR
access-control-allow-headers
*
lo.js
tools.luckyorange.com/core/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/core/lo.js?site-id=948f7356&shop=d320f8-6.myshopify.com
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-11.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
034f70bbe1abf47451eac2e31cc493e4499bcdd7f4873b469c22afe2ff491f12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:53:52 GMT
content-encoding
gzip
via
1.1 343d70dd2c23b73057116d47a342c588.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
1020
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4483
last-modified
Fri, 05 Jan 2024 15:57:09 GMT
server
AmazonS3
etag
"d9ee60aab166c7d2a9ab5749859b7438"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
iqfl9F8s8TkBsVHl-PqilDRao2P149rTFuiQWwVsmtfHA7pFN7E06Q==
runtime.latest.en.eaea2cac1e2728cbe787.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/runtime.latest.en.eaea2cac1e2728cbe787.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/checkouts/internal/preloads.js?permanent-domain=d320f8-6.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
content-encoding
br
server-timing
imagery;dur=18.461, imageryFetch;dur=17.587, cfRequestDuration;dur=146.999836
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
7f09ac03-3bc9-4eac-81aa-ff4a95ffab08
last-modified
Thu, 25 Jan 2024 18:10:31 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuEHqRUMNhxLrP%2BhYON9GYR3%2BnyqMHnMFwb3HR9qtUHhPim3mntfonx4Py%2BAr%2BFZUIfOj%2BHRvCq4gR5FLZQq1uPGE%2BSp9%2Fh8ghCetvIymVB8Q%2BlTqVZlCBd9e2uefnoSqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/runtime.latest.en.eaea2cac1e2728cbe787.js>; rel="canonical"
cf-ray
84b279b00bcd840b-YVR
/
us.getcarstep.com/variants/47188732838220/ 		207 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/variants/47188732838220/?section_id=surface-pick-up
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/wpm/b3c0b1769wc1f578dfp245c945cmc18b238dm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
7d8c0bfbd2ffa8d45562a974676caf2fa8f0fc6583bdeaa0fea32d023ad9a686
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:51 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-us-west1,gcp-europe-west4,gcp-europe-west4
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
miss
server-timing
processing;dur=29, db;dur=9, parse;dur=1, wasm, asn;desc="147049", edge;desc="YVR", country;desc="CA", theme;desc="153746211148", pageType;desc="variants", servedBy;desc="w8n4", requestID;desc="e676a915-21c6-46de-b0cc-6f530c22f8b1", cfRequestDuration;dur=211.999893, earlyhints
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
78241923404
x-request-id
e676a915-21c6-46de-b0cc-6f530c22f8b1
x-shardid
331
x-storefront-renderer-rendered
1
x-shopify-stage
production
server
cloudflare
etag
W/"cacheable:d3bea21c055b78f81f40920aeb313827"
x-shopid
78241923404
x-frame-options
DENY
vary
Accept
content-type
text/html; charset=utf-8
content-language
en
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXd%2FuYCnTJDuOQYkxptUReTpmcGkSi24PHDr%2F4%2FDsDRSGvQ9OvUU9Gxve%2B8qK1r2m9FKh3dyiAaBJAOz4xTMr7YXYDW7e7IohQjOQ3GWlao7D62Nqdc6HewEudCor5eCZkAC"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
84b279afa8d62da5-YVR
link
<https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid
331
produce
us.getcarstep.com/.well-known/shopify/monorail/v1/ 		0
731 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/.well-known/shopify/monorail/v1/produce
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://us.getcarstep.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 25 Jan 2024 18:10:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing
cfRequestDuration;dur=113.000154
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
52310c42-746e-4e5e-a0d1-4f7cbe34656a
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jt%2BxaI%2BJJ98kezcOkuXxtJpklSNqwnnHpkziXIRsAzfU7yWsRIndeLWkkUBET%2FMowSlYnp6TVm%2FT%2BGEUs9sLbx3L2jhw6vBFVAx11bw962U5dBjaSmv1WHIea4eRwV2syJ6N"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://us.getcarstep.com
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray
84b279b0295e2da5-YVR
172.latest.en.6b74ea76a606e7793115.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
79 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/172.latest.en.6b74ea76a606e7793115.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/checkouts/internal/preloads.js?permanent-domain=d320f8-6.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
content-encoding
br
server-timing
imagery;dur=23.550, imageryFetch;dur=23.313, cfRequestDuration;dur=246.000051
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
9e7a7374-a9c5-4e63-b0d0-b92c8da6fb50
last-modified
Thu, 25 Jan 2024 18:10:51 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCmmGjvVuAke5F4THXahIEe480MLufv0pc7wUxx5BLic2RpEU1WVwBvzavmkoqKOm01auy8%2BP2nla533LUr85cJ%2FZz20UMXzs7JQNsUnUruHxiVMr8H1YCCCVZ3O9jHrJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/172.latest.en.6b74ea76a606e7793115.js>; rel="canonical"
cf-ray
84b279b17dbd840b-YVR
sig
pixel.wetracked.io/ 		147 B
664 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pixel.wetracked.io/sig
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/wpm/b3c0b1769wc1f578dfp245c945cmc18b238dm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6ceeeb4ca4c118b119f723130aa3909d77115b6f9879e8504008ea62f2a23d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:52 GMT
access-control-request-method
POST
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Jan 2024 18:10:52 GMT
server
cloudflare
x-do-app-origin
68a4491b-0c72-4c14-be29-cc174069c152
x-do-orig-status
200
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=900
cf-ray
84b279b319d52dbf-YVR
access-control-allow-headers
*
update.js
us.getcarstep.com/cart/ 		382 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cart/update.js?attributes[host]=https%3A%2F%2Fus.getcarstep.com&attributes[fbp]=fb.1.1706206251823.845834362
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/wpm/b3c0b1769wc1f578dfp245c945cmc18b238dm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
6601d81afe058a32e5c350eb7ef70c6baf82ca8f30e8f471d83177013eb72365
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=cec1fa4b-3d1e-43f5-b10d-80d701402b67
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=/xss-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=cec1fa4b-3d1e-43f5-b10d-80d701402b67

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:52 GMT
strict-transport-security
max-age=7889238
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=cec1fa4b-3d1e-43f5-b10d-80d701402b67
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-us-west1,gcp-europe-west3
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-envoy-upstream-service-time
218
server-timing
processing;dur=216, edge_cart;desc="count=1";dur=13.5, cfRequestDuration;dur=434.000015
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block; report=/xss-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=cec1fa4b-3d1e-43f5-b10d-80d701402b67
x-sorting-hat-shopid
78241923404
x-request-id
cec1fa4b-3d1e-43f5-b10d-80d701402b67
x-shardid
331
x-shopify-stage
production
server
cloudflare
x-shopid
78241923404
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
content-language
en-CA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfrlH%2F%2Fp%2FyMnSkTFBCxgNsyrDCgFs0jjIY%2B2DT31niy4WczulHBKWrszwaQFNA%2FFblkr45Fz21M1Ign2wuyUXt4%2FFZ9ZSI0Bknq%2Bn2r2AN3LFwuJive3nAJDRPaBA5aEouF0"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
84b279b23c872da5-YVR
x-liquid-rendered-at
2024-01-25T18:10:52.145551075Z
x-sorting-hat-podid
331
948f7356
settings.luckyorange.com/ 		149 B
239 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.com/948f7356
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/wpm/b3c0b1769wc1f578dfp245c945cmc18b238dm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash
108462152c21da2335d3a5d537210cf284d40d825a2a316a37e88c52526eaf94

Request headers

Referer
https://us.getcarstep.com/
accept-language
en-CA,en;q=0.9
x-lucky-uid
undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-lucky-referrer

Response headers

date
Thu, 25 Jan 2024 18:10:52 GMT
via
1.1 google
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://us.getcarstep.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149
948f7356
settings.luckyorange.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.com/948f7356
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method
GET
Origin
https://us.getcarstep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://us.getcarstep.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 25 Jan 2024 18:10:52 GMT
via
1.1 google
960.latest.en.90daeb1d1375a6b90df5.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
62 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/960.latest.en.90daeb1d1375a6b90df5.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/checkouts/internal/preloads.js?permanent-domain=d320f8-6.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
4871
content-encoding
br
server-timing
imagery;dur=25.470, imageryFetch;dur=25.274, cfRequestDuration;dur=10.999918
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
3fc71fef-0bbe-4c32-8257-93ef07acd861
last-modified
Thu, 25 Jan 2024 16:49:41 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Pd%2BIFcSeUiDi0wtDqqjei0FhwKUR2FcMPJbx0vlrpTpAYhrVSqOZVdf2F0M9I36JhG84pmgILsELCpjYw4Vflceaqc5%2F2piq06J%2Bk7dY%2BbudJlgSSXK3%2F9XH6Z6s6naEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/960.latest.en.90daeb1d1375a6b90df5.js>; rel="canonical"
cf-ray
84b279b48a0a840b-YVR
init
pixel.wetracked.io/carts/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pixel.wetracked.io/carts/init?sd=d320f8-6.myshopify.com&loc=https%3A%2F%2Fus.getcarstep.com%2F&ct=Z2NwLWV1cm9wZS13ZXN0NDowMUhOMFgySzE0RVlTSzFHS0tTR0Y2QTNXRA&host=https%3A%2F%2Fus.getcarstep.com&fbp=fb.1.1706206251823.845834362
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/wpm/b3c0b1769wc1f578dfp245c945cmc18b238dm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:52 GMT
access-control-request-method
POST
cf-cache-status
MISS
last-modified
Thu, 25 Jan 2024 18:10:52 GMT
server
cloudflare
x-do-app-origin
68a4491b-0c72-4c14-be29-cc174069c152
x-do-orig-status
200
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST
access-control-allow-origin
*
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
84b279b56d6c2dbf-YVR
access-control-allow-headers
*
content-length
0
150.latest.en.ddc10927ad5c786fc8fb.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/150.latest.en.ddc10927ad5c786fc8fb.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/checkouts/internal/preloads.js?permanent-domain=d320f8-6.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
4871
content-encoding
br
server-timing
imagery;dur=23.565, imageryFetch;dur=23.365, cfRequestDuration;dur=11.000156
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
37e8780d-18a7-44db-8365-06933fa18c6d
last-modified
Wed, 24 Jan 2024 23:39:02 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fabEaRZYCJ4ehWJGuvQd%2FX0ZA1kqFfNsIzkURsZdQLADCT2%2BVHkPYVViNgl7LiDX%2FwtqQOdExnv553%2BygL1OEu8Ufep45IUBDbqtHa5uwBN1Sjl5zzA8f56EX%2BKtd4u7BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/150.latest.en.ddc10927ad5c786fc8fb.js>; rel="canonical"
cf-ray
84b279b59b5e840b-YVR
app.latest.en.a97019e8043a46373ff4.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
222 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.a97019e8043a46373ff4.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/checkouts/internal/preloads.js?permanent-domain=d320f8-6.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
content-encoding
br
server-timing
imagery;dur=29.351, imageryFetch;dur=29.144, cfRequestDuration;dur=134.999990
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
3e144731-e3ab-4dc6-aab5-ad2a66bad50d
last-modified
Thu, 25 Jan 2024 18:10:32 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAZY8hBYV1xT%2BgTEYCA4Lwf77u18DDTpE7bQtpMGC3JzMngFEKx%2F8xRXD4sw6THA9dQils9t1%2Bw7FACHrcztaRT8bmRAUA56DXyAjQbbETN3floSrKQUfFLmxGz%2FozgAbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.a97019e8043a46373ff4.js>; rel="canonical"
cf-ray
84b279b63c3f840b-YVR
update.js
us.getcarstep.com/cart/ 		530 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us.getcarstep.com/cart/update.js?attributes[host]=https%3A%2F%2Fus.getcarstep.com&attributes[fbp]=fb.1.1706206251823.845834362&attributes[ip]=176.100.43.103&attributes[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/wpm/b3c0b1769wc1f578dfp245c945cmc18b238dm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
47f715c841d67c320e75a94536da44f1cfa0bcf3e4f9119ef0d412774c580c58
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=a240515d-79d2-4515-9f44-81fc1e45ae79
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=/xss-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=a240515d-79d2-4515-9f44-81fc1e45ae79

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:53 GMT
strict-transport-security
max-age=7889238
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=a240515d-79d2-4515-9f44-81fc1e45ae79
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-us-west1,gcp-europe-west3
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-envoy-upstream-service-time
114
server-timing
processing;dur=113, edge_cart;desc="count=2";dur=21.21, cfRequestDuration;dur=296.000004
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block; report=/xss-report?source%5Baction%5D=update&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=a240515d-79d2-4515-9f44-81fc1e45ae79
x-sorting-hat-shopid
78241923404
x-request-id
a240515d-79d2-4515-9f44-81fc1e45ae79
x-shardid
331
x-shopify-stage
production
server
cloudflare
x-shopid
78241923404
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
content-language
en-CA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AKzCYpohlakP7xYqhNRisbf9sl9lFlHvcvUyfjxt7sHdIutynv14evLuqRIun8DcP3DL52LcP0JDmwzxBDlfbyOUL3vxBh%2BXtgHV9C%2FJ9zY5mP4CufYDcpuAvFhOtjIpoTw"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
84b279b87de32da5-YVR
x-liquid-rendered-at
2024-01-25T18:10:53.008032587Z
x-sorting-hat-podid
331
731.latest.en.13d4de92b88330e8fea9.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
960 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/731.latest.en.13d4de92b88330e8fea9.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/checkouts/internal/preloads.js?permanent-domain=d320f8-6.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
4871
content-encoding
br
server-timing
imagery;dur=53.105, imageryFetch;dur=52.522, cfRequestDuration;dur=10.999918
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
79bc67f1-a8be-4aa6-9f0b-6866727afc89
last-modified
Sat, 20 Jan 2024 22:25:49 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JUAp%2BZUoMdC0EClEqStYj8ucE1MZFwzw5jnV%2BA6ta5auuORshPVGMb16QzoXRkOP3iCmX6tGLYvV1emQwkp0y08pe7nSWJLOMi7IwHXA57Jd1UUMmTzLWja5duXURJJDdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/731.latest.en.13d4de92b88330e8fea9.js>; rel="canonical"
cf-ray
84b279b89f53840b-YVR
958.latest.en.7ab533e6ba2a828e441d.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/958.latest.en.7ab533e6ba2a828e441d.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/checkouts/internal/preloads.js?permanent-domain=d320f8-6.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
4872
content-encoding
br
server-timing
imagery;dur=34.957, imageryFetch;dur=33.501, cfRequestDuration;dur=21.000147
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
097a1b36-ca3b-48ac-a557-f4a6fea6a480
last-modified
Thu, 25 Jan 2024 01:11:46 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVYzr6znXkVhEb3m90EgDos2WdzsVjDhprxZdCV8yP3aYxGJFpWOhDmIF%2BCAzc%2Bl89t1MD2KW%2FXdj9GMAr%2FQJaxGs1zgBcSbIYzbIr8ca%2Fp5XvsS8GMCkLM%2FQTUeMpZcJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/958.latest.en.7ab533e6ba2a828e441d.js>; rel="canonical"
cf-ray
84b279b9f90b840b-YVR
844.latest.en.7fcd45ae446a9a5574e8.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/844.latest.en.7fcd45ae446a9a5574e8.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/checkouts/internal/preloads.js?permanent-domain=d320f8-6.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
4872
content-encoding
br
server-timing
imagery;dur=20.518, imageryFetch;dur=19.904, cfRequestDuration;dur=10.999918
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
ef221c76-a3a5-48ae-896a-bff02eb0fca9
last-modified
Thu, 25 Jan 2024 16:49:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Wg3YNpJcow7CYNXvCdmIIuPwgLrpY4hFDxf3GxzKJ%2Bds5vLxTZoOQSjOuaxXTKfAVQz4rgErSwjb34OUof21bP8meJI70PznOEfGOmTiqdO6nvOW1fxTqHP0amHCIat%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/844.latest.en.7fcd45ae446a9a5574e8.js>; rel="canonical"
cf-ray
84b279ba99e3840b-YVR
init
pixel.wetracked.io/carts/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pixel.wetracked.io/carts/init?sd=d320f8-6.myshopify.com&loc=https%3A%2F%2Fus.getcarstep.com%2F&ct=Z2NwLWV1cm9wZS13ZXN0NDowMUhOMFgySzE0RVlTSzFHS0tTR0Y2QTNXRA&host=https%3A%2F%2Fus.getcarstep.com&fbp=fb.1.1706206251823.845834362
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/cdn/wpm/b3c0b1769wc1f578dfp245c945cmc18b238dm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us.getcarstep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:53 GMT
access-control-request-method
POST
cf-cache-status
HIT
x-do-app-origin
68a4491b-0c72-4c14-be29-cc174069c152
age
1
x-do-orig-status
200
content-length
0
last-modified
Thu, 25 Jan 2024 18:10:52 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST
access-control-allow-origin
*
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
84b279baddbc2dbf-YVR
access-control-allow-headers
*
OnePage.latest.en.74dbb3f0567f83b96269.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
243 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/OnePage.latest.en.74dbb3f0567f83b96269.js
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/checkouts/internal/preloads.js?permanent-domain=d320f8-6.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
content-encoding
br
server-timing
imagery;dur=24.506, imageryFetch;dur=24.278, cfRequestDuration;dur=93.000174
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
a33e0a8c-a1d5-4fcc-9821-dd729a33f607
last-modified
Thu, 25 Jan 2024 18:10:33 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LNzPR7maekvcLsEAcAzXAFc718Vp6GJlijXiCKLhtW6uSEnBdjtQwjh2a9q3QB79i8CjpWQxzYXe3MOgh7QqaniNMn479rZzzEo1rBOD7RvgLXuMMiS7Ap0VeDDFKzxaEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/OnePage.latest.en.74dbb3f0567f83b96269.js>; rel="canonical"
cf-ray
84b279bb2a97840b-YVR
172.latest.en.041723f154cf114fb9c6.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
24 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/172.latest.en.041723f154cf114fb9c6.css
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/checkouts/internal/preloads.js?permanent-domain=d320f8-6.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
content-encoding
br
server-timing
imagery;dur=34.052, imageryFetch;dur=33.715, cfRequestDuration;dur=189.999819
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
77d39761-642a-4b3b-a017-cf9a411e5bd8
last-modified
Thu, 25 Jan 2024 18:10:53 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RItFpaLCBzaejkvMl7rE4XA1238GUN9SfAJ3G2YSDf3XpTQ7bubXkNFsp6cCSKSbd%2BArSDkSX8ZrixDBh7jT6ri09yBMN6PiE4OIFIn9W9ZnvWS7SOI0yLY1AojWTi9xfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/172.latest.en.041723f154cf114fb9c6.css>; rel="canonical"
cf-ray
84b279bcccba840b-YVR
app.latest.en.e5a7f63ca146c0549466.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.e5a7f63ca146c0549466.css
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/checkouts/internal/preloads.js?permanent-domain=d320f8-6.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
4872
content-encoding
br
server-timing
imagery;dur=112.882, imageryFetch;dur=24.415, cfRequestDuration;dur=9.999990
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
51514d6a-832d-4cd3-bb1f-e98f93cfe3c9
last-modified
Thu, 25 Jan 2024 16:49:42 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mh3kMXKU2MYUP0aKDQ45wGIKipKPrMpNlWUVEHRFMkUGAbvihSZUSzj%2BLpK7p82I7JItEoVOzxobUQfVxelDIF0fsJtxUmxFLjQ8Tfsu98dGOE2wPrypAOEXQqP%2B%2B3A5HA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.e5a7f63ca146c0549466.css>; rel="canonical"
cf-ray
84b279c0ba54840b-YVR
958.latest.en.3388a58cacfe5a93e981.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/958.latest.en.3388a58cacfe5a93e981.css
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/checkouts/internal/preloads.js?permanent-domain=d320f8-6.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
4872
content-encoding
br
server-timing
imagery;dur=145.473, imageryFetch;dur=18.636, cfRequestDuration;dur=11.999846
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
2577ba5d-5d5c-45a1-8ba8-10e8450d7d45
last-modified
Thu, 25 Jan 2024 11:28:03 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iE1iyasPG4cD08hcSWvIng3PLXv1nJ3VA6KwUWVPrQoPpCXBsQ807lSdP38SJOHYatsPDZpML%2BUyEJVFgL7F%2BOOqnEqeVMGD6bq5URNKDWp8J0xEFLL1JREaFeAtS8CsDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/958.latest.en.3388a58cacfe5a93e981.css>; rel="canonical"
cf-ray
84b279c14b37840b-YVR
74.latest.en.02109d16b0d444aa6888.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/74.latest.en.02109d16b0d444aa6888.css
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/checkouts/internal/preloads.js?permanent-domain=d320f8-6.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
4872
content-encoding
br
server-timing
imagery;dur=25.787, imageryFetch;dur=24.119, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
5df0491c-ae2f-4e9f-b4aa-5b978417c368
last-modified
Thu, 25 Jan 2024 16:49:42 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7AD1Af%2BTfbCX0usaPtuso%2FyP1dOiIqVayO9Gh0PQNtVN26QsUbE21uNZ1c2YZRO3UwZABUNTXbGCYYdWME31Vf31UF%2BoL4LEBAfqWjjYCX6gySCQudiRZYTYLxTd3zGuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/74.latest.en.02109d16b0d444aa6888.css>; rel="canonical"
cf-ray
84b279c1dc17840b-YVR
opensans_n4.5460e0463a398b1075386f51084d8aa756bafb17.woff2
fonts.shopifycdn.com/open_sans/ 		0
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://fonts.shopifycdn.com/open_sans/opensans_n4.5460e0463a398b1075386f51084d8aa756bafb17.woff2?h1=dXMuZ2V0Y2Fyc3RlcC5jb20&hmac=8ec3bab80923c1e5250d8148abff07935cba237b3f32c62f17540113543ece4e
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/checkouts/internal/preloads.js?permanent-domain=d320f8-6.myshopify.com&locale=en-CA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.146.173.20 , Sweden, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
199798
server-timing
imagery;dur=44.461, imageryFetch;dur=44.008, cfRequestDuration;dur=9.000063, cfRequestDuration;dur=19.999981
alt-svc
h3=":443"; ma=86400
content-length
17308
x-xss-protection
1; mode=block
x-request-id
6c59c1ab-4f19-4b42-b7fe-1f832a42a002
last-modified
Sat, 02 Dec 2023 19:42:17 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkVRkK5ZGidVnNbKfBTpRbEFtXGTWYX3lSOWly2iyfXmL7xcpLiBNrrKBkdeNGdAd6psL%2F74dfUsxbHDTcKYPZWhxICzSm%2BVrPHXskYLWm3T%2Ff1AJtgbZCGNPx1GBUqacdd%2FvVaP"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2629800, immutable
accept-ranges
bytes
cf-ray
84b279c35bc261f5-YVR
timing-allow-origin
*
opensans_n6.63a74f6cbbfef729fb07955b2d5b4cc83273862e.woff2
fonts.shopifycdn.com/open_sans/ 		0
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://fonts.shopifycdn.com/open_sans/opensans_n6.63a74f6cbbfef729fb07955b2d5b4cc83273862e.woff2?h1=dXMuZ2V0Y2Fyc3RlcC5jb20&hmac=5e122f28bff4a17dd869c6e4501414c9d811a39c7e49f36faf72a86275506760
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/checkouts/internal/preloads.js?permanent-domain=d320f8-6.myshopify.com&locale=en-CA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.146.173.20 , Sweden, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
304291
server-timing
imagery;dur=75.852, imageryFetch;dur=75.161, cfRequestDuration;dur=6.999969, cfRequestDuration;dur=16.999960
alt-svc
h3=":443"; ma=86400
content-length
17896
x-xss-protection
1; mode=block
x-request-id
3412f77c-61e2-4f76-b909-bd3b01e139b9
last-modified
Fri, 10 Nov 2023 12:12:31 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1l4kBAezW%2BfumGC0KM50rrbTcJyTrSsZnMS20E7hlKFvfoi7TOdZpsOWzWPt3Mynxh7%2FeXgB4qA%2FU%2FpoR%2FhiQJ6647ESPBou%2F2RAIoh%2F3c4J5i4HsmXx2l4V32z2O0qHJ3BppPKy"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2629800, immutable
accept-ranges
bytes
cf-ray
84b279c46d0461f5-YVR
timing-allow-origin
*
Carstep_logo_Farg_x320.png
cdn.shopify.com/s/files/1/0782/4192/3404/files/ 		0
69 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0782/4192/3404/files/Carstep_logo_Farg_x320.png?v=1696416673
Requested by
Host: us.getcarstep.com
URL: https://us.getcarstep.com/checkouts/internal/preloads.js?permanent-domain=d320f8-6.myshopify.com&locale=en-CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us.getcarstep.com/
Origin
https://us.getcarstep.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 18:10:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
140473
source-type
image/png
server-timing
imagery;dur=437.394, imageryFetch;dur=64.682, imageryProcess;dur=370.555;desc="image", cfRequestDuration;dur=12.000084
source-length
82690
content-length
69681
x-xss-protection
1; mode=block
x-request-id
46b4086f-4ee6-4d1d-9802-c785e3eb1cac
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 07 Jan 2024 16:10:00 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9eR20%2FEDvwtxj0fXVC1oWcPq7kWT4mCuqP7RWubZhNT6uFKbxqJrH%2BexRy8zR9oKu%2BgNLge90sjgB3190ZLqf%2BbW7rfqEdx5HOTtXCTTVYe5HEeLG%2B1mD3C49aEB4LpfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0782/4192/3404/files/Carstep_logo_Farg_x320.png>; rel="canonical"
cf-ray
84b279c52902840b-YVR

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| Shopify object| __st boolean| ShopifyPaypalV4VisibilityTracking object| Theme object| jdgmSettings object| jdgm object| meta string| attr object| ShopifyAnalytics object| trekkie object| BOOMR function| jQuery function| $ function| onYouTubeIframeAPIReady object| __twttrf object| twitterFetcher object| GEMVENDOR object| pageLibs object| essentialCountdownTimerConfigs string| templateName function| b64DecodeUnicode object| upcartSettings object| upcartPreloadedCart string| upcartMoneyFormat object| webPixelsManager object| wideBundle function| posInUrl function| isDescendant function| getClosestParentForm function| addStyleToPage function| isJsonString function| AddSVG function| getShopifyBaseUrl function| arraysEqual function| containsOnlyNumbers function| fireChangeEvent function| triggerMouseEvent function| dispatchClick function| eventFire function| showAndReduceForm function| copyStyle function| AddGoogleFont function| GetLoadingGifBase64 function| handleTranscyPrice function| extractPrice function| spaceSubstrings function| removeDuplicate function| keepSubstrings function| extractCurrencyCode function| getAmountDifference function| observePriceChanges function| formatQuotes object| __core-js_shared__ object| core function| essentialCountdownCloseAnnouncementBar function| essentialCountdownCloseAnnouncementBarOnClick function| getCartEssentialApps function| clearCartEssentialApps function| getProductEssentialApps object| __SENTRY__ function| _ function| upcartRegisterAddToCart function| upcartOnAddToCart function| upcartOnCartLoaded function| upcartOnCartUpdated function| upcartOnCartOpened function| upcartShouldAddToCartContinue function| upcartShouldSkipAddToCart function| upcartOnCartClosed function| upcartOnItemRemoved function| upcartOnCheckout object| upcartCheckoutListeners function| upcartOnAddUpsell function| upcartOpenCart function| upcartCloseCart function| upcartOnRenderUpsell function| upcartModifyListOfUpsells function| upcartModifyCart function| upcartStickyButtonOnClick function| showUpcartErrorToast function| GemQuery object| __gemStoreData object| __gemStoreFunc object| GEMSTORE function| getInfosWB function| showFormWB string| shopWB string| shop function| _restoredFetch function| originalFetch object| jdgmLeex object| jdgmTheme object| _visit function| floatToString function| attributeToString object| judgeme object| variant object| newOffer object| jsonParseScript object| prices object| match object| newVariant string| updatePrice object| pricesWB object| pricesExceptionWB object| blocsToGetPricesWB object| allExcepClassPrices object| comparePrice object| productPriceSalePrice object| formsSameElementException object| hidingElements object| forms number| allForms number| formLength number| j object| form string| formID object| exceptionAll object| exception object| childElementsWB number| good object| elements object| buttonFound object| addToCartButton object| elementTesting object| testHasChild string| hasChild string| theElementToUse object| nodeElement object| variantsSelector number| elementPosition object| elementsAboveVariants object| elementsBelowVariants string| theElementToShow number| newNodeToShowLength object| formWide number| loopCount number| intervalFunction number| loopCountHide number| intervalFunctionHide object| formWB object| offerContainer undefined| offerContentLeft object| titleOffer string| variantId object| messageText object| messageEffect object| messagePosition number| messagesToDisplay object| optionsLabels number| swatchId undefined| offerContentRight object| customSentence string| content object| hasVariant object| exceptionsPrices boolean| hasPreselectedOffer object| JST function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| imagesLoaded boolean| essentialViewCounted object| newWidgetChecked object| elementNode object| alreadyDoneElement number| elementsToHideWithEventListenerLength object| elementNodeHide number| BOOMR_onload number| isMainForm object| variantsSelectorToUpdate string| offerName object| inputs object| productJsonNode object| idInput number| visuallyReady boolean| WETRACKED_INTEGRATION object| LO undefined| http undefined| urlCalled undefined| params

16 Cookies

Domain/Path Name / Value
us.getcarstep.com/ Name: secure_customer_sig
Value:
us.getcarstep.com/ Name: localization
Value: CA
us.getcarstep.com/ Name: cart_currency
Value: USD
.getcarstep.com/ Name: _cmp_a
Value: %7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22sale_of_data_region%22%3Afalse%7D
.getcarstep.com/ Name: _shopify_y
Value: bd3de67e-434b-4ea9-889f-e0136da9c6af
.getcarstep.com/ Name: _orig_referrer
Value:
.getcarstep.com/ Name: _landing_page
Value: %2F
.getcarstep.com/ Name: _shopify_s
Value: de3143c3-1b5e-48c3-8f55-4a005a49381a
.getcarstep.com/ Name: _shopify_sa_t
Value: 2024-01-25T18%3A10%3A49.981Z
.getcarstep.com/ Name: _shopify_sa_p
Value:
us.getcarstep.com/ Name: keep_alive
Value: a4be47a6-eafe-40fa-ad1f-65e65a327444
.pixel.wetracked.io/ Name: __cf_bm
Value: JhVnwO8JcskTtasdaNm5LFfO2_WJHZ1ovw9redwYSVM-1706206251-1-AU705pt9p8ZUBN0bKrmIBzbbhwbnaXhy0fenbnOUf4Yb7UPChvEVOyhc5Tr94JtIjj6JkFQlZHS3NN8fHrki9SE=
.getcarstep.com/ Name: _fbp
Value: fb.1.1706206251823.845834362
us.getcarstep.com/ Name: cart
Value: Z2NwLWV1cm9wZS13ZXN0NDowMUhOMFgySzE0RVlTSzFHS0tTR0Y2QTNXRA
us.getcarstep.com/ Name: cart_ts
Value: 1706206253
us.getcarstep.com/ Name: cart_sig
Value: d190319fa696b71cb96c14e5275cafad

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.judge.me
cdn.shopify.com
cdn1.judge.me
d1um8515vdn9kb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fonts.shopifycdn.com
pixel.wetracked.io
settings.luckyorange.com
tools.luckyorange.com
us.getcarstep.com
widebundle.com
13.225.242.105
13.226.34.11
142.251.32.99
142.251.40.234
172.66.0.96
185.146.173.20
23.227.38.65
23.227.60.200
34.107.203.234
34.147.215.88
68.70.205.1
68.70.205.3
021d04612a995af5e7d1e6b3cd0f183e0036f4180d98c73471a5e536decb54a0
0233657667266d68e96b4a7c3f5f8bf87547c6af01fc175840b9f562fed4ee90
034f70bbe1abf47451eac2e31cc493e4499bcdd7f4873b469c22afe2ff491f12
06e42c72ab1f782d50913ec3355836ebdceda95d2522cc42520ad63479485d7c
108462152c21da2335d3a5d537210cf284d40d825a2a316a37e88c52526eaf94
13fab31731feb9790f92548ea55db704bfb32ab9d5e9efce5d4085ad22c5f5be
1520a7eb62589e04830089fb0bb24ed711f3710c286a4ef9ab6d22b8e58f1890
17d3c1e609741148317a4c41b4929e6873d8652acff617fda05650c7a4e46178
17db58f826346e71c2936595c83639693ffea0a76f4dcb1a7c156bb55185c2a9
1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f
1ddb074f9963be8f6275c42dbd54d18625da8f91c85803121094ec81649f488b
256c18fc2999e6337e221d8f1daf9736bbfe00456146a4649b08644f2af6defe
39d867a57d904d55592a505447d5ec19cdc6eb98c806cec83df828fa43b5b10f
3aeebe42b569e87f7b8d797515fe0ad0463a497618044a8ef81470a60cb84a72
3c6dc1d9fe844fc2ab82dab4fd8e2435bb03ff9403f450067c96f026c23f3adb
3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd
3f7027360c0824e7c0992a6ed4f06e9288eb860b9beaea607c147b089b4a41b1
446b42770e94a8121f834ba49d0fad130116bf72dda57825cf9a86e95c9401f3
47f715c841d67c320e75a94536da44f1cfa0bcf3e4f9119ef0d412774c580c58
48ae9ed1cac75b617355bdb11b27d4455b02e13f51d8cdccfb3262c195314f66
4cf3f54a68e9a00da43ed9ad4a370ec4312be90656aa4622527d66593e3bef6b
55ce286d7f43b7f72c9f997ee9fd1895bc556bb678e6e60d9050eaee95943d27
5bf2097e2b5ed60ccd56b4bce0c9eec04573bcd1bd92aaf836735548da839329
643db69aa18f491cf5ee80777dc9f15c609c0f1324179602098cc56b04665029
6601d81afe058a32e5c350eb7ef70c6baf82ca8f30e8f471d83177013eb72365
68f155793f1b72445508752d17358357445e85e6deb90500e132a029e1f08e46
6ae596868ca62a5920d4ad87a563be4cdf47c7fe82da9a03c7df226641052732
6c0723e9ee801384a798da53971c28404c287f4fefaef78b8d3647380b056872
702b02ebd0da3275b2aa8504cd7309d7d50f21eefa723104e3906ae8456d3483
706350e8a1389538ae5940c73f3bd3bfbe1b056d64d9725e791b9c31e261f4b4
7d8c0bfbd2ffa8d45562a974676caf2fa8f0fc6583bdeaa0fea32d023ad9a686
7e1829acacc5a1b6ec314952d16085f21db18e0220b3728eb03156e8a4458f09
7ede2e5d3e89ca43d7bfdca8a0c8bb7a496af593f28507b83b6ca2dd343048c0
87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e
8d21a6b3c943104663871718d3eb5ec813643423742d64dae1bd46e22a9fe350
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9430d445d0dc14813bc8841318f8580f06be3c7519105676ab1cab10684283ca
955c3a55545609b5856bdd088b16b2e45bcbf36a79ce4400f7a729a9682c1b4a
993aee3808ae762dc14c56a94a2f8f1ec8f8bca8fa7b2825507e5128356f795b
9ceba4d80747ef5dfabe16fc05e845d3235615c2386212e1327b6e2ed2140bdb
9dde290518ca88ed8e0ba23350560cef9f4081ed78fc718125c4a32dcd92c227
9f1a5d361357fc3540adb04e700c5c353574efe2cf552994a665ecbe750e17ab
a12690c0ebb7c111beb5e830ec93fe0cd6eb0d7684967766cefc7b4f5a3cb421
a58351e10750fd537abe1eb2b5ad12f77011bb00d2ddd3d10d6bf448ce6f5abf
a608b27ad56483b11c7421b58dacca20448f6db1d407e969aa2ab68286655607
a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b
ab789afa606b341c8317b4aaa0ec6573167ad35d2469daaaf66f4630cd1ba0d5
b0af070cfe3f5cf7c92f9e2a5da2665ee07ed2aad63bb408f8d6672f894a5996
b59d5f1c395f6c6931df5d01e7de4086834c7098cdfd6d043fb5199b5dae2236
b9372eb590668a293d1f3a6b0fa86a21dc07b6ad5fde7148ea7a78d91936cd55
c360cac936ba84ca808ce9cc07b3479067c994674059288a6848ee30eb9ed376
c5cc99063a1f39bad4546a67e46910caf553474ff7860d81ca4319cab247c0c4
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf9d568d3e4448fcf949dfe93b18264a42f47ce7d6af31ba7a63b56d83cca29c
d502bdb2063441789a0a3cc398c37cbf9cb4f34c486367b6758a7a6d7d9e0963
d78e39f5f81702ecb5ef679a120db762e3005bc77955c06fc955a5d82e030d85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f76f0ffc3e0f2dd7fbd1ef6db00b96a6b7b01dd29ce9b7cd5aec5898611f90
e6ceeeb4ca4c118b119f723130aa3909d77115b6f9879e8504008ea62f2a23d2
e78f4e6b5648c81537e78fbc7c382fb72030d319026f7366e69392e0cf62bd6f
eb3ccbf12a7a58a96b508fa38d3adb39475414cab7e5c8f3500103f81ff98956
f390eabd445bedb02aedbcee02f60cf89571b61ed7b5a39b73f637f4292e8784
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f730eecb91a97517f3f0886e38326c91acf4b66089f8150c830e4ef8829d2f3a
f8aec0caa403d468ebbd044456c68d24b905233649c492197db91dcdaf7c3db2