shopify-hardware-store.loopreturns.com Open in urlscan Pro
44.227.24.204 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shopify-hardware-store.loopreturns.com/
Effective URL:
https://shopify-hardware-store.loopreturns.com/
Submission: On November 15 via api (November 15th 2024, 1:45:37 am UTC) from US — Scanned from DE

Summary HTTP 25 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 25 HTTP transactions. The main IP is 44.227.24.204, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is shopify-hardware-store.loopreturns.com.
TLS certificate: Issued by R10 on October 23rd 2024. Valid for: 3 months.

This is the only time shopify-hardware-store.loopreturns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	44.227.24.204 44.227.24.204	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:225... 2600:9000:2251:f000:5:931b:16c0:21	() ()
4	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
4	172.217.16.200 172.217.16.200	15169 (GOOGLE) (GOOGLE)
2	44.232.100.92 44.232.100.92	() ()
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
1	2620:127:f00f... 2620:127:f00f:ff01::	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
1	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
25	11

1 44.227.24.204 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-227-24-204.us-west-2.compute.amazonaws.com

shopify-hardware-store.loopreturns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2251:f000:5:931b:16c0:21 (United States)

ASN- ()

d1nnh0c8uc313v.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.232.100.92 (Boardman, United States)

ASN- ()
PTR: ec2-44-232-100-92.us-west-2.compute.amazonaws.com

api.loopreturns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:127:f00f:ff01:: (Canada)

ASN13335 (CLOUDFLARENET, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	107 KB
5	cloudfront.net d1nnh0c8uc313v.cloudfront.net	691 KB
4	segment.com cdn.segment.com — Cisco Umbrella Rank: 2162	36 KB
3	loopreturns.com shopify-hardware-store.loopreturns.com api.loopreturns.com — Cisco Umbrella Rank: 193552	80 KB
2	stripe.com js.stripe.com — Cisco Umbrella Rank: 1510	165 KB
1	gstatic.com fonts.gstatic.com	18 KB
1	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2292	14 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 55	2 KB
25	8

	Domain	Requested by
8	www.googletagmanager.com	shopify-hardware-store.loopreturns.com
5	d1nnh0c8uc313v.cloudfront.net	shopify-hardware-store.loopreturns.com
4	cdn.segment.com	d1nnh0c8uc313v.cloudfront.net cdn.segment.com
2	api.loopreturns.com	d1nnh0c8uc313v.cloudfront.net
2	js.stripe.com	shopify-hardware-store.loopreturns.com js.stripe.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.shopify.com
1	fonts.googleapis.com	d1nnh0c8uc313v.cloudfront.net
1	shopify-hardware-store.loopreturns.com
25	9

This site contains links to these domains. Also see Links.

Domain
1da1f2-7c.myshopify.com
www.loopreturns.com

Subject Issuer	Validity	Valid
*.loopreturns.com R10	`2024-10-23` - `2025-01-21`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-10-30` - `2025-02-06`	3 months	crt.sh
api.loopreturns.com R11	`2024-11-04` - `2025-02-02`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M02	`2024-10-15` - `2025-11-14`	a year	crt.sh
cdn.shopify.com E5	`2024-10-27` - `2025-01-25`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://shopify-hardware-store.loopreturns.com/
Frame ID: 0C0D56192DF8F79582B4C01B86CC973A
Requests: 24 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: AE7BA89175269699B8BC6621A0D5463A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shopify Hardware Store Returns

Page URL History Show full URLs

http://shopify-hardware-store.loopreturns.com/ HTTP 307
https://shopify-hardware-store.loopreturns.com/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

25
Requests

100 %
HTTPS

36 %
IPv6

8
Domains

9
Subdomains

11
IPs

3
Countries

1113 kB
Transfer

4497 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://1da1f2-7c.myshopify.com/
Title: Back to shop

Search URL Search Domain Scan URL

URL: https://www.loopreturns.com/powered-by-loop?utm_medium=customer_portal&utm_source=1da1f2-7c.myshopify.com&utm_campaign=powered_by_loop
Title: Powered by Loop Returns | The returns solution for Shopify's top brands

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shopify-hardware-store.loopreturns.com/ HTTP 307
https://shopify-hardware-store.loopreturns.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
shopify-hardware-store.loopreturns.com/
Redirect Chain

http://shopify-hardware-store.loopreturns.com/
https://shopify-hardware-store.loopreturns.com/

2 KB
1 KB

588ms
190ms

Document
text/html

44.227.24.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://shopify-hardware-store.loopreturns.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.227.24.204 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-24-204.us-west-2.compute.amazonaws.com

Software

openresty/1.25.3.2 /

Resource Hash

7878de58d8266f8efd188e809083bbcea1a535c3b56f9ae822057a537b08cbb2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .loopreturns.com .myshopify.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.loopreturns.com *.myshopify.com
content-type: text/html; charset=utf-8
date: Fri, 15 Nov 2024 01:45:21 GMT
etag: W/"67367a0c-9ae"
last-modified: Thu, 14 Nov 2024 22:30:36 GMT
referrer-policy: strict-origin-when-cross-origin
server: openresty/1.25.3.2
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

Location: https://shopify-hardware-store.loopreturns.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 index.d302830b.js Show response
d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/ 1 MB
326 KB 859ms
734ms Script
application/javascript 2600:9000:2251:f000:5:931b:16c0:21

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/index.d302830b.js
Requested by: Host: shopify-hardware-store.loopreturns.com
URL: https://shopify-hardware-store.loopreturns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:f000:5:931b:16c0:21 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3e8678b03b54af1546fd8b78677ae1a8d817f5e3393944dc33f36263aab17e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://shopify-hardware-store.loopreturns.com
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

access-control-max-age: 0
content-encoding: gzip
x-amz-version-id: Q7ZvW7_H26vytS_CKUXQY6AIKdOE3cfz
etag: W/"a5ff9c32d04e37e6439814f6f209f277"
access-control-allow-methods: GET, HEAD
x-cache: Miss from cloudfront
x-amz-cf-id: LEKDhIWje137HgMmFN17HqQl2o6-5cunTh-yM4Jw3zJ5lpw2Giv5cw==
date: Fri, 15 Nov 2024 01:45:23 GMT
content-type: application/javascript
vary: Origin,accept-encoding
x-amz-expiration: expiry-date="Sun, 15 Dec 2024 00:00:00 GMT", rule-id="rule-1"
last-modified: Thu, 14 Nov 2024 22:23:11 GMT
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendor.ba2744df.js Show response
d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/ 809 KB
274 KB 859ms
734ms Script
application/javascript 2600:9000:2251:f000:5:931b:16c0:21

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/vendor.ba2744df.js
Requested by: Host: shopify-hardware-store.loopreturns.com
URL: https://shopify-hardware-store.loopreturns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:f000:5:931b:16c0:21 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1411038fcad494fbb9bafda1826e7250b921ef4199dd4f5686a2cd32a07ea91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://shopify-hardware-store.loopreturns.com
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

access-control-max-age: 0
content-encoding: gzip
x-amz-version-id: TTWlMvMhwwTnZlc00UVYxxPbU4AQoLsS
etag: W/"e9778e076846fdbad144c167fe204cd3"
access-control-allow-methods: GET, HEAD
x-cache: Miss from cloudfront
x-amz-cf-id: yjq5nSWzTlNH_G-HPwA4vNLHghjJUVlt0W8Pd_W3LNXyW1200S4Mow==
date: Fri, 15 Nov 2024 01:45:23 GMT
content-type: application/javascript
vary: Origin,accept-encoding
x-amz-expiration: expiry-date="Sun, 15 Dec 2024 00:00:00 GMT", rule-id="rule-1"
last-modified: Thu, 14 Nov 2024 22:23:11 GMT
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 index.5085241a.css
d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/ 945 KB
87 KB 134ms
10ms Stylesheet
text/css 2600:9000:2251:f000:5:931b:16c0:21

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/index.5085241a.css
Requested by: Host: shopify-hardware-store.loopreturns.com
URL: https://shopify-hardware-store.loopreturns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:f000:5:931b:16c0:21 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5085241ad664492de734b07c3875b02451cf8a035229e7336badf98a11380b2f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

x-amz-cf-pop: FRA60-P3
vary: accept-encoding, Origin
content-encoding: gzip
x-amz-version-id: 2MMaqGVisvH_ZSpFFRApy11fniPbysiR
etag: W/"24c8ffa78012725cf2e25a5cf964d2f1"
age: 1770
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: xbbhFhlts2L_NG1W992qQrTdL8XsnwhlaZTaR7J3rIVlNbCNDQZN6Q==
date: Fri, 15 Nov 2024 01:15:52 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 22:23:11 GMT
x-amz-expiration: expiry-date="Sun, 15 Dec 2024 00:00:00 GMT", rule-id="rule-1"
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 318 KB
106 KB 101ms
30ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XHPC1ZBWV3

Requested by

Host: shopify-hardware-store.loopreturns.com
URL: https://shopify-hardware-store.loopreturns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb297bab7a0d06c9945a92d757cfa4be3b0f70beb6d1fa295d2546049a45bad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 15 Nov 2024 01:45:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 01:45:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 107934
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 / Show response
js.stripe.com/v3/ 689 KB
165 KB 132ms
8ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: shopify-hardware-store.loopreturns.com
URL: https://shopify-hardware-store.loopreturns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1e8b67d6e4b99fd84571acbbad0ca0dadd920bda00cc4313ef907eeefd94b8e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

x-request-id: d83e9714-0873-44c6-8bfe-f6c74424fc43
content-encoding: br
etag: "2f946a069b41ce56492fa8bdb6ab2337"
age: 18
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Fri, 15 Nov 2024 01:45:21 GMT
last-modified: Thu, 14 Nov 2024 21:46:01 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-fra-etou8220075-FRA
x-cache-hits: 3
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 168814
server: Fastly

GET
H2 200 a
www.googletagmanager.com/ 0
43 B 18ms
16ms Image
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-XHPC1ZBWV3&v=3&t=t&pid=54497258&cv=3&rv=4bc0&tc=17&tag_exp=101925629~102067554~102067808~102077855&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&z=0

Requested by

Host: shopify-hardware-store.loopreturns.com
URL: https://shopify-hardware-store.loopreturns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 15 Nov 2024 01:45:22 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ 0
270 B 16ms
15ms Image
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-XHPC1ZBWV3&v=3&t=t&pid=54497258&cv=3&rv=4bc0&tc=17&tag_exp=101925629~102067554~102067808~102077855&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAACA&h=Ag&tr=1ogtcrossdomain.1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ccdgaregscope.1ccdemdownload.1ccdemform.1ccdemoutboundclick.1ccdemscroll.1ccdconversionmarking.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ccdautoredact.1ccdgalast&ti=2ogtcrossdomain.2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdemscroll.2ccdconversionmarking.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ccdautoredact.2ccdgalast&z=0

Requested by

Host: shopify-hardware-store.loopreturns.com
URL: https://shopify-hardware-store.loopreturns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 15 Nov 2024 01:45:22 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ 0
52 B 15ms
14ms Image
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-XHPC1ZBWV3&v=3&t=t&pid=54497258&cv=3&rv=4bc0&tc=17&tag_exp=101925629~102067554~102067808~102077855&es=1&e=gtm.dom&eid=1&u=AAAAAAAAAAAAAACA&h=Ag&z=0

Requested by

Host: shopify-hardware-store.loopreturns.com
URL: https://shopify-hardware-store.loopreturns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 15 Nov 2024 01:45:22 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 23ms
23ms Image
text/html 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-XHPC1ZBWV3&v=3&t=t&pid=54497258&cv=3&rv=4bc0&tc=17&tag_exp=101925629~102067554~102067808~102077855&e=gtm.init&eid=0&u=AAAAAAAAAAAAAACA&h=Ag&tr=5ogtcrossdomain.5ogt1pdatav2.5ccdgafirst.5setproductsettings.5ccdgaregscope.5ccdemdownload.5ccdemform.5ccdemoutboundclick&ti=2ogtcrossdomain.2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick&z=0

Requested by

Host: shopify-hardware-store.loopreturns.com
URL: https://shopify-hardware-store.loopreturns.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 15 Nov 2024 01:45:22 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 22ms
22ms Image
text/html 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-XHPC1ZBWV3&v=3&t=t&pid=54497258&cv=3&rv=4bc0&tc=17&tag_exp=101925629~102067554~102067808~102077855&es=1&e=*&eid=5&u=AAAAAAAIAAAAAACA&h=Ag&z=0

Requested by

Host: shopify-hardware-store.loopreturns.com
URL: https://shopify-hardware-store.loopreturns.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 15 Nov 2024 01:45:22 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 init Show response
api.loopreturns.com/api/v1/ 59 KB
60 KB 1109ms
331ms XHR
application/json 44.232.100.92

General

Check archive.org

Show headers Download Go to

Full URL

https://api.loopreturns.com/api/v1/init

Requested by

Host: d1nnh0c8uc313v.cloudfront.net
URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/vendor.ba2744df.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.232.100.92 Boardman, United States, ASN (),

Reverse DNS

ec2-44-232-100-92.us-west-2.compute.amazonaws.com

Software

/ PHP/8.3.12

Resource Hash

35018b86af7ecf7de77afa760339d8f5496965da89992e427ef787896a25840f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .loopreturns.com .myshopify.com 1da1f2-7c.myshopify.com
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

access-control-expose-headers: Version
x-content-type-options: nosniff, nosniff
date: Fri, 15 Nov 2024 01:45:24 GMT
content-type: application/json
vary: Origin
x-loop-request-id: d816df68-9d36-467b-99ae-4c2d5b156635
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubdomains
content-security-policy: frame-ancestors *.loopreturns.com *.myshopify.com 1da1f2-7c.myshopify.com
cache-control: no-cache, private
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
x-ratelimit-remaining: 299
access-control-allow-origin: https://shopify-hardware-store.loopreturns.com
x-xss-protection: 1; mode=block
x-ratelimit-limit: 300
x-powered-by: PHP/8.3.12
version: 0

GET
H2 200 favicon.png
d1nnh0c8uc313v.cloudfront.net/customer-portal/img/ 2 KB
3 KB 12ms
9ms Other
image/png 2600:9000:2251:f000:5:931b:16c0:21

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/img/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:f000:5:931b:16c0:21 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16bcc59416a8f00a8433d700da3b9ecec8ab33ca5ee7eca22046dd447e4d7d2b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

x-amz-version-id: 2VmNRxhQemCSMm11P9OFRveUZnfZQSC4
etag: "03d52e8c0aaa9e8f3529b8f3d99d51d0"
age: 774
x-cache: Hit from cloudfront
x-amz-cf-id: 4NabAtg2Uep9YF-S6pF8v1jWmzzmhE8n0a0aVPMMvGerQqAK3L_pnw==
date: Fri, 15 Nov 2024 01:32:31 GMT
content-type: image/png
vary: Origin
x-amz-expiration: expiry-date="Sun, 15 Dec 2024 00:00:00 GMT", rule-id="rule-1"
last-modified: Thu, 14 Nov 2024 22:23:12 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2111
x-amz-cf-pop: FRA60-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 16ms
15ms Image
text/html 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-XHPC1ZBWV3&v=3&t=t&pid=54497258&cv=3&rv=4bc0&tc=17&tag_exp=101925629~102067554~102067808~102077855&es=1&e=gtm.load&eid=6&u=AgAAAAAIAAAAAACA&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 15 Nov 2024 01:45:24 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 41ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: d1nnh0c8uc313v.cloudfront.net
URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/vendor.ba2744df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5780dcb011235f74ebd060a2e1d7e214e3bd12e13982bf4bd7fbe052d3d55f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 01:45:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 01:45:25 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 15 Nov 2024 00:33:14 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/23J8MEiBHfZJhx1lYDEqR9SPqaIV9vvR/ 106 KB
30 KB 637ms
595ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/23J8MEiBHfZJhx1lYDEqR9SPqaIV9vvR/analytics.min.js
Requested by: Host: d1nnh0c8uc313v.cloudfront.net
URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/index.d302830b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed2167083091abdcad4f1b21f83814542587f9c4d08c5b1e135393193fed41a4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: bqDFSRAxohrCMZCjcx2IH15WAa3WwIcl
etag: W/"4ddeb59a55e7e39f08f346106eaa6cbf"
access-control-allow-methods: GET, HEAD
x-cache: RefreshHit from cloudfront
x-amz-cf-id: x4rhwIgs-_9k39vAfgj4zILGy2hakdymhQQn5AwwRCGXqe0fD9dp2w==
date: Fri, 15 Nov 2024 01:45:26 GMT
content-type: text/javascript; charset=utf-8
vary: accept-encoding
last-modified: Wed, 13 Nov 2024 20:52:12 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=120
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 reason-groups Show response
api.loopreturns.com/api/v1/10183/ 18 KB
19 KB 340ms
339ms XHR
application/json 44.232.100.92

General

Check archive.org

Show headers Download Go to

Full URL

https://api.loopreturns.com/api/v1/10183/reason-groups

Requested by

Host: d1nnh0c8uc313v.cloudfront.net
URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/vendor.ba2744df.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.232.100.92 Boardman, United States, ASN (),

Reverse DNS

ec2-44-232-100-92.us-west-2.compute.amazonaws.com

Software

/ PHP/8.3.12

Resource Hash

6912f5784295140cd9b8ad1644b09d906dc6fd1dbcc8a36680ce384bc16be328

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .loopreturns.com .myshopify.com 1da1f2-7c.myshopify.com
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

access-control-expose-headers: Version
x-content-type-options: nosniff, nosniff
date: Fri, 15 Nov 2024 01:45:25 GMT
content-type: application/json
vary: Origin
x-loop-request-id: af185093-1f4f-4db0-afe8-409aac4d618d
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubdomains
content-security-policy: frame-ancestors 'self' *.loopreturns.com *.myshopify.com 1da1f2-7c.myshopify.com
cache-control: no-cache, private
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
x-ratelimit-remaining: 298
access-control-allow-origin: https://shopify-hardware-store.loopreturns.com
x-xss-protection: 1; mode=block
x-ratelimit-limit: 300
x-powered-by: PHP/8.3.12
version: 0

GET
H2 200 shopify_logo_black.png
cdn.shopify.com/s/files/1/0224/0965/files/ 13 KB
14 KB 178ms
145ms Image
image/webp 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0224/0965/files/shopify_logo_black.png?v=1694628323

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

271c9ba4ee58251b27e3fb7663401601f22cb8289ad94d215fd56b61280bf356

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

x-request-id: ec156632-0814-443d-9ca6-5220ae50d5f4-1726806414
access-control-expose-headers: *
cf-cache-status: HIT
x-dc: gcp-us-central1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ExZt4hIM3qGKTLSHss0vMUVOhuTDWfpDNhAUcnE3k8M7i5qJCNgl%2B4WrOU7WjEhtI%2B1vo7jneNFTP5y6P%2BWftAZULYVEHrFpngGuLzyeBK%2B3xHvjw9sczB6R1XDGos1Zac7qfDCSQTi5ReebGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=218.460, imageryFetch;dur=112.076, imageryProcess;dur=105.489;desc="image", cfRequestDuration;dur=138.000011, ipv6
alt-svc: h3=":443"; ma=86400
date: Fri, 15 Nov 2024 01:45:25 GMT
source-type: image/png
content-type: image/webp
vary: Accept, Accept-Encoding
last-modified: Fri, 20 Sep 2024 04:26:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/s/files/1/0224/0965/files/shopify_logo_black.png>; rel="canonical"
source-length: 20887
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2b8fcbccb9699b-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13612
x-xss-protection: 1; mode=block
x-shopid: 2240965
server: cloudflare

GET
H2 200 close.svg
d1nnh0c8uc313v.cloudfront.net/customer-portal/img/icons/ 652 B
1 KB 13ms
13ms Image
image/svg+xml 2600:9000:2251:f000:5:931b:16c0:21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/img/icons/close.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:f000:5:931b:16c0:21 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91c4e52fb442a8db49f6288f4e0c59376f0f8c9675bc8e847154e576dd57944b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

x-amz-version-id: edamRcExm_qiAwfnlmaujx4yBRpHBf5z
etag: "765baec03ebf4eba6af7248b4b6e190d"
age: 773
x-cache: Hit from cloudfront
x-amz-cf-id: c0rfr71-DLcgjbI9aOIuVFculy_zBS3hctO--2z_92PqFX3WswU_aQ==
date: Fri, 15 Nov 2024 01:45:25 GMT
content-type: image/svg+xml
vary: accept-encoding, Origin
x-amz-expiration: expiry-date="Mon, 09 Dec 2024 00:00:00 GMT", rule-id="rule-1"
last-modified: Fri, 08 Nov 2024 22:35:19 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 652
x-amz-cf-pop: FRA60-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 34ms
9ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://shopify-hardware-store.loopreturns.com
Referer: https://fonts.googleapis.com/

Response headers

age: 258986
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 12 Nov 2025 01:48:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 01:48:59 GMT
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18668
x-xss-protection: 0
server: sffe

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 20ms
19ms Image
text/html 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-XHPC1ZBWV3&v=3&t=t&pid=54497258&cv=3&rv=4bc0&tc=17&tag_exp=101925629~102067554~102067808~102077855&es=1&e=gtag.config&eid=7&u=AgAAAAAIAAAAAACA&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 15 Nov 2024 01:45:25 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/23J8MEiBHfZJhx1lYDEqR9SPqaIV9vvR/ 736 B
1 KB 45ms
23ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/23J8MEiBHfZJhx1lYDEqR9SPqaIV9vvR/settings
Requested by: Host: d1nnh0c8uc313v.cloudfront.net
URL: https://d1nnh0c8uc313v.cloudfront.net/customer-portal/assets/vendor.ba2744df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a23b1360eb53294458b8eff1376f10e244594065ded6704022874fdb458187c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

access-control-max-age: 3000
x-amz-version-id: zgpiBEf8pv3Tky7DBsVJUip9QLRxQBeo
etag: "5be08b1c42d4cdebd6020145766f6377"
age: 8647
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: S-FWWlCInPYWU5SECucAlDfNxvS4dIr5iSy8YR7y-eWpSbLnx1QQlw==
date: Thu, 14 Nov 2024 23:22:06 GMT
content-type: application/json; charset=utf-8
vary: accept-encoding
last-modified: Wed, 13 Nov 2024 20:52:13 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=10800
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 736
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 9ms
7ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/23J8MEiBHfZJhx1lYDEqR9SPqaIV9vvR/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
x-amz-version-id: 7HrcoEDii4CJjqNCahwryaG4L.vk9kns
age: 4935474
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: QNjDrb6MdpsDNaUjSNoBsrwqmYEK9v9OASoIQZJUO52r1nbVF1fSlQ==
date: Wed, 18 Sep 2024 22:47:32 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Sep 2024 22:21:40 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 14ms
13ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/23J8MEiBHfZJhx1lYDEqR9SPqaIV9vvR/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shopify-hardware-store.loopreturns.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
x-amz-version-id: u16VcQlfwBtHRZyWZ3J5lA.kF3ts0Fc8
age: 5099635
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: wVlWBz4DXq632E4GaJRQVUy-OXX4pPZPhdcrAGZAbP7vvPKAX5N_2w==
date: Tue, 17 Sep 2024 01:11:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 16 Sep 2024 16:03:18 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame AE7B 0
0 13ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shopify-hardware-store.loopreturns.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3956
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 15 Nov 2024 01:45:27 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 328
x-content-type-options: nosniff
x-request-id: 606f3db9-7889-4450-8d6b-160ce90c8d59
x-served-by: cache-fra-etou8220123-FRA

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			shopify-hardware-store.loopreturns.com/	1970-01-21 01:00:36	Name: _dd_s Value: rum=0&expire=1731636023517

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .loopreturns.com .myshopify.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.loopreturns.com
cdn.segment.com
cdn.shopify.com
d1nnh0c8uc313v.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
shopify-hardware-store.loopreturns.com
www.googletagmanager.com
142.250.185.195
151.101.128.176
151.101.192.176
172.217.16.200
2600:9000:2251:f000:5:931b:16c0:21
2620:127:f00f:ff01::
2a00:1450:4001:806::2008
2a00:1450:4001:829::200a
44.227.24.204
44.232.100.92
99.86.8.175
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
16bcc59416a8f00a8433d700da3b9ecec8ab33ca5ee7eca22046dd447e4d7d2b
1e8b67d6e4b99fd84571acbbad0ca0dadd920bda00cc4313ef907eeefd94b8e5
271c9ba4ee58251b27e3fb7663401601f22cb8289ad94d215fd56b61280bf356
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
35018b86af7ecf7de77afa760339d8f5496965da89992e427ef787896a25840f
5085241ad664492de734b07c3875b02451cf8a035229e7336badf98a11380b2f
5780dcb011235f74ebd060a2e1d7e214e3bd12e13982bf4bd7fbe052d3d55f63
6912f5784295140cd9b8ad1644b09d906dc6fd1dbcc8a36680ce384bc16be328
7878de58d8266f8efd188e809083bbcea1a535c3b56f9ae822057a537b08cbb2
91c4e52fb442a8db49f6288f4e0c59376f0f8c9675bc8e847154e576dd57944b
a1411038fcad494fbb9bafda1826e7250b921ef4199dd4f5686a2cd32a07ea91
a23b1360eb53294458b8eff1376f10e244594065ded6704022874fdb458187c6
a3e8678b03b54af1546fd8b78677ae1a8d817f5e3393944dc33f36263aab17e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
eb297bab7a0d06c9945a92d757cfa4be3b0f70beb6d1fa295d2546049a45bad4
ed2167083091abdcad4f1b21f83814542587f9c4d08c5b1e135393193fed41a4

shopify-hardware-store.loopreturns.com Open in urlscan Pro 44.227.24.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

36 %IPv6

8 Domains

9 Subdomains

11 IPs

3 Countries

1113 kBTransfer

4497 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

shopify-hardware-store.loopreturns.com Open in urlscan Pro
44.227.24.204 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

36 %
IPv6

8
Domains

9
Subdomains

11
IPs

3
Countries

1113 kB
Transfer

4497 kB
Size

1
Cookies

25 HTTP transactions
0 data transactions