urlscan.io logo urlscan.io
SecurityTrails logo

legit-returns.com Open in urlscan Pro
66.85.47.62  Public Scan

Go To Rescan Add Verdict Report
URL: https://legit-returns.com/
Submission: On April 05 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 8 domains to perform 54 HTTP transactions. The main IP is 66.85.47.62, located in United States and belongs to HOST4GEEKS-LLC, US. The main domain is legit-returns.com.
TLS certificate: Issued by R3 on April 2nd 2024. Valid for: 3 months.
This is the only time legit-returns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

22    66.85.47.62 (United States)

ASN393960 (HOST4GEEKS-LLC, US)
PTR: server6.websiteserverbox.com
legit-returns.com
4    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    2607:f8b0:4020:804::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
translate.google.com
4    2606:4700::6811:f5cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
9    2a03:9d40:801:ff00::1 (Ashburn, United States)

ASN41095 (IPTP, GB)
code.jivosite.com
3    2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2606:4700:e2::ac40:8107 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
3    2607:f8b0:4020:807::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2607:f8b0:4020:806::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)
translate.googleapis.com
3    2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    62.84.125.202 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)
node-ya-10.jivosite.com
Apex Domain
Subdomains		 Transfer
22 legit-returns.com
legit-returns.com
624 KB
10 jivosite.com
code.jivosite.com — Cisco Umbrella Rank: 40768
node-ya-10.jivosite.com — Cisco Umbrella Rank: 206769
311 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
40 KB
5 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1784
ka-f.fontawesome.com — Cisco Umbrella Rank: 4423
35 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
translate.googleapis.com — Cisco Umbrella Rank: 951
75 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 750
60 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 332
126 KB
1 google.com
translate.google.com — Cisco Umbrella Rank: 1258
31 KB
54 8
Domain Requested by
22 legit-returns.com 1 redirects legit-returns.com
9 code.jivosite.com legit-returns.com
code.jivosite.com
4 ka-f.fontawesome.com kit.fontawesome.com
4 unpkg.com 1 redirects legit-returns.com
4 cdn.jsdelivr.net legit-returns.com
cdn.jsdelivr.net
3 fonts.gstatic.com fonts.googleapis.com
legit-returns.com
3 www.gstatic.com legit-returns.com
www.gstatic.com
3 fonts.googleapis.com legit-returns.com
1 node-ya-10.jivosite.com code.jivosite.com
1 translate.googleapis.com
1 translate.google.com legit-returns.com
1 kit.fontawesome.com legit-returns.com
54 12

This site contains links to these domains. Also see Links.

Domain
translate.google.com
www.jivochat.com
Subject Issuer Validity Valid
*.legit-returns.com
R3		 2024-04-02 -
2024-07-01		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
unpkg.com
GTS CA 1P5		 2024-04-01 -
2024-06-30		 3 months crt.sh
*.jivosite.com
Go Daddy Secure Certificate Authority - G2		 2023-04-05 -
2024-05-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
ka-f.fontawesome.com
GTS CA 1P5		 2024-03-05 -
2024-06-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://legit-returns.com/
Frame ID: 2534725020AB28B40631B79E76F6B990
Requests: 58 HTTP requests in this frame

Frame: data://truncated
Frame ID: 1A6FAB249A564A1968EB04331BB979A1
Requests: 1 HTTP requests in this frame

Frame: https://code.jivosite.com/js/70c5213/omnichannelMenu.js
Frame ID: 4B2C375E5447E6906CCEF9C42C474B1D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Legit Returns||Capitals

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

54
Requests

96 %
HTTPS

83 %
IPv6

8
Domains

12
Subdomains

14
IPs

3
Countries

1300 kB
Transfer

3112 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
  • https://unpkg.com/swiper@11.1.0/swiper-bundle.min.js
Request Chain 41
  • https://legit-returns.com/images/next-trade.mp4 HTTP 302
  • https://legit-returns.com/

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
legit-returns.com/ 		21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
f10bc4933f54724f5ac4b52437125ff9d475ef035df732ec340de73879d4fb06

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, private
content-encoding
br
content-length
5248
content-type
text/html; charset=UTF-8
date
Fri, 05 Apr 2024 13:42:58 GMT
server
Apache
vary
Accept-Encoding
bootstrap.css
legit-returns.com/css/ 		160 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://legit-returns.com/css/bootstrap.css
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
cd9d6b894dfbe81bbe09e59774a6733aac5b73a946759bb9f740cde4203c166a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
content-encoding
br
last-modified
Tue, 02 May 2023 04:16:46 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
21236
icons.css
legit-returns.com/css/ 		80 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://legit-returns.com/css/icons.css
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
0dd3a49189344c3666372aec04cce7094c2b21fe22dd074b3c2a9aeb683bd61b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
content-encoding
br
last-modified
Tue, 02 May 2023 04:16:46 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
10237
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.3/font/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.3/font/bootstrap-icons.css
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
616ed4ef1e7dad43d9dc35b340a6da94cffd8f60a9f306a925540f4712f8c359
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 05 Apr 2024 13:42:59 GMT
x-content-type-options
nosniff
content-encoding
br
age
793876
x-jsd-version
1.8.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10893
x-served-by
cache-fra-eddf8230112-FRA, cache-lga21939-LGA
x-jsd-version-type
version
etag
W/"13a95-GT7jENNppf/cnpgQOlL+nX8dUxI"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
stylescss.css
legit-returns.com/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://legit-returns.com/css/stylescss.css
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
2e38f091b2eec5b0bad1897874986bab054fc17306c428fede59753c95743911

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
content-encoding
br
last-modified
Sat, 30 Sep 2023 18:32:32 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1421
bootstrap.js
legit-returns.com/js/ 		76 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legit-returns.com/js/bootstrap.js
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
237e83161bfe098cbefdb3ed2ec69d4a7f2ce17a24f7caa14d9f0ae5dc0a8291

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
content-encoding
br
last-modified
Tue, 02 May 2023 04:16:48 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
22232
3848c6a7f0.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/3848c6a7f0.js
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dba70746c194e881022f486054da40c8bbdad355c39551132b1796664d83fd4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
Origin
https://legit-returns.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
86f9f6ee9d860cb2-EWR
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F8LlSpBzsdWOCaMv6csi
element.js
translate.google.com/translate_a/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
74905521f49239680068afdeff73669d90ef7e0b18a54a4119b1d28950361528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 05 Apr 2024 13:42:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
aos.css
unpkg.com/aos@2.3.1/dist/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.css
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1980605
last-modified
Thu, 17 May 2018 22:11:13 GMT
fly-request-id
01HRW73V2D72FSQJFHJEMHE4ZY-lga
server
cloudflare
etag
W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86f9f6ee8ab9187d-EWR
aos.js
unpkg.com/aos@2.3.1/dist/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.js
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1971778
last-modified
Thu, 17 May 2018 22:11:13 GMT
fly-request-id
01HRWFH7H86WS288Z2S2ES6K57-lga
server
cloudflare
etag
W/"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86f9f6ee8aba187d-EWR
swippercss.css
legit-returns.com/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://legit-returns.com/css/swippercss.css
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
90f2c76ac881b9b3a46ba7bfe893bfce7b2106fd4315fa9829e7f544709fda57

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
content-encoding
br
last-modified
Sun, 21 May 2023 16:03:28 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
4362
splide.min.css
cdn.jsdelivr.net/npm/@splidejs/splide@4.0.7/dist/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@splidejs/splide@4.0.7/dist/css/splide.min.css
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e98acab7bbcc53d7b86f0b656e5012aa1bef12de3fd0911027fcf258e14a9da3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 05 Apr 2024 13:42:59 GMT
x-content-type-options
nosniff
content-encoding
br
age
6251400
x-jsd-version
4.0.7
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1379
x-served-by
cache-fra-eddf8230060-FRA, cache-lga21939-LGA
x-jsd-version-type
version
etag
W/"13e2-OqTFC3vdoyvLG9IHYUHSUtgnF6k"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
splide.min.js
cdn.jsdelivr.net/npm/@splidejs/splide@4.0.7/dist/js/ 		29 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@splidejs/splide@4.0.7/dist/js/splide.min.js
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aad4aeffbcc5775cf1d8668637bc80b96c885eec42ec856b7d2a677110f15082
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 05 Apr 2024 13:42:59 GMT
x-content-type-options
nosniff
content-encoding
br
age
892342
x-jsd-version
4.0.7
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
13253
x-served-by
cache-fra-eddf8230036-FRA, cache-lga21939-LGA
x-jsd-version-type
version
etag
W/"73e8-RYc5rJjiQhZqqqVOlxDRHZASsP0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
lymecapitals.png
legit-returns.com/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legit-returns.com/images/lymecapitals.png
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
3e73fbaed6ba056052f8ad1daad5f98de966065f0777520980b85575c0b01428

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
last-modified
Sat, 30 Sep 2023 18:28:28 GMT
server
Apache
accept-ranges
bytes
content-length
19007
content-type
image/png
arab1.jpg
legit-returns.com/images/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legit-returns.com/images/arab1.jpg
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
3a0758e8814364861a91f1a61aec9ce9698f76e3a2442fbce8fcaec8580a37af

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
last-modified
Sat, 30 Sep 2023 18:34:22 GMT
server
Apache
accept-ranges
bytes
content-length
52801
content-type
image/jpeg
arab3.jpg
legit-returns.com/images/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legit-returns.com/images/arab3.jpg
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
1222cffac2665bfcbdf1f5990e7eef260dd04655033d38692d70292d1bc4c653

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
last-modified
Sat, 16 Sep 2023 09:36:02 GMT
server
Apache
accept-ranges
bytes
content-length
53591
content-type
image/jpeg
argiculture.jpg
legit-returns.com/images/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legit-returns.com/images/argiculture.jpg
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
33dd178b3a1fa31ec4c26b6a0415de4bee9126b4e0e4797fb482c6202847c404

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
last-modified
Sun, 21 May 2023 16:26:06 GMT
server
Apache
accept-ranges
bytes
content-length
125136
content-type
image/jpeg
arab2.jpg
legit-returns.com/images/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legit-returns.com/images/arab2.jpg
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
5812823f07b9025a0109323a45e169a8687160f762248823761a8d385c1a6fc1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
last-modified
Sat, 16 Sep 2023 09:34:08 GMT
server
Apache
accept-ranges
bytes
content-length
42675
content-type
image/jpeg
energy.jpg
legit-returns.com/images/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legit-returns.com/images/energy.jpg
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
62f407bd2d9c4f8df4d4cee7f88122dd749ea6f0b7ddf7f8306c5b4495c48464

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
last-modified
Sun, 21 May 2023 16:38:28 GMT
server
Apache
accept-ranges
bytes
content-length
76318
content-type
image/jpeg
arab4.jpg
legit-returns.com/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legit-returns.com/images/arab4.jpg
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
5bbcf17094ebdbb00e68084e1bfd477b9090de56d98ebf74f9e19c6d592d2046

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
last-modified
Sat, 16 Sep 2023 09:35:24 GMT
server
Apache
accept-ranges
bytes
content-length
31118
content-type
image/jpeg
swiper-bundle.min.js
unpkg.com/swiper@11.1.0/
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.min.js
  • https://unpkg.com/swiper@11.1.0/swiper-bundle.min.js
146 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@11.1.0/swiper-bundle.min.js
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3444ae492a5500c9c803a93b7977a540fb136fb32e8f1676f3131a19f47f43ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legit-returns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
695729
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HT2GF51SMB6TKZ8B9MHWR231-lga
server
cloudflare
etag
"248f4-UbKgCErTdO/FBJ9XWCSBOZmacxw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
86f9f6efdbfb187d-EWR

Redirect headers

date
Fri, 05 Apr 2024 13:42:59 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01HTQ7QVBCS835E2W0PD56YB6F-lga
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
238
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@11.1.0/swiper-bundle.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
86f9f6ef9bc0187d-EWR
bitcoin.webp
legit-returns.com/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legit-returns.com/images/bitcoin.webp
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
31f7e2f50ccf52af4c972529b9eb6227e3e2f222875ca2709cf8d9a47772e2fa

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
content-encoding
br
last-modified
Sun, 21 May 2023 16:46:32 GMT
server
Apache
vary
Accept-Encoding
content-type
image/webp
accept-ranges
bytes
content-length
19597
savings-3.webp
legit-returns.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legit-returns.com/images/savings-3.webp
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
771c6f625d421fed6fe70b91bb2890fdc47ff20a7e429fe2de7e351dc54fc811

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
content-encoding
br
last-modified
Tue, 02 May 2023 04:16:46 GMT
server
Apache
vary
Accept-Encoding
content-type
image/webp
accept-ranges
bytes
content-length
4748
commerical_skyscrapers.webp
legit-returns.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legit-returns.com/images/commerical_skyscrapers.webp
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
d9d418b2db4cece7820b3060835510091ce406815028905eb157ba27d46b14f4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
content-encoding
br
last-modified
Tue, 02 May 2023 04:16:46 GMT
server
Apache
vary
Accept-Encoding
content-type
image/webp
accept-ranges
bytes
content-length
6664
investing.webp
legit-returns.com/images/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legit-returns.com/images/investing.webp
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
f50f1dd207b1ddecffb4226e267fa47be687367c994a78980897aaefc4e94cc9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
content-encoding
br
last-modified
Sun, 21 May 2023 16:49:20 GMT
server
Apache
vary
Accept-Encoding
content-type
image/webp
accept-ranges
bytes
content-length
35900
plans.png
legit-returns.com/images/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legit-returns.com/images/plans.png
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
a563ab7a31266ef4a56316737b161e65f6b40a7e2ec44cfd8f1c9fffdbf3869a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
last-modified
Sun, 21 May 2023 17:04:56 GMT
server
Apache
accept-ranges
bytes
content-length
73378
content-type
image/png
logoonly22.png
legit-returns.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legit-returns.com/images/logoonly22.png
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
3d5bccfc475cabac42a039defba1ff057e129cf4c3e9af52158fee1cf569b665

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
last-modified
Sat, 30 Sep 2023 18:29:08 GMT
server
Apache
accept-ranges
bytes
content-length
3757
content-type
image/png
huqow7sDMo
code.jivosite.com/widget/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/widget/huqow7sDMo
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:9d40:801:ff00::1 Ashburn, United States, ASN41095 (IPTP, GB),
Reverse DNS
Software
nginx /
Resource Hash
0308a087538b97d72fe66ed794ab36f28d267eb80d31947d7698f49c2179d634

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:43:00 GMT
content-encoding
br
via
1.1 sharxy
x-geo-shard
ya
content-length
6059
x-node
dc5-up-gc28
last-modified
Wed, 27 Mar 2024 13:17:27 GMT
server
nginx
etag
"66041c67-17ab"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
MISS
accept-ranges
bytes
expires
Fri, 05 Apr 2024 15:42:59 GMT
css2
fonts.googleapis.com/ 		2 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Slab&display=swap
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/css/stylescss.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba84a6de518728d15b12d153458a6a87f531a663d2a024f57f6cdf826e9c0983
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Apr 2024 13:42:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Apr 2024 12:33:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Apr 2024 13:42:59 GMT
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300&display=swap
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/css/stylescss.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd76695c90930344c224d2fb3e946176581d7e8619a96180c8c4bce5b2e51e1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Apr 2024 13:42:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Apr 2024 13:38:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Apr 2024 13:42:59 GMT
css2
fonts.googleapis.com/ 		1 KB
558 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=PT+Serif&display=swap
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/css/stylescss.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1aeeab09b8d840c5a773865010257d515f2428df229eb53e1efe2106ca852d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Apr 2024 13:42:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Apr 2024 12:19:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Apr 2024 13:42:59 GMT
free.min.css
ka-f.fontawesome.com/releases/v6.5.2/css/ 		101 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=3848c6a7f0
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/3848c6a7f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
via
1.1 c456cd1dcda544d97e59ee05afbea4a2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
141727
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 02 Apr 2024 15:26:25 GMT
server
cloudflare
etag
W/"7f29cd8c97789aa298af8c61623ca28b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9aM6Q%2BO%2BCMvbRef9Ru4PKFqfyJerQxSSjxZfQ9Da7TbN5a8UQU%2FY8o3y9M9CCs0eAgcxlRNToIiHKI786cL7ZgWYS2u9t6NlpWdR815wbXHlcHM9ow94KFPudTEIHQHs5B8xehtMPzRAU0oUA7jARlUIvw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
86f9f6ef68ea9e1a-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
2eDuDsvSSUDcMpfr4DBFl78Y-05rb6QpEBNVxE62s-Ft4efoqWpYrQ==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.5.2/css/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=3848c6a7f0
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/3848c6a7f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
via
1.1 774fddee085016d16b500fd9201faeb2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
141727
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 02 Apr 2024 15:26:25 GMT
server
cloudflare
etag
W/"940b066040a876fa1dc7b2ee2d222a58"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W4qBXZqmkzpiyYN7qhqXbKElpyVY3UC0ZRF0fpu9GyhoP%2FKk41YRJNNg7N4AcGRxwoOc6bQyo2BUq8JKSFgxB5M3QBo8BIxE0q9NZmLuayFg3NgIF0qm82NYzxYZG2f2x4K56TUnon67awPsnMF39sZI9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
86f9f6ef68e99e1a-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
55ShPaeNgND_7reNgTslXVxW3q_rFMGp88Cul6pB2BuxG9Os9LCmEw==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.2/css/ 		823 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=3848c6a7f0
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/3848c6a7f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
via
1.1 67d3f8867c3d6540e7495f9026c9c57a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
141727
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 02 Apr 2024 15:26:25 GMT
server
cloudflare
etag
W/"a3d53e21a02e37af6cbc00ac63b3cc1e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zkwfAariIYlmZL2gE7rOR0%2FvFkoF2f1jVQdvFKWOkiRnF9dtKtiI1PFLueKDEiBES9uD2J4vtbHFr30QFLDFmLP168q7NFkpr67iBYFlDTpKkN6PzoeE9CyUuh3THeHGOAmsb17dPXrWB1YsFacipx45lA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
86f9f6ef68eb9e1a-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
OQ_tpLc7dFvb-fcjG7yC6WqyMXRWbx6kGsF8hiQP2MRZEtaUXEVSOQ==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.2/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=3848c6a7f0
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/3848c6a7f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:42:59 GMT
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 02 Apr 2024 15:26:25 GMT
server
cloudflare
etag
W/"9c9f596493867f0e7ef5f9fe99103fce"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gWB5g0sJve15rwizHqw%2BPAN%2BJhoCjKfFqF%2F7PmfvLtDSRqfEY06SJnGV7J1AFL9rO82Cb9QD1DYNGC10Rr45UFVywdj2h3wMXtkE6ucW5zKn4tTWaoJ1bXoZI1slMG%2BJ%2F1bS9cKa5VNcs15BY63jbZKN4w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
86f9f6ef68ec9e1a-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
sJaofh7OZ1tmjQGAAF98kl_AEEHlWdTtsLtf8PgCcuUo0geCdpz4Ng==
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US._W3nUGMaihk.O/am=wA/d=1/rs=AN8SPfrZWMw1ZfTzFZ2M_RyVuVenxAWDPA/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 20:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149055
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4144
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 01:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Apr 2025 20:18:44 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US._W3nUGMaihk.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfrRoOoMWXfO_m3gcxdy_dZTGXS9mw/ 		209 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US._W3nUGMaihk.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfrRoOoMWXfO_m3gcxdy_dZTGXS9mw/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US._W3nUGMaihk.O/am=wA/d=1/rs=AN8SPfrZWMw1ZfTzFZ2M_RyVuVenxAWDPA/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63c51e018f236acf9dc615cc974aa81baf9ac013956c77aca6a6a74d101b8db0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 18:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73788
x-xss-protection
0
last-modified
Wed, 03 Apr 2024 17:14:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Apr 2025 18:17:38 GMT
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.3/font/fonts/ 		100 KB
100 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.3/font/fonts/bootstrap-icons.woff2?08efbba7c53d8c5413793eecb19b20bb
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.3/font/bootstrap-icons.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a29357cb76994874d2a7473fddbc265f1867b52957e8f3a1bd3d5538f231fcff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.3/font/bootstrap-icons.css
Origin
https://legit-returns.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 05 Apr 2024 13:42:59 GMT
x-content-type-options
nosniff
age
1969177
x-jsd-version
1.8.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
102380
x-served-by
cache-fra-etou8220084-FRA, cache-lga21952-LGA
x-jsd-version-type
version
etag
W/"18fec-cpdRtpq9wNvdHfhH3KoE//US1Jo"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
truncated
/ 		231 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c423574c169bcda1bac06d877eb1d94e018b4f2f54c637eb632cd00ebc5d6f5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		231 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90473a1a619e183dde264afd0632ecbaa69a98ce8a4ed8be947417e47a666670

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v34/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v34/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
438099da1cf057f5b48133f7a74b2d506751fb1b2e888d22ca397fa1983a8f9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://legit-returns.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 01:56:16 GMT
x-content-type-options
nosniff
age
128803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13992
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:50:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Apr 2025 01:56:16 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://legit-returns.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 20:15:25 GMT
x-content-type-options
nosniff
age
149254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14780
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Apr 2025 20:15:25 GMT
/
legit-returns.com/
Redirect Chain
  • https://legit-returns.com/images/next-trade.mp4
  • https://legit-returns.com/
21 KB
22 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://legit-returns.com/
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
f10bc4933f54724f5ac4b52437125ff9d475ef035df732ec340de73879d4fb06

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legit-returns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Fri, 05 Apr 2024 13:43:00 GMT
cache-control
no-cache, private
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8

Redirect headers

location
https://legit-returns.com
date
Fri, 05 Apr 2024 13:42:59 GMT
cache-control
no-cache, private
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
huqow7sDMo
code.jivosite.com/script/widget/config/ 		1 KB
864 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/script/widget/config/huqow7sDMo
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/widget/huqow7sDMo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:9d40:801:ff00::1 Ashburn, United States, ASN41095 (IPTP, GB),
Reverse DNS
Software
nginx /
Resource Hash
ef9b3c28e69b80c2dd517f1acaaec17b016e2ca63a1acd9c46bad4ebe6fff6a3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:43:00 GMT
content-encoding
gzip
via
1.1 sharxy
server
nginx
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
MISS
accept-ranges
bytes
x-geo-shard
ya
content-length
667
x-node
dc5-up-gc28
expires
Fri, 05 Apr 2024 15:43:00 GMT
huqow7sDMo
node-ya-10.jivosite.com/widget/status/2315569/ 		80 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node-ya-10.jivosite.com/widget/status/2315569/huqow7sDMo?rnd=0.48090171373742874
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/widget/huqow7sDMo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
62.84.125.202 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
foxy/3.2 /
Resource Hash
c5b32675fc6dbb5b64e6c3e4f2ca55a8a29b2e2a0d137bb1104cee5f025923ec
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
content-security-policy
frame-ancestors 'none';
date
Fri, 05 Apr 2024 13:43:01 GMT
server
foxy/3.2
x-botmode
no
x-geoip
US;NY;New York
x-frame-options
DENY
content-type
application/json; charset=utf-8;
access-control-allow-origin
https://legit-returns.com
access-control-expose-headers
X-Geoip, X-Botmode
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-max-age
1728000
content-length
80
truncated
/ Frame 1A6F 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 14:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3340
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 14:24:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Apr 2025 14:48:59 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 		910 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 05:19:40 GMT
x-content-type-options
nosniff
age
116600
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
910
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 04 Apr 2025 05:19:40 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 11:29:27 GMT
x-content-type-options
nosniff
age
94413
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 04 Apr 2025 11:29:27 GMT
logoonly22.png
legit-returns.com/images/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://legit-returns.com/images/logoonly22.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.85.47.62 , United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
server6.websiteserverbox.com
Software
Apache /
Resource Hash
3d5bccfc475cabac42a039defba1ff057e129cf4c3e9af52158fee1cf569b665

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:43:01 GMT
last-modified
Sat, 30 Sep 2023 18:29:08 GMT
server
Apache
accept-ranges
bytes
content-length
3757
content-type
image/png
bundle_en_US.js
code.jivosite.com/js/ 		1 MB
238 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/js/bundle_en_US.js?rand=1711633396
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/widget/huqow7sDMo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:9d40:801:ff00::1 Ashburn, United States, ASN41095 (IPTP, GB),
Reverse DNS
Software
nginx /
Resource Hash
88a62734ebb3d7356eb5bab4e1d465f86816337cdd166b4116b81590ad689ebf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:43:01 GMT
content-encoding
br
via
1.1 sharxy
x-cached-since
2024-04-05T09:14:31+00:00
x-geo-shard
ya
content-length
243609
x-node
dc5-up-gc28
last-modified
Wed, 27 Mar 2024 13:17:26 GMT
server
nginx
etag
"66041c66-3b799"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
accept-ranges
bytes
widget.css
code.jivosite.com/css/70c5213/ 		135 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/css/70c5213/widget.css
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:9d40:801:ff00::1 Ashburn, United States, ASN41095 (IPTP, GB),
Reverse DNS
Software
nginx /
Resource Hash
765e62f7c43f144d7df6a5ed451970a6ab9876a28aa02b56636389a3154fdf38

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:43:01 GMT
content-encoding
br
via
1.1 sharxy
x-cached-since
2024-04-03T09:14:26+00:00
x-geo-shard
ya
content-length
40528
x-node
dc5-up-gc28
last-modified
Wed, 27 Mar 2024 13:17:26 GMT
server
nginx
etag
"66041c66-9e50"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=864000
cache
HIT
accept-ranges
bytes
expires
Sat, 13 Apr 2024 09:14:26 GMT
omnichannelMenu.widget.css
code.jivosite.com/css/70c5213/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/css/70c5213/omnichannelMenu.widget.css
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:9d40:801:ff00::1 Ashburn, United States, ASN41095 (IPTP, GB),
Reverse DNS
Software
nginx /
Resource Hash
c39c15314e4090a81c542b9fa94da99c11b35203d5fa3011d1ae0620f5d58531

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://legit-returns.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:43:01 GMT
content-encoding
gzip
via
1.1 sharxy
x-cached-since
2024-04-02T11:51:09+00:00
x-geo-shard
ya
content-length
1340
x-node
dc5-up-gc28
last-modified
Wed, 27 Mar 2024 13:17:26 GMT
server
nginx
etag
"66041c66-53c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=864000
cache
HIT
accept-ranges
bytes
expires
Fri, 12 Apr 2024 11:51:09 GMT
omnichannelMenu.js
code.jivosite.com/js/70c5213/ Frame 4B2C 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/js/70c5213/omnichannelMenu.js
Requested by
Host: legit-returns.com
URL: https://legit-returns.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:9d40:801:ff00::1 Ashburn, United States, ASN41095 (IPTP, GB),
Reverse DNS
Software
nginx /
Resource Hash
a0e9f54f9d98582f9954c7f92889190e7ff07870afd1630d720a6160a4d50c1e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:43:01 GMT
content-encoding
br
via
1.1 sharxy
x-cached-since
2024-04-05T11:51:17+00:00
x-geo-shard
ya
content-length
9602
x-node
dc5-up-gc28
last-modified
Wed, 27 Mar 2024 13:17:26 GMT
server
nginx
etag
"66041c66-2582"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
accept-ranges
bytes
truncated
/ 		393 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c66b5eadbc121cef27de174430ad219f445c82ff938916a34582c712d4bf76d5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf12609920c06b45d18b9ddbf0b3a15e0a4f51ae58dfa332b937c8156114a431

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		447 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77e83427001f5875cd40cb1b22294be5edacdab5fa7250a65af5ae2aaef57649

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
agent_message.mp3
code.jivosite.com/sounds/ 		4 KB
4 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/agent_message.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:9d40:801:ff00::1 Ashburn, United States, ASN41095 (IPTP, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://legit-returns.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:43:01 GMT
via
1.1 sharxy
x-cached-since
2024-04-03T09:14:27+00:00
Content-Range
bytes 0-3759/3760
x-geo-shard
ya
x-node
dc5-up-gc28
Content-Length
3760
last-modified
Wed, 27 Mar 2024 13:17:27 GMT
server
nginx
etag
"66041c67-eb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Fri, 03 May 2024 09:14:26 GMT
notification.mp3
code.jivosite.com/sounds/ 		6 KB
6 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/notification.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:9d40:801:ff00::1 Ashburn, United States, ASN41095 (IPTP, GB),
Reverse DNS
Software
nginx /
Resource Hash
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://legit-returns.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:43:01 GMT
via
1.1 sharxy
x-cached-since
2024-04-03T09:14:26+00:00
Content-Range
bytes 0-5807/5808
x-geo-shard
ya
x-node
dc5-up-gc28
Content-Length
5808
last-modified
Wed, 27 Mar 2024 13:17:27 GMT
server
nginx
etag
"66041c67-16b0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Fri, 03 May 2024 09:14:26 GMT
outgoing_message.mp3
code.jivosite.com/sounds/ 		5 KB
5 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/outgoing_message.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:9d40:801:ff00::1 Ashburn, United States, ASN41095 (IPTP, GB),
Reverse DNS
Software
nginx /
Resource Hash
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://legit-returns.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:43:01 GMT
via
1.1 sharxy
x-cached-since
2024-04-02T11:51:53+00:00
Content-Range
bytes 0-5013/5014
x-geo-shard
ya
x-node
dc5-up-gc28
Content-Length
5014
last-modified
Wed, 27 Mar 2024 13:17:27 GMT
server
nginx
etag
"66041c67-1396"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Thu, 02 May 2024 11:51:53 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| FontAwesomeKitConfig function| _DumpException object| default_tr object| _F_toggles string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google object| AOS function| _defineProperties function| _createClass function| Splide function| googleTranslateElementInit function| Swiper number| uidEvent object| bootstrap object| swiper object| splide function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy object| closure_lm_63634 object| jivo_config string| jivo_version object| jivo_api

2 Cookies

Domain/Path Name / Value
legit-returns.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IkJCOWdDb3BDdzhyVmNNd210dS8xdHc9PSIsInZhbHVlIjoiN3lJQ084UmVhU2NwNjZMTkV2Vm1pa2p4QTZMcnNPRkxVT1VISGhWcGc2MWQ3ZE1hZlVWbkJSNkJyYUI2NlFSMzd6MEUwRERmMHFDTXhOWFhzS0EwdlFMcy9RdHNBdzJQVnd1NmgzWjFUWS83TmV0emovanJid1lSTmtvc1YrYVoiLCJtYWMiOiJlMDg4M2ZkZWM4OWNmOGE0MzRiMzYyZDQ4OTA2Y2JkMDg0YmU1MGU3MjM4Zjk4NGNhMDFlYjRjMGE5NWI3ZTk0IiwidGFnIjoiIn0%3D
legit-returns.com/ Name: legit_returns_session
Value: eyJpdiI6Ik9NbkVaaG0xT3c0d0NSVEFWYkRmaWc9PSIsInZhbHVlIjoidHdiOFdUWDY4eno0RHdBZitObHl6aXNWaEQxVXdCcnNGRmhDbUk4NitRdDZoeEJMek9kR3NpZ0RKZUd1UnhwTk5ML1dRczVNby9YbmdQQjI2djRncjM4U1Zab2xTVjVyQTZ0dHZieGthMFBFb256bEtwSWl3dytDZ3NqR245di8iLCJtYWMiOiI4M2VhNmVlMzE1NTM1MDRmMzJmNTAxZTgyN2Q3MzY2ODhhYjVhYmEyNzhmZmYyNWQ3MjBjOGQ2ZDI2MzgyZTFhIiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jivosite.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
legit-returns.com
node-ya-10.jivosite.com
translate.google.com
translate.googleapis.com
unpkg.com
www.gstatic.com
2606:4700:4400::6812:2844
2606:4700::6811:f5cb
2606:4700:e2::ac40:8107
2607:f8b0:4004:c08::5f
2607:f8b0:4020:804::200e
2607:f8b0:4020:806::2003
2607:f8b0:4020:806::200a
2607:f8b0:4020:807::2003
2a03:9d40:801:ff00::1
2a04:4e42:400::485
62.84.125.202
66.85.47.62
0308a087538b97d72fe66ed794ab36f28d267eb80d31947d7698f49c2179d634
0c423574c169bcda1bac06d877eb1d94e018b4f2f54c637eb632cd00ebc5d6f5
0dd3a49189344c3666372aec04cce7094c2b21fe22dd074b3c2a9aeb683bd61b
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
1222cffac2665bfcbdf1f5990e7eef260dd04655033d38692d70292d1bc4c653
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1aeeab09b8d840c5a773865010257d515f2428df229eb53e1efe2106ca852d0e
237e83161bfe098cbefdb3ed2ec69d4a7f2ce17a24f7caa14d9f0ae5dc0a8291
2e38f091b2eec5b0bad1897874986bab054fc17306c428fede59753c95743911
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
31f7e2f50ccf52af4c972529b9eb6227e3e2f222875ca2709cf8d9a47772e2fa
33dd178b3a1fa31ec4c26b6a0415de4bee9126b4e0e4797fb482c6202847c404
3444ae492a5500c9c803a93b7977a540fb136fb32e8f1676f3131a19f47f43ff
3a0758e8814364861a91f1a61aec9ce9698f76e3a2442fbce8fcaec8580a37af
3d5bccfc475cabac42a039defba1ff057e129cf4c3e9af52158fee1cf569b665
3e73fbaed6ba056052f8ad1daad5f98de966065f0777520980b85575c0b01428
3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1
438099da1cf057f5b48133f7a74b2d506751fb1b2e888d22ca397fa1983a8f9a
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
5812823f07b9025a0109323a45e169a8687160f762248823761a8d385c1a6fc1
5bbcf17094ebdbb00e68084e1bfd477b9090de56d98ebf74f9e19c6d592d2046
616ed4ef1e7dad43d9dc35b340a6da94cffd8f60a9f306a925540f4712f8c359
62f407bd2d9c4f8df4d4cee7f88122dd749ea6f0b7ddf7f8306c5b4495c48464
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
63c51e018f236acf9dc615cc974aa81baf9ac013956c77aca6a6a74d101b8db0
6dba70746c194e881022f486054da40c8bbdad355c39551132b1796664d83fd4
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
74905521f49239680068afdeff73669d90ef7e0b18a54a4119b1d28950361528
765e62f7c43f144d7df6a5ed451970a6ab9876a28aa02b56636389a3154fdf38
771c6f625d421fed6fe70b91bb2890fdc47ff20a7e429fe2de7e351dc54fc811
77e83427001f5875cd40cb1b22294be5edacdab5fa7250a65af5ae2aaef57649
88a62734ebb3d7356eb5bab4e1d465f86816337cdd166b4116b81590ad689ebf
90473a1a619e183dde264afd0632ecbaa69a98ce8a4ed8be947417e47a666670
90f2c76ac881b9b3a46ba7bfe893bfce7b2106fd4315fa9829e7f544709fda57
9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878
a0e9f54f9d98582f9954c7f92889190e7ff07870afd1630d720a6160a4d50c1e
a29357cb76994874d2a7473fddbc265f1867b52957e8f3a1bd3d5538f231fcff
a563ab7a31266ef4a56316737b161e65f6b40a7e2ec44cfd8f1c9fffdbf3869a
aad4aeffbcc5775cf1d8668637bc80b96c885eec42ec856b7d2a677110f15082
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
ba84a6de518728d15b12d153458a6a87f531a663d2a024f57f6cdf826e9c0983
bf12609920c06b45d18b9ddbf0b3a15e0a4f51ae58dfa332b937c8156114a431
c39c15314e4090a81c542b9fa94da99c11b35203d5fa3011d1ae0620f5d58531
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
c5b32675fc6dbb5b64e6c3e4f2ca55a8a29b2e2a0d137bb1104cee5f025923ec
c66b5eadbc121cef27de174430ad219f445c82ff938916a34582c712d4bf76d5
cd9d6b894dfbe81bbe09e59774a6733aac5b73a946759bb9f740cde4203c166a
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
d9d418b2db4cece7820b3060835510091ce406815028905eb157ba27d46b14f4
e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672
e98acab7bbcc53d7b86f0b656e5012aa1bef12de3fd0911027fcf258e14a9da3
ef9b3c28e69b80c2dd517f1acaaec17b016e2ca63a1acd9c46bad4ebe6fff6a3
f10bc4933f54724f5ac4b52437125ff9d475ef035df732ec340de73879d4fb06
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075
f50f1dd207b1ddecffb4226e267fa47be687367c994a78980897aaefc4e94cc9
fd76695c90930344c224d2fb3e946176581d7e8619a96180c8c4bce5b2e51e1b
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43