returns.foldedsteel.com Open in urlscan Pro
35.82.247.11 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://returns.foldedsteel.com/
Submission: On December 20 via api (December 20th 2023, 7:27:00 pm UTC) from US — Scanned from US

Summary HTTP 40 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 14 domains to perform 40 HTTP transactions. The main IP is 35.82.247.11, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is returns.foldedsteel.com.
TLS certificate: Issued by R3 on December 20th 2023. Valid for: 3 months.

This is the only time returns.foldedsteel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	35.82.247.11 35.82.247.11	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::93	15169 (GOOGLE) (GOOGLE)
4	2600:9000:21a... 2600:9000:21a2:8000:5:931b:16c0:21	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c09::61	15169 (GOOGLE) (GOOGLE)
3	54.192.51.16 54.192.51.16	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:250... 2600:9000:250a:2e00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4004:c07::5f	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6812:125f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.227.60.200 23.227.60.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.201.135.255 54.201.135.255	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4004:c06::5e	15169 (GOOGLE) (GOOGLE)
1	52.85.150.135 52.85.150.135	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:24e... 2600:1f18:24e6:b900:2158:f167:850f:e50e	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.130.217 151.101.130.217	() ()
40	16

3 35.82.247.11 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-247-11.us-west-2.compute.amazonaws.com

returns.foldedsteel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.loopreturns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::93 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21a2:8000:5:931b:16c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1nnh0c8uc313v.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.192.51.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-16.yul62.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:250a:2e00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:125f (United States)

ASN13335 (CLOUDFLARENET, US)

config.gorgias.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.gorgias.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.60.200 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.201.135.255 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-135-255.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.150.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-150-135.iad89.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b900:2158:f167:850f:e50e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.217 (None, )

ASN- ()

config.gorgias.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	gorgias.chat config.gorgias.chat — Cisco Umbrella Rank: 7936 assets.gorgias.chat — Cisco Umbrella Rank: 12669	353 KB
8	stripe.com js.stripe.com — Cisco Umbrella Rank: 1282 q.stripe.com — Cisco Umbrella Rank: 7730 m.stripe.com — Cisco Umbrella Rank: 1245	148 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	317 KB
4	cloudfront.net d1nnh0c8uc313v.cloudfront.net	555 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1361	16 KB
2	loopreturns.com api.loopreturns.com — Cisco Umbrella Rank: 134152	27 KB
1	gorgias.io config.gorgias.io	120 KB
1	browser-intake-datadoghq.com rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 1966	344 B
1	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 2546	18 KB
1	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 1708	11 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	89 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	foldedsteel.com returns.foldedsteel.com	1 KB
40	14

	Domain	Requested by
5	assets.gorgias.chat	config.gorgias.chat
5	fonts.gstatic.com	fonts.googleapis.com
4	d1nnh0c8uc313v.cloudfront.net	returns.foldedsteel.com
3	config.gorgias.chat	d1nnh0c8uc313v.cloudfront.net config.gorgias.chat
3	fonts.googleapis.com	d1nnh0c8uc313v.cloudfront.net client
3	q.stripe.com	returns.foldedsteel.com
3	js.stripe.com	returns.foldedsteel.com js.stripe.com
2	m.stripe.com	m.stripe.network
2	m.stripe.network	js.stripe.com m.stripe.network
2	api.loopreturns.com	d1nnh0c8uc313v.cloudfront.net
1	config.gorgias.io
1	rum.browser-intake-datadoghq.com	d1nnh0c8uc313v.cloudfront.net
1	cdn.amplitude.com	returns.foldedsteel.com
1	cdn.shopify.com	returns.foldedsteel.com
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	returns.foldedsteel.com
1	www.google.com	returns.foldedsteel.com
1	returns.foldedsteel.com
40	18

This site contains links to these domains. Also see Links.

Domain
foldedsteel.com
www.loopreturns.com

Subject Issuer	Validity	Valid
returns.foldedsteel.com R3	`2023-12-20` - `2024-03-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.loop.gift R3	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
gorgias.chat E1	`2023-12-04` - `2024-03-03`	3 months	crt.sh
cdn.shopify.com E1	`2023-11-08` - `2024-02-06`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh
cdn.amplitude.com Amazon RSA 2048 M02	`2023-12-14` - `2025-01-12`	a year	crt.sh
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-17` - `2024-06-18`	a year	crt.sh
config.gorgias.io GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-06-13` - `2024-07-14`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://returns.foldedsteel.com/
Frame ID: 0A2C6E5E7E281A8BE1E2261392A79A6E
Requests: 24 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: FF40472064481D3DC81A975CA48DE47F
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 7C428D2BF4F07ADF07C4869B1161E11C
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;600;700&display=swap
Frame ID: 4ACF162BDC257E75CA89010101C65918
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;600;700&display=swap
Frame ID: AF2F8B615EDB4BAFA34028EEC3EF976C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Folded Steel ReturnsLoop Returns | The returns solution for Shopify's top brands

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

40
Requests

100 %
HTTPS

56 %
IPv6

14
Domains

18
Subdomains

16
IPs

2
Countries

1659 kB
Transfer

4894 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://foldedsteel.com/
Title: Back to shop

Search URL Search Domain Scan URL

URL: https://www.loopreturns.com/powered-by-loop?utm_medium=customer_portal&utm_source=foldedsteel.com&utm_campaign=powered_by_loop
Title: Powered by Loop Returns | The returns solution for Shopify's top brands

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
returns.foldedsteel.com/ 3 KB
1 KB 385ms
106ms Document
text/html 35.82.247.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://returns.foldedsteel.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.82.247.11 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-247-11.us-west-2.compute.amazonaws.com

Software

openresty/1.21.4.2 /

Resource Hash

3566ff5b49b4d4678add2eee8b9e051c20560c18ddd47428908f1bd66a5c7624

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .loopreturns.com .myshopify.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.loopreturns.com *.myshopify.com
content-type: text/html; charset=utf-8
date: Wed, 20 Dec 2023 19:26:52 GMT
etag: W/"65832a20-a27"
last-modified: Wed, 20 Dec 2023 17:53:36 GMT
server: openresty/1.21.4.2
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 180ms
70ms Script
text/javascript 2607:f8b0:4004:c0b::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: returns.foldedsteel.com
URL: https://returns.foldedsteel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::93 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c0a8f2cd747b6b9cd15d4007388817291906a6b8b1c70b2bc39a64e603809b77

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://returns.foldedsteel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 19:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 20 Dec 2023 19:26:52 GMT

GET
H2 200 index.643beef1.js Show response
d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/ 799 KB
186 KB 479ms
304ms Script
application/javascript 2600:9000:21a2:8000:5:931b:16c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/index.643beef1.js
Requested by: Host: returns.foldedsteel.com
URL: https://returns.foldedsteel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a2:8000:5:931b:16c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 066e180a280c4ff848173e480972c5eae3fd7e31ae2036fabd5bbee20d4f49cd

Request headers

Referer: https://returns.foldedsteel.com/
Origin: https://returns.foldedsteel.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 9aWpMkam.Bbi_AQ8zpAnOxVFFLW7sAkv
content-encoding: gzip
via: 1.1 b7f480ddbe20bc339525f8e43ddce81a.cloudfront.net (CloudFront)
date: Wed, 20 Dec 2023 18:56:47 GMT
x-amz-cf-pop: YUL62-C1
age: 1833
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-expiration: expiry-date="Sat, 20 Jan 2024 00:00:00 GMT", rule-id="rule-1"
last-modified: Wed, 20 Dec 2023 17:53:40 GMT
server: AmazonS3
etag: W/"097cfd3c6b641e17ad38a0567cfa240a"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: DI46VQKRAwO2QpBBK5Cj1ODy3-f7vBL30TEYx6Ngf_fGKH1PJKksbw==

GET
H2 200 vendor.287826d9.js Show response
d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/ 888 KB
294 KB 254ms
80ms Script
application/javascript 2600:9000:21a2:8000:5:931b:16c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/vendor.287826d9.js
Requested by: Host: returns.foldedsteel.com
URL: https://returns.foldedsteel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a2:8000:5:931b:16c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7ee41aa2a344e6ae32ba0be084162ca1da9faa56a17a06009089fc9ac067f7f

Request headers

Referer: https://returns.foldedsteel.com/
Origin: https://returns.foldedsteel.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: PDnFf2uo8EJjSMIOo0AmTw75Bsx9mdLW
content-encoding: gzip
via: 1.1 b7f480ddbe20bc339525f8e43ddce81a.cloudfront.net (CloudFront)
date: Wed, 20 Dec 2023 18:56:47 GMT
x-amz-cf-pop: YUL62-C1
age: 1848
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-expiration: expiry-date="Thu, 11 Jan 2024 00:00:00 GMT", rule-id="rule-1"
last-modified: Mon, 11 Dec 2023 19:26:47 GMT
server: AmazonS3
etag: W/"a77c20c2863dae13c07b5296e9dd75a0"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: 0scuJNGP5Q6XmuziSgobI8_A4_Benn5GeB_fLrnsyu6JYN90mmx74Q==

GET
H2 200 index.f9f8af60.css
d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/ 808 KB
75 KB 253ms
79ms Stylesheet
text/css 2600:9000:21a2:8000:5:931b:16c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/index.f9f8af60.css
Requested by: Host: returns.foldedsteel.com
URL: https://returns.foldedsteel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a2:8000:5:931b:16c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f9f8af60b7f7f9f2bb0622bf58ba1c1cdffd0b240fa6ca7ea4f909dc7de415f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://returns.foldedsteel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: .2C6Dfs5L5uaashwopidHBfUauAHKNE8
content-encoding: gzip
via: 1.1 e830c64a8809a708404ba54d59d32214.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sat, 20 Jan 2024 00:00:00 GMT", rule-id="rule-1"
last-modified: Wed, 20 Dec 2023 17:53:40 GMT
server: AmazonS3
date: Wed, 20 Dec 2023 18:56:47 GMT
x-amz-cf-pop: YUL62-C1
age: 1833
x-amz-server-side-encryption: AES256
etag: W/"0676b73d16662387a1b15d33414be613"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: gmbETCC_0l2Bkx7FRnxit4QSDwPUE5SJOQWf4UaedsS-waKnoAcX8Q==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
89 KB 170ms
63ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XHPC1ZBWV3

Requested by

Host: returns.foldedsteel.com
URL: https://returns.foldedsteel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0253f986d194df1dc6fc40f742f44cee4bb014ec3a3ce51b8b7c883608633571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://returns.foldedsteel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 19:26:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91129
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Dec 2023 19:26:52 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 579 KB
143 KB 241ms
87ms Script
text/javascript 54.192.51.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: returns.foldedsteel.com
URL: https://returns.foldedsteel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.51.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-51-16.yul62.r.cloudfront.net

Software

Cloudfront /

Resource Hash

bed4ed406073398f8e51812a543b3c5994642624f948b20d407d801fbaf4aeab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://returns.foldedsteel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 19:26:27 GMT
content-encoding: br
via: 1.1 f7da5d3db9ee44e1812f138a4bdfd564.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 27
x-amz-cf-pop: YUL62-C2
x-cache: Hit from cloudfront
last-modified: Wed, 20 Dec 2023 19:02:37 GMT
server: Cloudfront
etag: W/"18c673a7660d3e6fbaca6b286e3a557e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 8JzOsA8h-Q7EjddQ0zXLe0PTl-XZ8f7rDQTXi49rCtIqDG7cp2ugrA==

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 503 KB
202 KB 160ms
53ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://returns.foldedsteel.com/
Origin: https://returns.foldedsteel.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205927
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 13:10:46 GMT

GET
H2 200 init Show response
api.loopreturns.com/api/v1/ 20 KB
20 KB 555ms
331ms XHR
application/json 35.82.247.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.loopreturns.com/api/v1/init

Requested by

Host: d1nnh0c8uc313v.cloudfront.net
URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/vendor.287826d9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.82.247.11 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-247-11.us-west-2.compute.amazonaws.com

Software

openresty/1.21.4.2 /

Resource Hash

c37aa4526dd5f895954b2b80db55dbf8d10cf8f221e8cddd72c1e9869c0f92cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .loopreturns.com .myshopify.com
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://returns.foldedsteel.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 19:26:53 GMT
content-security-policy: frame-ancestors 'self' *.loopreturns.com *.myshopify.com
x-content-type-options: nosniff, nosniff
x-loop-request-id: c2a32752-1d05-41da-804b-f498211500f7
x-xss-protection: 1; mode=block
server: openresty/1.21.4.2
x-frame-options: SAMEORIGIN, SAMEORIGIN
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://returns.foldedsteel.com
access-control-expose-headers: Version
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 300
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, X-Authorization, X-CSRF-TOKEN, x-datadog-trace-id, x-datadog-parent-id, x-datadog-origin, x-datadog-sampling-priority, x-datadog-sampled
x-ratelimit-remaining: 299
version: 0

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame FF40 200 B
1 KB 94ms
94ms Document
text/html 54.192.51.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.51.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-51-16.yul62.r.cloudfront.net

Software

Cloudfront /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://returns.foldedsteel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2787
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 20 Dec 2023 18:40:27 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Thu, 14 Dec 2023 21:10:54 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 f7da5d3db9ee44e1812f138a4bdfd564.cloudfront.net (CloudFront)
x-amz-cf-id: 921P4ZhgD9wOgHPjZQIPJkrKr4eMNUyWOM9WvS4y0D8JBlToY7CZGw==
x-amz-cf-pop: YUL62-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FF40 631 B
1 KB 73ms
73ms Script
text/javascript 54.192.51.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.51.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-51-16.yul62.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 18:40:43 GMT
via: 1.1 f7da5d3db9ee44e1812f138a4bdfd564.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 2770
x-amz-cf-pop: YUL62-C2
x-cache: Hit from cloudfront
content-length: 631
last-modified: Sat, 16 Dec 2023 02:01:35 GMT
server: Cloudfront
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: o47uWFX_DocZ0MGPcB-fTBwRdq-tyNL_UHy-HAkujCeLIaPeiez7IQ==

POST
H2 200 csp-report
q.stripe.com/ Frame FF40 0
715 B 319ms
106ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: returns.foldedsteel.com
URL: https://returns.foldedsteel.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 20 Dec 2023 19:26:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703100413507762
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703100413507430
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame FF40 0
715 B 320ms
107ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: returns.foldedsteel.com
URL: https://returns.foldedsteel.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 20 Dec 2023 19:26:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703100413507998
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703100413507412
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 7C42 930 B
2 KB 178ms
57ms Document
text/html 2600:9000:250a:2e00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:250a:2e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 171
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 20 Dec 2023 19:24:03 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
x-amz-cf-id: OXdt2t5rMiBUE-vEEh-pYecss-W5Wj71HZCU8NA7b72Cf1nQULG0Ew==
x-amz-cf-pop: IAD12-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 7C42 0
490 B 105ms
104ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: returns.foldedsteel.com
URL: https://returns.foldedsteel.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 20 Dec 2023 19:26:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703100413554475
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1703100413553884
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 7C42 87 KB
15 KB 144ms
144ms Script
text/javascript 2600:9000:250a:2e00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:250a:2e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 19:23:54 GMT
content-encoding: br
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 179
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: IAD12-P3
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: _3svPfiqlPtXClwHAKG16Zx1l4pQP33fuLQdW1bemwxEW0Red1pxwQ==

GET
H2 200 css
fonts.googleapis.com/ 717 B
779 B 170ms
62ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%7CLato

Requested by

Host: d1nnh0c8uc313v.cloudfront.net
URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/vendor.287826d9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://returns.foldedsteel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 19:26:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 19:12:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 19:26:53 GMT

GET
H2 200 reason-groups Show response
api.loopreturns.com/api/v1/9016/ 6 KB
6 KB 188ms
188ms XHR
application/json 35.82.247.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.loopreturns.com/api/v1/9016/reason-groups

Requested by

Host: d1nnh0c8uc313v.cloudfront.net
URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/vendor.287826d9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.82.247.11 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-247-11.us-west-2.compute.amazonaws.com

Software

openresty/1.21.4.2 /

Resource Hash

2c6c6f8145614b8a4d44083f5b05a4caa316d755d549566039b98acee8f0316e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .loopreturns.com .myshopify.com
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://returns.foldedsteel.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 19:26:53 GMT
content-security-policy: frame-ancestors 'self' *.loopreturns.com *.myshopify.com
x-content-type-options: nosniff, nosniff
x-loop-request-id: e46ef375-6837-4b63-adcc-f60836aee6bf
x-xss-protection: 1; mode=block
server: openresty/1.21.4.2
x-frame-options: SAMEORIGIN, SAMEORIGIN
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://returns.foldedsteel.com
access-control-expose-headers: Version
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 300
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, X-Authorization, X-CSRF-TOKEN, x-datadog-trace-id, x-datadog-parent-id, x-datadog-origin, x-datadog-sampling-priority, x-datadog-sampled
x-ratelimit-remaining: 298
version: 0

GET
H2 200 gorgias-chat-bundle-loader.js Show response
config.gorgias.chat/ 2 KB
1 KB 144ms
75ms Script
application/javascript 2606:4700::6812:125f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://config.gorgias.chat/gorgias-chat-bundle-loader.js?applicationId=01GYCCJ6WGWY6YRDEZAKJQMY6J

Requested by

Host: d1nnh0c8uc313v.cloudfront.net
URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/index.643beef1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:125f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

547abf231ff630a14018745a3cccd39ef504920766829097a6a057bc3ca280b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://returns.foldedsteel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 19:26:53 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 google
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"831-qo2nYTVIje9myIWEGOTL6m2yO+0"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
cf-ray: 838a47928d7a7435-MIA

GET
H2 200 ALT_Combo_Long_Off_Black_b457b932-7372-4a51-af23-dedae898f184.png
cdn.shopify.com/s/files/1/0360/8752/9531/files/ 11 KB
11 KB 155ms
94ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0360/8752/9531/files/ALT_Combo_Long_Off_Black_b457b932-7372-4a51-af23-dedae898f184.png?v=1703086151

Requested by

Host: returns.foldedsteel.com
URL: https://returns.foldedsteel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

77c2ba242f1a069a4934d3ea094bb35e7d8ca1f3b704c48680416b6303db1ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://returns.foldedsteel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 19:26:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
source-type: image/png
server-timing: imagery;dur=129.122, imageryFetch;dur=38.162, imageryProcess;dur=89.530;desc="image", cfRequestDuration;dur=65.999985
source-length: 23389
content-length: 10822
x-xss-protection: 1; mode=block
x-request-id: d40b1b6c-d714-45ab-a891-ec5324b3500d
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Dec 2023 15:32:45 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqutnFulaks3ZHCLUyV%2F4iq8oj6IdQcXrUx5xvxyNmiIaC%2Fosh3IPXfJYUpYFPqUSL4zsiIlLgPGJNvE%2BO%2BjXXSV64JfEFatCsa4s1pHopvmgiOw7i7Xei5RhKHJ1uaemQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0360/8752/9531/files/ALT_Combo_Long_Off_Black_b457b932-7372-4a51-af23-dedae898f184.png>; rel="canonical"
cf-ray: 838a479288ea9aec-MIA

GET
H2 200 close.svg
d1nnh0c8uc313v.cloudfront.net/customer-portal/img/icons/ 652 B
1 KB 72ms
72ms Image
image/svg+xml 2600:9000:21a2:8000:5:931b:16c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/img/icons/close.svg
Requested by: Host: returns.foldedsteel.com
URL: https://returns.foldedsteel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a2:8000:5:931b:16c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91c4e52fb442a8db49f6288f4e0c59376f0f8c9675bc8e847154e576dd57944b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://returns.foldedsteel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: wLQBcbiDVb6HuciF67_hcJzlYZXXe3VY
date: Wed, 20 Dec 2023 19:17:07 GMT
via: 1.1 e830c64a8809a708404ba54d59d32214.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
age: 621
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 652
x-amz-expiration: expiry-date="Mon, 15 Jan 2024 00:00:00 GMT", rule-id="rule-1"
last-modified: Fri, 15 Dec 2023 21:29:22 GMT
server: AmazonS3
etag: "765baec03ebf4eba6af7248b4b6e190d"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
accept-ranges: bytes
x-amz-cf-id: w1KoHARIMxo_IBEHMo-GL8Req1jehlmk4zBFvIwAANq8g_vzszjGMg==

POST
H2 200 6 Show response
m.stripe.com/ Frame 7C42 156 B
666 B 317ms
106ms XHR
application/json 54.201.135.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.201.135.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-135-255.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

956766fbb36e5fe76a973e7026443271e5b39cac97607e27cfe02df1018ab1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 20 Dec 2023 19:26:54 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703100414041421
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1703100414041041
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 185ms
53ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%7CLato

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://returns.foldedsteel.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:22:42 GMT
x-content-type-options: nosniff
age: 65052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 01:22:42 GMT

GET
H2 200 gorgias-chat-bundle.js Show response
config.gorgias.chat/ 538 KB
170 KB 100ms
99ms Script
application/javascript 2606:4700::6812:125f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://config.gorgias.chat/gorgias-chat-bundle.js?rev=4ea6e35f&appKey=01GYCCJ6WGWY6YRDEZAKJQMY6J

Requested by

Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle-loader.js?applicationId=01GYCCJ6WGWY6YRDEZAKJQMY6J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:125f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a936986acce5ea6b7a52989f56e0758bcdfce5cb0b309adcea20592acd671789

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://returns.foldedsteel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 19:26:53 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 google
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"867d2-UDFPm9GaWcWdxNZgVj2Ta8V/xHs"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
cf-ray: 838a47930e687435-MIA

GET
H2 200 998.b5ad0dc8e327ca5a.js
assets.gorgias.chat/build/static/js/ 0
16 KB 48ms
40ms Other
application/javascript 2606:4700::6812:125f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/build/static/js/998.b5ad0dc8e327ca5a.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=4ea6e35f&appKey=01GYCCJ6WGWY6YRDEZAKJQMY6J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:125f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://returns.foldedsteel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 19:26:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 1247625
x-guploader-uploadid: ABPtcPpIHBaoEQFE4uROJY_Vfrwz7oNA_ggC8NrcYBQwtWhcAcpiSFXoyFhTMp0n0MZF8Ii4cbwFqctZp-e_G2M23cN1uw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
last-modified: Wed, 06 Dec 2023 08:36:56 GMT
server: cloudflare
etag: W/"3f810089ffaa5a6acf0226b7eec7c180"
vary: Accept-Encoding
x-goog-generation: 1701851816097436
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=yHWi+w==, md5=P4EAif+qWmrPAia37sfBgA==
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-goog-stored-content-length: 15963
cf-ray: 838a4794da7d7435-MIA
expires: Thu, 05 Dec 2024 08:42:46 GMT

GET
H2 200 gcmw.6fedaa4a7670d225.js
assets.gorgias.chat/build/static/js/ 0
134 KB 62ms
56ms Other
application/javascript 2606:4700::6812:125f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/build/static/js/gcmw.6fedaa4a7670d225.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=4ea6e35f&appKey=01GYCCJ6WGWY6YRDEZAKJQMY6J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:125f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://returns.foldedsteel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 19:26:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 119271
x-guploader-uploadid: ABPtcPp5dEj2CFHK31S65CbONYhCd3EKqk1jLi4MZpwXxMzMSm2GoG2G4Fb1PmUAapt__WVXyJQYAoEbFEvpENCJmAYr2w
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
last-modified: Tue, 19 Dec 2023 10:01:44 GMT
server: cloudflare
etag: W/"62b72f1859eda9452cde372b85efda28"
vary: Accept-Encoding
x-goog-generation: 1702980104192999
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=tBGPuQ==, md5=YrcvGFntqUUs3jcrhe/aKA==
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-goog-stored-content-length: 143076
cf-ray: 838a4794da7e7435-MIA
expires: Wed, 18 Dec 2024 10:10:59 GMT

GET
H2 200 analytics-browser-0.4.1-min.js.gz Show response
cdn.amplitude.com/libs/ 53 KB
18 KB 160ms
58ms Script
application/javascript 52.85.150.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/analytics-browser-0.4.1-min.js.gz
Requested by: Host: returns.foldedsteel.com
URL: https://returns.foldedsteel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.150.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-150-135.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d3b81d7cf7f951d87a3f2c4939b1c8e335e68f27818ff64ad77ded066766d3

Request headers

Referer: https://returns.foldedsteel.com/
Origin: https://returns.foldedsteel.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:22:37 GMT
content-encoding: gzip
via: 1.1 738984066968793a5714282f49fe0ab8.cloudfront.net (CloudFront)
x-amz-version-id: 3tiMn1yxqbLQOcjMnW8jUlpmbLeU2Kej
x-amz-cf-pop: IAD89-C3
age: 14658
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17692
last-modified: Tue, 17 May 2022 16:56:10 GMT
server: AmazonS3
etag: "8bd714eb9b159a7745c3f9359d646ba4"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: cH4FjGGZ8NwfBH2OXuVwbYktbL2loeADuEwE7VCYfFFWWREM-FJHrw==

GET
H2 200 agents Show response
config.gorgias.chat/applications/01GYCCJ6WGWY6YRDEZAKJQMY6J/ 298 B
816 B 160ms
104ms XHR
application/json 2606:4700::6812:125f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://config.gorgias.chat/applications/01GYCCJ6WGWY6YRDEZAKJQMY6J/agents

Requested by

Host: d1nnh0c8uc313v.cloudfront.net
URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/vendor.287826d9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:125f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fadad10b05564437c525d33254c409403138ae0529dbce16ddd654b99f6ec8b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://returns.foldedsteel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 19:26:54 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 google
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"12a-nNhx4iYSVHijdsaHSZ4HHCmnsa4"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
vary: Accept-Encoding
cf-ray: 838a47954a24747b-MIA

GET
H2 200 css2
fonts.googleapis.com/ Frame 4ACF 2 KB
537 B 63ms
62ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://returns.foldedsteel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 19:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 19:25:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 19:26:54 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 4ACF 23 KB
23 KB 52ms
52ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://returns.foldedsteel.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:22:42 GMT
x-content-type-options: nosniff
age: 65052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 01:22:42 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 4ACF 23 KB
23 KB 69ms
69ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://returns.foldedsteel.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:04:21 GMT
x-content-type-options: nosniff
age: 130953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 07:04:21 GMT

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
344 B 281ms
148ms Fetch
application/json 2600:1f18:24e6:b900:2158:f167:850f:e50e
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.48.2%2Capi%3Afetch%2Cenv%3Aproduction-20201208%2Cservice%3Acustomer-portal%2Cversion%3A1299d60fbd4764ebcf86be556c3813fa44562e80&dd-api-key=pub43308b8ec7f4ef20b2b7247cf04bddcf&dd-evp-origin-version=4.48.2&dd-evp-origin=browser&dd-request-id=095e2a25-16d1-4a8d-ab57-701845ab236d&batch_time=1703100414377

Requested by

Host: d1nnh0c8uc313v.cloudfront.net
URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/vendor.287826d9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:2158:f167:850f:e50e Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

cb73b89397a5f061a6f95fdec9398f74c74d0ef26b1ceb21d02e562098ed42f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://returns.foldedsteel.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Dec 2023 19:26:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: 095e2a25-16d1-4a8d-ab57-701845ab236d

GET
H2 200 998.b5ad0dc8e327ca5a.js Show response
assets.gorgias.chat/build/static/js/ 50 KB
16 KB 39ms
38ms Script
application/javascript 2606:4700::6812:125f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/build/static/js/998.b5ad0dc8e327ca5a.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=4ea6e35f&appKey=01GYCCJ6WGWY6YRDEZAKJQMY6J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:125f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffa10ed052d7d5b1d5b0b15ae5da4a4f3331ab99efd6bc9bcac517d9c3c319d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://returns.foldedsteel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 19:26:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 1247628
x-guploader-uploadid: ABPtcPpIHBaoEQFE4uROJY_Vfrwz7oNA_ggC8NrcYBQwtWhcAcpiSFXoyFhTMp0n0MZF8Ii4cbwFqctZp-e_G2M23cN1uw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
last-modified: Wed, 06 Dec 2023 08:36:56 GMT
server: cloudflare
etag: W/"3f810089ffaa5a6acf0226b7eec7c180"
vary: Accept-Encoding
x-goog-generation: 1701851816097436
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=yHWi+w==, md5=P4EAif+qWmrPAia37sfBgA==
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-goog-stored-content-length: 15963
cf-ray: 838a47a7ac7e7435-MIA
expires: Thu, 05 Dec 2024 08:42:46 GMT

GET
H2 200 690.95f8e9fb6cdb3632.js Show response
assets.gorgias.chat/build/static/js/ 8 KB
3 KB 37ms
37ms Script
application/javascript 2606:4700::6812:125f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/build/static/js/690.95f8e9fb6cdb3632.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=4ea6e35f&appKey=01GYCCJ6WGWY6YRDEZAKJQMY6J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:125f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 652178b4fe302eda1fb87fabcbfb4bd42d7d167993745f22fb6c9ec4d8e3cbe1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://returns.foldedsteel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 19:26:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 1675762
x-guploader-uploadid: ABPtcPrGsmxO5K5k_fhUa9BCEE8tDjeaAxCmSdY5nKiFHtfq7gqRhH8dF--YVedhU4D1bSNV2UybVDSSLfyOnJfVeDQzWw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
last-modified: Fri, 24 Nov 2023 16:54:32 GMT
server: cloudflare
etag: W/"adb43cfdd89a5d39398c4abefd984a8b"
vary: Accept-Encoding
x-goog-hash: crc32c=M9XzLw==, md5=rbQ8/diaXTk5jEq+/ZhKiw==
x-goog-generation: 1700844871915877
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, s-maxage=31536000
x-goog-stored-content-length: 3031
cf-ray: 838a47a7ac837435-MIA
expires: Thu, 28 Nov 2024 05:35:50 GMT

GET
H2 200 campaigns.551b1de1a7792220.js Show response
assets.gorgias.chat/build/static/js/ 31 KB
12 KB 39ms
39ms Script
application/javascript 2606:4700::6812:125f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/build/static/js/campaigns.551b1de1a7792220.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=4ea6e35f&appKey=01GYCCJ6WGWY6YRDEZAKJQMY6J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:125f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d21eea8568f55f76999ff1d0c9f81b9a701f4a82bb0bd4cd1bf811fb82f0e8d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://returns.foldedsteel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 19:26:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 540343
x-guploader-uploadid: ABPtcPqKggl7Nh-4taB_7qxawTI7YzkTHqeTBi2f2PWeF7z783a-73HE3atzAqRndxIxJaX0V-rfWO75EabNWLAskhMdlA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
last-modified: Thu, 14 Dec 2023 12:38:43 GMT
server: cloudflare
etag: W/"103a913f292bad3d56e0e2b5b6016707"
vary: Accept-Encoding
x-goog-generation: 1702557523881302
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=b0K8FA==, md5=EDqRPykrrT1W4OK1tgFnBw==
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-goog-stored-content-length: 11510
cf-ray: 838a47a7bc8b7435-MIA
expires: Fri, 13 Dec 2024 13:16:52 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 7C42 156 B
666 B 107ms
106ms XHR
application/json 54.201.135.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.201.135.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-135-255.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

956766fbb36e5fe76a973e7026443271e5b39cac97607e27cfe02df1018ab1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 20 Dec 2023 19:26:57 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703100417951206
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1703100417950946
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 css2
fonts.googleapis.com/ Frame AF2F 2 KB
441 B 62ms
61ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://returns.foldedsteel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 19:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 19:12:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 19:26:58 GMT

GET
H2 200 56e4bf53-9edd-4fea-8bab-bbef46db930a.png
config.gorgias.io/production/8X1Bk7dXPE7KgRm0/smooch_inside/avatar_team_pictures/984vj29dZ06PKGOZ/ Frame AF2F 119 KB
120 KB 111ms
29ms Image
image/png 151.101.130.217

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://config.gorgias.io/production/8X1Bk7dXPE7KgRm0/smooch_inside/avatar_team_pictures/984vj29dZ06PKGOZ/56e4bf53-9edd-4fea-8bab-bbef46db930a.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 9619a7bf5f9b7c2f695ca56a7f953a5c7340157af48006d278688d48662be88d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://returns.foldedsteel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 21 Dec 2023 15:08:30 GMT
date: Wed, 20 Dec 2023 19:26:58 GMT
via: 1.1 varnish
age: 15508
x-guploader-uploadid: ABPtcPqabSqj8l1_3Z-5u43vdkC09z56DKknE1UcK1-8w276ldmoLWPoFBphJIJwAxAds6AyQ3U
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 122207
x-served-by: cache-mia-kmia1760088-MIA
last-modified: Sat, 13 Aug 2022 16:59:12 GMT
server: UploadServer
x-timer: S1703100418.399633,VS0,VE2
etag: "44fb79981140271234165516c3307482"
x-goog-generation: 1660409952233976
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=K49i/w==, md5=RPt5mBFAJxI0FlUWwzB0gg==
access-control-expose-headers: *
cache-control: max-age=300
x-goog-stored-content-length: 122207
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame AF2F 23 KB
23 KB 54ms
53ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://returns.foldedsteel.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:04:21 GMT
x-content-type-options: nosniff
age: 130957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 07:04:21 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame AF2F 23 KB
23 KB 55ms
55ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://returns.foldedsteel.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:22:42 GMT
x-content-type-options: nosniff
age: 65056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 01:22:42 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m.stripe.com/	1970-01-21 02:41:00	Name: m Value: 508450c6-384f-425a-b0a1-e6ad8571006ee49e14
.returns.foldedsteel.com/	1970-01-21 01:50:36	Name: __stripe_mid Value: 35ddaf76-ee3c-4c15-9b4c-24c4ef158127a36557
.returns.foldedsteel.com/	1970-01-20 17:05:02	Name: __stripe_sid Value: bccf7e80-7e11-4a6e-802a-666e89ba837a864cc8
returns.foldedsteel.com/	1970-01-20 17:05:01	Name: _dd_s Value: rum=2&id=ceec6968-db8b-4b8b-b48d-ed984d78f03b&created=1703100413126&expire=1703101313126
returns.foldedsteel.com/	1970-01-21 01:50:36	Name: AMP_9bdc728a74 Value: {"deviceId":"233b64d3-5d52-49ee-b778-f918f2df6f97","sessionId":1703100418281,"optOut":false}

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .loopreturns.com .myshopify.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.loopreturns.com
assets.gorgias.chat
cdn.amplitude.com
cdn.shopify.com
config.gorgias.chat
config.gorgias.io
d1nnh0c8uc313v.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
returns.foldedsteel.com
rum.browser-intake-datadoghq.com
www.google.com
www.googletagmanager.com
www.gstatic.com
151.101.130.217
23.227.60.200
2600:1f18:24e6:b900:2158:f167:850f:e50e
2600:9000:21a2:8000:5:931b:16c0:21
2600:9000:250a:2e00:19:7d10:bd80:93a1
2606:4700::6812:125f
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c09::61
2607:f8b0:4004:c0b::93
35.82.247.11
52.85.150.135
54.187.159.182
54.192.51.16
54.201.135.255
0253f986d194df1dc6fc40f742f44cee4bb014ec3a3ce51b8b7c883608633571
066e180a280c4ff848173e480972c5eae3fd7e31ae2036fabd5bbee20d4f49cd
0fadad10b05564437c525d33254c409403138ae0529dbce16ddd654b99f6ec8b
2c6c6f8145614b8a4d44083f5b05a4caa316d755d549566039b98acee8f0316e
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
3566ff5b49b4d4678add2eee8b9e051c20560c18ddd47428908f1bd66a5c7624
51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5
547abf231ff630a14018745a3cccd39ef504920766829097a6a057bc3ca280b4
652178b4fe302eda1fb87fabcbfb4bd42d7d167993745f22fb6c9ec4d8e3cbe1
77c2ba242f1a069a4934d3ea094bb35e7d8ca1f3b704c48680416b6303db1ded
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91c4e52fb442a8db49f6288f4e0c59376f0f8c9675bc8e847154e576dd57944b
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
956766fbb36e5fe76a973e7026443271e5b39cac97607e27cfe02df1018ab1e9
9619a7bf5f9b7c2f695ca56a7f953a5c7340157af48006d278688d48662be88d
a936986acce5ea6b7a52989f56e0758bcdfce5cb0b309adcea20592acd671789
bed4ed406073398f8e51812a543b3c5994642624f948b20d407d801fbaf4aeab
c0a8f2cd747b6b9cd15d4007388817291906a6b8b1c70b2bc39a64e603809b77
c37aa4526dd5f895954b2b80db55dbf8d10cf8f221e8cddd72c1e9869c0f92cd
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cb73b89397a5f061a6f95fdec9398f74c74d0ef26b1ceb21d02e562098ed42f3
d21eea8568f55f76999ff1d0c9f81b9a701f4a82bb0bd4cd1bf811fb82f0e8d4
d7ee41aa2a344e6ae32ba0be084162ca1da9faa56a17a06009089fc9ac067f7f
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f6d3b81d7cf7f951d87a3f2c4939b1c8e335e68f27818ff64ad77ded066766d3
f9f8af60b7f7f9f2bb0622bf58ba1c1cdffd0b240fa6ca7ea4f909dc7de415f3
ffa10ed052d7d5b1d5b0b15ae5da4a4f3331ab99efd6bc9bcac517d9c3c319d9

returns.foldedsteel.com Open in urlscan Pro 35.82.247.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

56 %IPv6

14 Domains

18 Subdomains

16 IPs

2 Countries

1659 kBTransfer

4894 kBSize

5 Cookies

2 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

returns.foldedsteel.com Open in urlscan Pro
35.82.247.11 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

56 %
IPv6

14
Domains

18
Subdomains

16
IPs

2
Countries

1659 kB
Transfer

4894 kB
Size

5
Cookies

40 HTTP transactions
0 data transactions