urlscan.io logo urlscan.io
SecurityTrails logo

returns-portal.com Open in urlscan Pro
104.19.241.93  Public Scan

Go To Rescan Add Verdict Report
URL: https://returns-portal.com/version-live/r/motelrocks
Submission: On February 04 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 4 countries across 17 domains to perform 105 HTTP transactions. The main IP is 104.19.241.93, located in and belongs to CLOUDFLARENET, US. The main domain is returns-portal.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 16th 2023. Valid for: a year.
This is the only time returns-portal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 104.19.241.93 13335 (CLOUDFLAR...)
10 104.16.137.79 13335 (CLOUDFLAR...)
2 2600:9000:223... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 151.101.64.176 54113 (FASTLY)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
7 104.16.224.78 13335 (CLOUDFLAR...)
2 2620:1ec:bdf::60 8075 (MICROSOFT...)
4 2600:9000:237... 16509 (AMAZON-02)
3 54.187.119.242 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
2 2600:9000:225... 16509 (AMAZON-02)
3 2606:4700:303... 13335 (CLOUDFLAR...)
22 2606:4700:10:... 13335 (CLOUDFLAR...)
8 2600:9000:219... 16509 (AMAZON-02)
3 40.76.174.66 8075 (MICROSOFT...)
2 44.235.225.243 16509 (AMAZON-02)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
105 24
16    104.19.241.93 (None, )

ASN13335 (CLOUDFLARENET, US)
returns-portal.com
10    104.16.137.79 (None, )

ASN13335 (CLOUDFLARENET, US)
dc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io
f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io
2    2600:9000:223d:9e00:1f:fceb:ff00:21 (United States)

ASN16509 (AMAZON-02, US)
d2tf8y1b8kxrzw.cloudfront.net
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    151.101.64.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
2    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    104.16.224.78 (None, )

ASN13335 (CLOUDFLARENET, US)
f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io
2    2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
4    2600:9000:237d:4800:2:49a2:4500:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets6.lottiefiles.com
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2600:9000:225b:7200:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
3    2606:4700:3036::6815:5464 (United States)

ASN13335 (CLOUDFLARENET, US)
surveyapp.vervaunt.com
22    2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
va.tawk.to
8    2600:9000:2190:5e00:1c:37e5:3f40:21 (United States)

ASN16509 (AMAZON-02, US)
d1muf25xaso8hp.cloudfront.net
3    40.76.174.66 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
d.clarity.ms
2    44.235.225.243 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-225-243.us-west-2.compute.amazonaws.com
m.stripe.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)
va.tawk.to
Apex Domain
Subdomains		 Transfer
23 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 9519
va.tawk.to — Cisco Umbrella Rank: 9238
211 KB
17 bubble.io
dc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io
f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io
623 KB
16 returns-portal.com
returns-portal.com
2 MB
10 cloudfront.net
d2tf8y1b8kxrzw.cloudfront.net
d1muf25xaso8hp.cloudfront.net
956 KB
8 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1227
q.stripe.com — Cisco Umbrella Rank: 7010
m.stripe.com — Cisco Umbrella Rank: 1188
168 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 747
d.clarity.ms — Cisco Umbrella Rank: 17595
c.clarity.ms — Cisco Umbrella Rank: 1351
28 KB
6 gstatic.com
fonts.gstatic.com
158 KB
4 lottiefiles.com
assets6.lottiefiles.com — Cisco Umbrella Rank: 248177
5 KB
3 vervaunt.com
surveyapp.vervaunt.com
4 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1315
16 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
310 B
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 867
97 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
60 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 247
764 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
92 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
4 KB
105 17
Domain Requested by
18 embed.tawk.to returns-portal.com
embed.tawk.to
16 returns-portal.com returns-portal.com
12 f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io returns-portal.com
f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io
8 d1muf25xaso8hp.cloudfront.net returns-portal.com
6 fonts.gstatic.com fonts.googleapis.com
5 va.tawk.to embed.tawk.to
5 dc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io returns-portal.com
4 assets6.lottiefiles.com unpkg.com
3 d.clarity.ms www.clarity.ms
3 surveyapp.vervaunt.com returns-portal.com
surveyapp.vervaunt.com
3 q.stripe.com returns-portal.com
3 js.stripe.com returns-portal.com
js.stripe.com
3 fonts.googleapis.com returns-portal.com
2 c.clarity.ms 1 redirects
2 m.stripe.com m.stripe.network
2 m.stripe.network js.stripe.com
m.stripe.network
2 region1.google-analytics.com www.googletagmanager.com
2 www.clarity.ms returns-portal.com
www.clarity.ms
2 unpkg.com 1 redirects returns-portal.com
2 cdn.jsdelivr.net returns-portal.com
embed.tawk.to
2 d2tf8y1b8kxrzw.cloudfront.net returns-portal.com
1 c.bing.com 1 redirects
1 www.googletagmanager.com returns-portal.com
1 cdnjs.cloudflare.com returns-portal.com
105 24

This site contains no links.

Subject Issuer Validity Valid
returns-portal.com
Cloudflare Inc ECC CA-3		 2023-08-16 -
2024-08-15		 a year crt.sh
bubble.io
Cloudflare Inc ECC CA-3		 2023-11-16 -
2024-11-15		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-01-02 -
2024-04-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.lottiefiles.com
Amazon RSA 2048 M01		 2023-08-25 -
2024-09-22		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-12-20 -
2024-03-21		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-22 -
2024-03-21		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://returns-portal.com/version-live/r/motelrocks
Frame ID: 67404E480A1ECD4D600BE08B71C8769A
Requests: 91 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 809B3D1F9DDB9978F67A6289FA0FB75B
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 3D5F234E5946423EDD2F00CD343FFE99
Requests: 5 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/min-widget.css
Frame ID: 7086C0585FE0D3E6C5F21B013675868C
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/message-preview.css
Frame ID: EE93D458086D99D2F5646A75FA987FED
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/max-widget.css
Frame ID: C266EE5E88D459253C3CDDD8E2B4B230
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Returns | MOTEL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

105
Requests

98 %
HTTPS

67 %
IPv6

17
Domains

24
Subdomains

24
IPs

4
Countries

4138 kB
Transfer

17649 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.3/dist/lottie-player.js
Request Chain 76
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1D4177A1FEB14FBFAED353AA6CFDCD43&RedC=c.clarity.ms&MXFR=0144F121907A64860A43E53A947A6A18 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1D4177A1FEB14FBFAED353AA6CFDCD43&MUID=236F50F01D1C6F60002944EB1C976E9F

105 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request motelrocks
returns-portal.com/version-live/r/ 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
86ad7ab2a7edb6929bb527b0954aafe9d7b78b067e94c414b06d23f4fd518e8c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
850422536ccb6524-LHR
content-encoding
br
content-type
text/html
date
Sun, 04 Feb 2024 16:01:45 GMT
referrer-policy
origin
server
cloudflare
vary
Accept-Encoding
x-bubble-capacity-limit
0 ms slower
x-bubble-capacity-used
0.408 unit-seconds used
x-bubble-perf
{"total":227.7,"percents":{"top":{"bubble_cpu":68.8,"block":31.2,"capacity_rl":0,"other_pause":0,"pre_fiber":0.2},"sub":{"pp_userdb":5.3,"pp_wait_userdb":0,"http_request":0,"serverjson":16.6,"appserver_cache_misses_time":0,"redis":40.2,"fiber_queue":1.1,"capacity_wait":0}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":0,"serverjson":144,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":58,"fiber_queue":49,"blocks":48},"misc":{"userdb_results":3,"userdb_data":105702,"spent_time":26500561}}
x-powered-by
Express
early.js
returns-portal.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returns-portal.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b

Request headers

Referer
https://returns-portal.com/
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:45 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":9.1,"percents":{"top":{"bubble_cpu":60.2,"block":30.7,"capacity_rl":0,"other_pause":0,"pre_fiber":5.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":6.5,"appserver_cache_misses_time":0,"redis":21.2,"fiber_queue":1.5,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":3,"fiber_queue":6,"blocks":5},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":819935}}
server
cloudflare
age
806168
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.013 unit-seconds used
timing-allow-origin
*
cf-ray
85042255b97e6524-LHR
x-bubble-capacity-limit
0 ms slower
run.css
returns-portal.com/package/run_css/dd793b151d633318d0e33300d1461c3eb90aac99595748efea48458ef2cb7107/swap-sub-2/live/r/xfalse/xfalse/ 		543 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://returns-portal.com/package/run_css/dd793b151d633318d0e33300d1461c3eb90aac99595748efea48458ef2cb7107/swap-sub-2/live/r/xfalse/xfalse/run.css
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ac7807af2d154885a8f09735a785ebcb6c88b14fa67063ade6aa537b686e983c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:45 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":1077.2,"percents":{"top":{"bubble_cpu":5.5,"block":94.3,"capacity_rl":0,"other_pause":0,"pre_fiber":0},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":1.5,"appserver_cache_misses_time":0,"redis":1,"fiber_queue":0.1,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":15,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":5,"fiber_queue":19,"blocks":18},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":8924917}}
age
181472
cf-polished
origSize=705709
x-powered-by
Express
x-bubble-capacity-used
0.137 unit-seconds used
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
85042255b97c6524-LHR
x-bubble-capacity-limit
0 ms slower
pre_run_jquery.js
returns-portal.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returns-portal.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

Referer
https://returns-portal.com/
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:45 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":16.1,"percents":{"top":{"bubble_cpu":71.9,"block":23.9,"capacity_rl":0,"other_pause":0,"pre_fiber":2.6},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":23,"appserver_cache_misses_time":0,"redis":17.5,"fiber_queue":0.9,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":5,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1740190}}
server
cloudflare
age
2105773
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.027 unit-seconds used
timing-allow-origin
*
cf-ray
85042255b97f6524-LHR
x-bubble-capacity-limit
0 ms slower
run.js
returns-portal.com/package/run_js/faa68df93d0373ea7b786fd3fe949932b7b1ca2d337ff9d92c623dab3a04d405/xfalse/x28/ 		3 MB
749 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returns-portal.com/package/run_js/faa68df93d0373ea7b786fd3fe949932b7b1ca2d337ff9d92c623dab3a04d405/xfalse/x28/run.js
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2303ed4ee7029c77d59b21c5bc81deec930d6254aadb54317c9e05b1daae7342

Request headers

Referer
https://returns-portal.com/
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:45 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":1499,"percents":{"top":{"bubble_cpu":1.8,"block":98.2,"capacity_rl":0,"other_pause":0,"pre_fiber":0},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0.4,"appserver_cache_misses_time":0,"redis":0.5,"fiber_queue":0,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":4010924}}
server
cloudflare
age
181480
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.062 unit-seconds used
timing-allow-origin
*
cf-ray
85042255b9806524-LHR
x-bubble-capacity-limit
0 ms slower
static.js
returns-portal.com/package/static_js/5471695ca87959472b06cbf9f93872dc031b7bfb4e5cc381eb35065b59edeb05/swap-sub-2/live/r/xnull/xfalse/xfalse/xfalse/ 		3 MB
353 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returns-portal.com/package/static_js/5471695ca87959472b06cbf9f93872dc031b7bfb4e5cc381eb35065b59edeb05/swap-sub-2/live/r/xnull/xfalse/xfalse/xfalse/static.js
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
35c7d350dedf7fddcad303d24704ee5b7b891a9ccc0fc19d8ddc747d7eb3c0b9

Request headers

Referer
https://returns-portal.com/
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:45 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":1214,"percents":{"top":{"bubble_cpu":11.8,"block":88.2,"capacity_rl":0,"other_pause":0,"pre_fiber":0},"sub":{"pp_userdb":0.1,"pp_wait_userdb":0,"http_request":0,"serverjson":3.6,"appserver_cache_misses_time":0,"redis":23.1,"fiber_queue":0.2,"capacity_wait":0}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":4,"derived_cache_memory_misses":4,"serverjson":20,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":120,"fiber_queue":83,"blocks":82},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":21439235}}
server
cloudflare
age
181478
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.33 unit-seconds used
timing-allow-origin
*
cf-ray
85042255b9826524-LHR
x-bubble-capacity-limit
0 ms slower
dynamic.js
returns-portal.com/package/dynamic_js/16c954f6d67b95462a9cf3691b2e023aa469a17e1b60bb30e68b49641921dc17/swap-sub-2/live/r/xnull/xfalse/xfalse/en_us/xfalse/xfalse/ 		6 MB
506 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://returns-portal.com/package/dynamic_js/16c954f6d67b95462a9cf3691b2e023aa469a17e1b60bb30e68b49641921dc17/swap-sub-2/live/r/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d8014a4e31b3fc6253c373e7d84ec661ed7825196fad429e4791aeb395acdc2c

Request headers

Referer
https://returns-portal.com/
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:45 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":1531,"percents":{"top":{"bubble_cpu":26,"block":74,"capacity_rl":0,"other_pause":0,"pre_fiber":0},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":21.6,"appserver_cache_misses_time":0,"redis":60.9,"fiber_queue":0.3,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":6,"derived_cache_memory_misses":6,"serverjson":222,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":274,"fiber_queue":123,"blocks":122},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":59729960}}
server
cloudflare
age
259596
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.919 unit-seconds used
timing-allow-origin
*
cf-ray
85042255b9836524-LHR
x-bubble-capacity-limit
0 ms slower
clipboard.min.js
dc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io/f1618227041113x740068462949819800/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io/f1618227041113x740068462949819800/clipboard.min.js
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:45 GMT
content-encoding
br
x-amz-version-id
FtdIjRneKqegeOl8FxopA45YbrIlmvEe
cf-cache-status
HIT
x-amz-request-id
WA89Q3RXWMZR6R3C
age
77317
x-amz-meta-app-version
live
x-amz-id-2
iCYZGaWfqp1h6pxPWA4Vh/973Bm/e/2Psirj35+BONs6uhRmzblglvzQO/bN8ksy4paHjKZeMEE=
x-amz-meta-appname
meta
last-modified
Mon, 12 Apr 2021 11:30:42 GMT
server
cloudflare
etag
W/"3f3688138a1b9fc4ef669ce9056b6674"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=86400
cf-ray
850422565b18418e-LHR
jquery.toast.min.css
d2tf8y1b8kxrzw.cloudfront.net/serve_files/airalert/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2tf8y1b8kxrzw.cloudfront.net/serve_files/airalert/jquery.toast.min.css
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:9e00:1f:fceb:ff00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a896b35367d958d102f97f4fd08b5cb0dd11a70cb8a0d8754b624aec866ed8d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 04 Feb 2024 03:53:43 GMT
via
1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
last-modified
Thu, 27 May 2021 13:04:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
43693
x-amz-server-side-encryption
AES256
etag
"be8a6c1b1899c2ce48fdfb2d46784d30"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
4508
x-amz-cf-id
WXtvYhavK_iopFzu7Kytp_CPk_NI--7vZcbAh-eKYMTV2cLA02ciMA==
jquery-xss.toast.min.js
d2tf8y1b8kxrzw.cloudfront.net/serve_files/airalert/ 		24 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2tf8y1b8kxrzw.cloudfront.net/serve_files/airalert/jquery-xss.toast.min.js
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:9e00:1f:fceb:ff00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f605bf0857e1a6b753a24f1a564aaf13568512749e6027484c802d5d6c895d60

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 04 Feb 2024 05:54:32 GMT
via
1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
last-modified
Thu, 27 May 2021 13:04:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
36446
x-amz-server-side-encryption
AES256
etag
"71f7c158e5fec1b3277f18ecab3d26c8"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
24946
x-amz-cf-id
g1mfgwU9gmKMvF1oYPTddyDioyLOjqAHFglFtUqEs06ge8ntAS93Jw==
download.js
dc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io/f1539208662229x803640740225091600/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io/f1539208662229x803640740225091600/download.js
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8de4b97c008222bca65e9b43e9587a1a74fb33a87b16057732c58937f8114c70

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:45 GMT
content-encoding
br
x-amz-version-id
Gux_ClAaE1wOdsDKqIin84Gw2SKjFZSQ
cf-cache-status
HIT
x-amz-request-id
FKKCEFQY5AGJPVZQ
age
7540830
x-amz-meta-app-version
live
x-amz-id-2
KCRza7UaSyvRv3cnxiD5D9oOlhE3hhwQeotU79YutNMrlqZlaoIrQymHDdlOdUEaUJWL5bWB+Mg=
x-amz-meta-appname
meta
last-modified
Wed, 10 Oct 2018 21:57:43 GMT
server
cloudflare
etag
W/"f11eccf77bd43d68d333948a5cb8495b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=290304000
cf-ray
850422565b17418e-LHR
feather-icons
cdn.jsdelivr.net/npm/ 		74 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/feather-icons
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7be0eda7f23a01e49cf4e3b976c3fbda22e825de7e5c328c05daecb774115cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
34443
x-jsd-version
4.29.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220026-FRA, cache-lcy-eglc8600073-LCY
x-jsd-version-type
version
server
cloudflare
etag
W/"128bd-vETgowVXve1Cx6MOMLceI45GnbI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtOc88DwMX1M%2BygYXuJb0Va8xVcw9mj6Nh7AoNnxb84WTJd%2BVP55aWd0sVSyq1EztUUgRToBVcstfpsl5L%2BcNQSZlPcNGIjLZb1Pn4DyzUmdtFBJL8YTjTbSf9c1yGIQCuRCqtHrmwNq%2BEflT3I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
850422564d0523c5-LHR
css2
fonts.googleapis.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?display=swap&
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
icon
fonts.googleapis.com/ 		569 B
593 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 04 Feb 2024 16:01:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 04 Feb 2024 16:01:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Feb 2024 16:01:45 GMT
mdui.css
dc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io/f1614335863390x384265155777840500/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io/f1614335863390x384265155777840500/mdui.css
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ebdbe7d524a146f58d55727eb6ae3a9cbb7530d1575a9095afbcae72df8f79

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:45 GMT
x-amz-version-id
VttRKfP0CITfHg8D8ZVOqlHPIW5pOj_h
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
TQW5YY6YM6GGQH7A
age
85942
cf-polished
origSize=28603
x-amz-meta-app-version
live
x-amz-id-2
9q7baPkBjch6uI5nTusB4PdUvSh6vyllHqx7rprmptSZKZwe2yPdU8pxCXI1kBrPvu8Vo/Sj1aE=
x-amz-meta-appname
meta
cf-bgj
minify
last-modified
Fri, 26 Feb 2021 10:37:44 GMT
server
cloudflare
etag
W/"7f99f049d7d21baf6557d28e3309131f"
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=86400
cf-ray
850422565b11418e-LHR
mdui.js
dc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io/f1638825589181x156823779810444160/ 		241 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io/f1638825589181x156823779810444160/mdui.js
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6af5ec754458d1d1a6fa4f91ae9289cae7365d193cdf977c51ed46c72d08287e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:46 GMT
x-amz-version-id
zbpYriVM3NgBc6zG31IFLXA.cduqmpr_
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
T6631Q1KQZ3HJ5BN
age
85942
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
live
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-id-2
ciAaBXvI8LtImzh2WuRkE/PxeYFBi9qwIXG9D/4LgTYcU28e/vnSqae6Ld/ttsqd2lXPLpaCUyU=
x-amz-meta-appname
meta
last-modified
Mon, 06 Dec 2021 21:19:50 GMT
server
cloudflare
etag
W/"47434477a911a3807b492a7d4058be7d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=86400
cf-ray
850422565b12418e-LHR
papaparse.min.js
dc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io/f1581785748644x612892952682557000/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io/f1581785748644x612892952682557000/papaparse.min.js
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f72f11fd865e234912dd0bc1ac1c136e4fdedc56065e77e341b19c16fc9e702

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:45 GMT
content-encoding
br
x-amz-version-id
2mbwMkU.hwlDUHfPk2QwtoxWkaSu9ZLV
cf-cache-status
HIT
x-amz-request-id
K75M6GFRTX4JWVB7
age
85942
x-amz-meta-app-version
live
x-amz-id-2
JGjvVQFDUa6uUdeJa+g5TxGZcX0z65VojOCabcJl0xW8kXr6SAcVFbTwQEmjY/aEQeD0r8Vv0/Y=
x-amz-meta-appname
meta
last-modified
Sat, 15 Feb 2020 16:55:49 GMT
server
cloudflare
etag
W/"e43eb0d9e559a4328936dca4f7b506db"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=86400
cf-ray
850422565b13418e-LHR
compressor.min.js
cdnjs.cloudflare.com/ajax/libs/compressorjs/1.0.6/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/compressorjs/1.0.6/compressor.min.js
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a7fd72723cf40c05b658217f97f070c460bfcb6a817baafecc919b5e541f1f3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://returns-portal.com/
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8171804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3217
last-modified
Mon, 25 May 2020 12:34:23 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ecbbb4f-20c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sU5DX1aqPvV64ykvwewMpHcbY8mRUQUNsn249zwfPLOqJGneRzeyqwxRIfMdXmjcoUBtIXVd4h6aCsoAMptzCDJDAexUXcYe7zNlLu4Okdmts47fs%2BAwkjntytsAvXIY%2FbUoL1iRKofjPUy2LeOAUKZJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
850422564ca97691-LHR
expires
Fri, 24 Jan 2025 16:01:45 GMT
/
js.stripe.com/v3/ 		587 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
466ae3288a2b125b1425bf26ebeb027b06e5fb7f710a9dc989aecf5d6a6b36db
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 04 Feb 2024 16:01:46 GMT
via
1.1 varnish
age
42
x-cache
HIT
content-length
166610
x-request-id
763ccc75-bdb6-416d-b7b0-c397399732d2
x-served-by
cache-fra-etou8220037-FRA
last-modified
Fri, 02 Feb 2024 21:38:39 GMT
server
Fastly
etag
"f1ae5b8d9ed757397eb18b9b308d5912"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6
lottie-player.js
unpkg.com/@lottiefiles/lottie-player@2.0.3/dist/
Redirect Chain
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.3/dist/lottie-player.js
371 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@lottiefiles/lottie-player@2.0.3/dist/lottie-player.js
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b268d8d7e58b5df0bbd18aecb0add2e65801fa45c99e8afbcf1189e6c6c9723f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:46 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1138102
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HMRG8XHKAG397RFEVAQRZJWQ-lhr
server
cloudflare
etag
W/"5cd3c-gZ8PpSKSbn5Y5KicLgsVGpNROk4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
85042256b81123b7-LHR

Redirect headers

date
Sun, 04 Feb 2024 16:01:45 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HNTDHZAHVJ3WWTN5RJV2VM7T-lhr
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@lottiefiles/lottie-player@2.0.3/dist/lottie-player.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
850422564f6e23b7-LHR
js
www.googletagmanager.com/gtag/ 		277 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XWR7LX7S16
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
24fd9bd824ddbd3b18627e6ce950df79dfd3307328d540ad457cccaf2de531f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93942
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Feb 2024 16:01:46 GMT
css
fonts.googleapis.com/ 		31 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter:300%7CInter:regular%7CInter:500%7CInter:600%7CInter:700%7CInter:800%7CInter:900%7CLato:regular%7CLato%7CLato:900%7CLato:700%7CMulish:regular%7CMulish:500%7CMulish:600%7CMulish:600italic%7CMulish:700%7CMulish:800%7CMulish:900%7CRoboto:300
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
68e64be03d07ca3e8b4bf5432dbc9ca78b2405de2aa0236e1a86a43338ca77f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 04 Feb 2024 16:01:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 04 Feb 2024 16:01:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Feb 2024 16:01:46 GMT
Font%20Items.css
f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701885299013x331210439334388700/ 		161 B
373 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701885299013x331210439334388700/Font%20Items.css
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72eeb0a6d842a5a31a34fb1d912adb19a4d88216d6bc6a93306d18c7a16a1d25

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:46 GMT
x-amz-version-id
EuKHRaXf7d7xxs6jmnMKZdhaEjD3jQOj
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
D135MGAKPBH31691
age
24654
cf-polished
origSize=180
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
92n
x-amz-id-2
R+s+7h+WVnuYIY450XXBmOZMt2hcqV8Y6Io7X6z2VbulsaFaDostVIdsBX68161kWZPK3LyEws8=
x-amz-meta-appname
getswap
cf-bgj
minify
last-modified
Wed, 06 Dec 2023 17:55:00 GMT
server
cloudflare
etag
W/"38504d3518387862b9051f4ca3fa7bf8"
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=86400
cf-ray
85042256ab91418e-LHR
mabry.css
f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1692624027884x874570616089247500/ 		538 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1692624027884x874570616089247500/mabry.css
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e67cfdf3f17d7651c3bb9fa68d5a754f3c586151eecf8f1df75257f860fbe536

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:46 GMT
x-amz-version-id
2m12v22q9vGOgjb2ldCAL4xAtUCHJ0NJ
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
XV98338Z88MS21MH
age
22657
cf-polished
origSize=644
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
490t
x-amz-id-2
OOrZTIxVNpvwHS5COoPdE/5X/K7z7L+3uhzZX6cM8siVb0s76nPv3wwNGZdiXUc9+VCIeHZYgYg=
x-amz-meta-appname
getswap
cf-bgj
minify
last-modified
Mon, 21 Aug 2023 13:20:29 GMT
server
cloudflare
etag
W/"c07eb370a35ca8f91e4394ec684d4159"
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=86400
cf-ray
85042256ab8f418e-LHR
ABC%20Diatype%20Bold.css
f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701893656160x129818577812149660/ 		163 B
381 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701893656160x129818577812149660/ABC%20Diatype%20Bold.css
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50901029f5dea648828e170e42af3b23ea33d2c1196c705690aa4638ca5c7e30

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:46 GMT
x-amz-version-id
CCDL0hYySJ.nuXurM29cWCDWXM6hw5UL
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
WKHX8EH5HD1HMMFB
age
25863
cf-polished
origSize=182
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
92n
x-amz-id-2
YPs+iTbkm52VcXg5ptFB3XUBHl8hO9jcRhnIq3r8jbebhpgKlTHg25TU8B/zCmVpo2y3RWvGKjY=
x-amz-meta-appname
getswap
cf-bgj
minify
last-modified
Wed, 06 Dec 2023 20:14:17 GMT
server
cloudflare
etag
W/"436b2db5ac668b20071dfaf0e06bac29"
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=86400
cf-ray
850422569b8c418e-LHR
ABC%20Diatype%20Medium.css
f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701893779350x226195193436753660/ 		167 B
374 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701893779350x226195193436753660/ABC%20Diatype%20Medium.css
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
479f6b47530390fb97838b0646ba6a9344f534d8e43c64551d6a4a7fa9040a51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:46 GMT
x-amz-version-id
OGRs4rpzo9NeSt7GgjgIT8DJggfdIQxo
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
1KF7E603G6EHQ8DM
age
39316
cf-polished
origSize=186
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
92n
x-amz-id-2
2jl+Hl6TDwy0ZhS+a+IkcwYwYHKUSmDOfcBASyOPsiOH55nLBdzUFSl5wfm86oIEOv+nUfeqRyQ=
x-amz-meta-appname
getswap
cf-bgj
minify
last-modified
Wed, 06 Dec 2023 20:16:20 GMT
server
cloudflare
etag
W/"40019474bb84277e5096f8f26cee16c8"
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=86400
cf-ray
85042256ab94418e-LHR
ABC%20Diatype%20Regular.css
f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701893895465x492547573499282300/ 		169 B
444 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701893895465x492547573499282300/ABC%20Diatype%20Regular.css?_gl=1*86wk7u*_gcl_au*MTYxOTQzNDMyMC4xNzAwNTc3NTQ2*_ga*MTc3MTMzMjQzMC4xNzAwNTc3NTQ2*_ga_BFPVR2DEE2*MTcwMTg2OTA4MC4xMi4xLjE3MDE4OTM4NDcuNi4wLjA.
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a347097a132cdbf380c030e87636122724ab40554425df2bbd0245522f0d5ab9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:46 GMT
x-amz-version-id
Ayb2do.iO9nj45krRLB22.Gv1MfC9eNU
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
D1346MRQ2QWR98VY
age
25863
cf-polished
origSize=188
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
92n
x-amz-id-2
Do5kUZClntE7Xn8DpND6DCLgQLAcyIoC9n4M/VCbUE9IOU6jdO+yM3EflE6EI3xtrL8YaAYZB/s=
x-amz-meta-appname
getswap
cf-bgj
minify
last-modified
Wed, 06 Dec 2023 20:18:16 GMT
server
cloudflare
etag
W/"092d4434985fb5bc1b3315b84390f453"
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=86400
cf-ray
850422569b8b418e-LHR
data
returns-portal.com/version-live/api/1.1/init/ 		7 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://returns-portal.com/version-live/api/1.1/init/data?location=https%3A%2F%2Freturns-portal.com%2Fversion-live%2Fr%2Fmotelrocks
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
eec0a8df56cf3bd913fba5ce0cfe568a54ad5bb8175052b839feb5e46d8c1646

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:46 GMT
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":19,"percents":{"top":{"bubble_cpu":27.8,"block":46.3,"capacity_rl":0,"other_pause":0,"pre_fiber":2},"sub":{"pp_userdb":26.4,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":17.7,"fiber_queue":0.9,"capacity_wait":0}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":6,"blocks":5},"misc":{"userdb_results":2,"userdb_data":105698,"spent_time":2791064}}
server
cloudflare
x-powered-by
Express
x-bubble-capacity-used
0.043 unit-seconds used
cf-ray
850422568b046524-LHR
x-bubble-capacity-limit
0 ms slower
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:300%7CInter:regular%7CInter:500%7CInter:600%7CInter:700%7CInter:800%7CInter:900%7CLato:regular%7CLato%7CLato:900%7CLato:700%7CMulish:regular%7CMulish:500%7CMulish:600%7CMulish:600italic%7CMulish:700%7CMulish:800%7CMulish:900%7CRoboto:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 13:25:15 GMT
x-content-type-options
nosniff
age
441391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 13:25:15 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:300%7CInter:regular%7CInter:500%7CInter:600%7CInter:700%7CInter:800%7CInter:900%7CLato:regular%7CLato%7CLato:900%7CLato:700%7CMulish:regular%7CMulish:500%7CMulish:600%7CMulish:600italic%7CMulish:700%7CMulish:800%7CMulish:900%7CRoboto:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 22:07:30 GMT
x-content-type-options
nosniff
age
496456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 22:07:30 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:300%7CInter:regular%7CInter:500%7CInter:600%7CInter:700%7CInter:800%7CInter:900%7CLato:regular%7CLato%7CLato:900%7CLato:700%7CMulish:regular%7CMulish:500%7CMulish:600%7CMulish:600italic%7CMulish:700%7CMulish:800%7CMulish:900%7CRoboto:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 00:59:34 GMT
x-content-type-options
nosniff
age
486132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 00:59:34 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:300%7CInter:regular%7CInter:500%7CInter:600%7CInter:700%7CInter:800%7CInter:900%7CLato:regular%7CLato%7CLato:900%7CLato:700%7CMulish:regular%7CMulish:500%7CMulish:600%7CMulish:600italic%7CMulish:700%7CMulish:800%7CMulish:900%7CRoboto:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:48:23 GMT
x-content-type-options
nosniff
age
422003
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:48:23 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:300%7CInter:regular%7CInter:500%7CInter:600%7CInter:700%7CInter:800%7CInter:900%7CLato:regular%7CLato%7CLato:900%7CLato:700%7CMulish:regular%7CMulish:500%7CMulish:600%7CMulish:600italic%7CMulish:700%7CMulish:800%7CMulish:900%7CRoboto:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:58:29 GMT
x-content-type-options
nosniff
age
421397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30096
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:18:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:58:29 GMT
1Ptwg83HX_SGhgqk2hAjQlW_mEuZ0FsS9-SfGZQ6.woff2
fonts.gstatic.com/s/mulish/v13/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v13/1Ptwg83HX_SGhgqk2hAjQlW_mEuZ0FsS9-SfGZQ6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:300%7CInter:regular%7CInter:500%7CInter:600%7CInter:700%7CInter:800%7CInter:900%7CLato:regular%7CLato%7CLato:900%7CLato:700%7CMulish:regular%7CMulish:500%7CMulish:600%7CMulish:600italic%7CMulish:700%7CMulish:800%7CMulish:900%7CRoboto:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7374cc188cd8874d6a9e1f42b9667c597ccbfc61d7f78436bef920bcafa2d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:56:21 GMT
x-content-type-options
nosniff
age
421525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14548
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:31:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:56:21 GMT
ABCDiatype-Bold.ttf
f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701893592828x115007251764049250/ 		114 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701893592828x115007251764049250/ABCDiatype-Bold.ttf
Requested by
Host: f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io
URL: https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701893656160x129818577812149660/ABC%20Diatype%20Bold.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4ab0f9b4c04f4d2e5b906bef5129dfc193022c1662b5dba60a6e5168d74e60

Request headers

Referer
https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701893656160x129818577812149660/ABC%20Diatype%20Bold.css
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:46 GMT
x-amz-version-id
XNi7qb8iOsEPubTP3WyPYPZaMqZPiN2r
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
J71SZ8ZHRMMK53FW
age
56815
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
92n
x-amz-id-2
83xHoB7SYjoEWODY+W480j3hya2dJZlNuMmi4oc+43ASgZn4S9vcrO6HAx5B3pap4s+Rhw0yahc=
x-amz-meta-appname
getswap
last-modified
Wed, 06 Dec 2023 20:13:14 GMT
server
cloudflare
etag
W/"bcd1330a70d563dc9887cca24ece49e7"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-type
font/ttf
cache-control
public,max-age=86400
cf-ray
85042257abb27309-LHR
mabry-bold-pro.ttf
f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1692623151800x580374378392964900/ 		187 KB
85 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1692623151800x580374378392964900/mabry-bold-pro.ttf
Requested by
Host: f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io
URL: https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1692624027884x874570616089247500/mabry.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6029de176821c4be61103b153457408a221616f2fe258cb3736430552516ff0

Request headers

Referer
https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1692624027884x874570616089247500/mabry.css
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:46 GMT
x-amz-version-id
MGiCqtWbyqIESdwXlp2_xnYNUn2aX0KX
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
5Y897ZFR9W9V8XGG
age
78986
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
490t
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-id-2
87gWmHAcRlb9TxuuWrTWWvn4FiKWRx1k5+Uq+79JczfcV1m/7EjAsfiulY3RI2/MWAaDBzN4y1Y=
x-amz-meta-appname
getswap
last-modified
Mon, 21 Aug 2023 13:05:53 GMT
server
cloudflare
etag
W/"9ec9fdece1889fb70262ede39b8fbc8a"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-type
font/ttf
cache-control
public,max-age=86400
cf-ray
85042257abb97309-LHR
mabry-medium-pro.ttf
f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1692623263096x981332206443887600/ 		186 KB
83 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1692623263096x981332206443887600/mabry-medium-pro.ttf
Requested by
Host: f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io
URL: https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1692624027884x874570616089247500/mabry.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52dc1a9e096f87c9eb53f5f78d24aeadcac83cf7ecc14f6098bae2e56f8c08e1

Request headers

Referer
https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1692624027884x874570616089247500/mabry.css
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:46 GMT
x-amz-version-id
M6ECg77Wj9_hErAyRYN04N84O58_eJFn
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
3E446D2HGSHZ31A9
age
78986
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
490t
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-id-2
LXZVAkgM4oUhKjFwVGqkqUpl5eLoxADK5jKt6HrzQ5z4vYs2Fy8pb0SWElTWxh/hhZ/Y7psJusY=
x-amz-meta-appname
getswap
last-modified
Mon, 21 Aug 2023 13:07:44 GMT
server
cloudflare
etag
W/"5444af9db1a6a1fc854f7049a765dd3d"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-type
font/ttf
cache-control
public,max-age=86400
cf-ray
85042257abbb7309-LHR
mabry-regular-pro.ttf
f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1692616493156x196537130805296320/ 		187 KB
85 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1692616493156x196537130805296320/mabry-regular-pro.ttf
Requested by
Host: f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io
URL: https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1692624027884x874570616089247500/mabry.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
370aa036315e948fb51c378ae79457afaa85120f65158e0abade21ab8ecd37a1

Request headers

Referer
https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1692624027884x874570616089247500/mabry.css
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:46 GMT
x-amz-version-id
Q_Aoy_dnV_4eYHEZ_rZifQSDJNQkuh6Q
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
3E42N84GTRG6CH43
age
78986
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
490t
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-id-2
P16PKRltG9HdC6BcLQtFpOpf7mnpjZbxjFnpEzU1rP/EGOUB8sZV63VFEje2cFcwrUA864lIgmo=
x-amz-meta-appname
getswap
last-modified
Mon, 21 Aug 2023 11:14:54 GMT
server
cloudflare
etag
W/"a400081a1cbc1e4e1126a57f8aa94ea1"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-type
font/ttf
cache-control
public,max-age=86400
cf-ray
85042257abb77309-LHR
ABCDiatype-Medium.ttf
f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701893730265x348915461387802700/ 		117 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701893730265x348915461387802700/ABCDiatype-Medium.ttf
Requested by
Host: f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io
URL: https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701893779350x226195193436753660/ABC%20Diatype%20Medium.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad293b176ac4a3d9ef6bf23aec7af951291037efe5cbf64676221149419138b2

Request headers

Referer
https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701893779350x226195193436753660/ABC%20Diatype%20Medium.css
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:46 GMT
x-amz-version-id
mXK5Ve0TSCopSjTC4PB3rCtc7tXUTF.d
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
MH5P39WFPQ9QN51W
age
84506
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
92n
x-amz-id-2
pWYAck7pgw4X5xNpqFkZRnrlqzLpviGJY5GGo3Ob6/KA7nC7v/vMeBVGyUVEBsVG6srSq2RE12I=
x-amz-meta-appname
getswap
last-modified
Wed, 06 Dec 2023 20:15:31 GMT
server
cloudflare
etag
W/"dec7e5be6535d8b5dac69b3ad9748c79"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-type
font/ttf
cache-control
public,max-age=86400
cf-ray
85042257abb67309-LHR
ABCDiatype-Regular.ttf
f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701893856942x502537070108528600/ 		106 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701893856942x502537070108528600/ABCDiatype-Regular.ttf
Requested by
Host: f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io
URL: https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701893895465x492547573499282300/ABC%20Diatype%20Regular.css?_gl=1*86wk7u*_gcl_au*MTYxOTQzNDMyMC4xNzAwNTc3NTQ2*_ga*MTc3MTMzMjQzMC4xNzAwNTc3NTQ2*_ga_BFPVR2DEE2*MTcwMTg2OTA4MC4xMi4xLjE3MDE4OTM4NDcuNi4wLjA.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
613b31836eee1d9190d8e9619170d94fcbae239d0c397cd8fa6cd25d994bada7

Request headers

Referer
https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701893895465x492547573499282300/ABC%20Diatype%20Regular.css?_gl=1*86wk7u*_gcl_au*MTYxOTQzNDMyMC4xNzAwNTc3NTQ2*_ga*MTc3MTMzMjQzMC4xNzAwNTc3NTQ2*_ga_BFPVR2DEE2*MTcwMTg2OTA4MC4xMi4xLjE3MDE4OTM4NDcuNi4wLjA.
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:46 GMT
x-amz-version-id
YQkyuXpp3uY3lXE6pzoOhVMiSB1GP.rO
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
MH5PR3RNQQQCGY5P
age
84506
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
92n
x-amz-id-2
DkkMfzQhhpZgGFq7hgX/5dbWpKOadhqgB3XizRAvg2wKDuOl9/YJgoKlYltB+ajEbTYcuY8fHRY=
x-amz-meta-appname
getswap
last-modified
Wed, 06 Dec 2023 20:17:38 GMT
server
cloudflare
etag
W/"1df78741d7f4dd0d21921181c529fd03"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-type
font/ttf
cache-control
public,max-age=86400
cf-ray
85042257abb57309-LHR
Items-Light%20copy.ttf
f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701885148136x245783001621094240/ 		153 KB
83 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701885148136x245783001621094240/Items-Light%20copy.ttf
Requested by
Host: f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io
URL: https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701885299013x331210439334388700/Font%20Items.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea996c210fab2c42d98ddc3f66933ec339e8b58469325f65097a25f3572469fe

Request headers

Referer
https://f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io/d185/f1701885299013x331210439334388700/Font%20Items.css
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:46 GMT
x-amz-version-id
XG.BpYeFx1PvZFQWoQiCHnRMAn7lrzee
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
J71P7FBHNBVF63EM
age
56815
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
92n
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-id-2
phG2zhqJXXcQvHRJJ6kv99Sn50DoPioMKwp+jzpDiie7u55bVKX+n7Ez36IDL70YBlI9VMQfcF0=
x-amz-meta-appname
getswap
last-modified
Wed, 06 Dec 2023 17:52:29 GMT
server
cloudflare
etag
W/"148df5b9a6ea1c0ca6f547899ba6c22e"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-type
font/ttf
cache-control
public,max-age=86400
cf-ray
85042257abb47309-LHR
he33ccwi91
www.clarity.ms/tag/ 		650 B
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/he33ccwi91
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f5b5197ffb90b53ceaf1b4a1b0ccdd5e48e14d87c8176220eacf328ab609fe5e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires
-1
date
Sun, 04 Feb 2024 16:01:46 GMT
x-azure-ref
20240204T160146Z-e4zw9ds8ed0357kuzrq1wzrhns00000003a000000000q3fc
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/gif
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 809B 		200 B
817 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://returns-portal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
486226
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 04 Feb 2024 16:01:46 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
144262
x-content-type-options
nosniff
x-request-id
edaca2a3-68b1-46ec-a998-a33233a1e834
x-served-by
cache-fra-etou8220037-FRA
style.css
returns-portal.com/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://returns-portal.com/css/style.css
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:46 GMT
content-encoding
br
referrer-policy
origin
cf-cache-status
MISS
x-bubble-perf
{"total":62.1,"percents":{"top":{"bubble_cpu":69.6,"block":26.3,"capacity_rl":0,"other_pause":0,"pre_fiber":1.2},"sub":{"pp_userdb":1.6,"pp_wait_userdb":0,"http_request":0,"serverjson":23.3,"appserver_cache_misses_time":0,"redis":206.3,"fiber_queue":0.8,"capacity_wait":0}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":21,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":45,"fiber_queue":20,"blocks":19},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":6483053}}
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html
cache-control
no-store
x-bubble-capacity-used
0.1 unit-seconds used
cf-ray
8504225bbc9b6524-LHR
x-bubble-capacity-limit
0 ms slower
lf20_l9bcfk19.json
assets6.lottiefiles.com/packages/ 		7 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets6.lottiefiles.com/packages/lf20_l9bcfk19.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:4800:2:49a2:4500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bc1293fa256832a900930b9b7aeaaa9d6c51115d9f48d9d66ccf3a31eea80dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
5vWie1fewNjwiYD_QIOZdPEua7d5zUbK
content-encoding
br
via
1.1 beaace02cc7004781239800a1c484ca0.cloudfront.net (CloudFront)
date
Sun, 04 Feb 2024 16:01:48 GMT
x-amz-cf-pop
MUC50-P2
x-cache
Hit from cloudfront
last-modified
Fri, 18 Mar 2022 06:01:31 GMT
server
AmazonS3
etag
W/"601836265c586ea62ae0d23932c6a22f"
access-control-max-age
1800
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=315360000
vary
Accept-Encoding,Origin
x-amz-cf-id
kbzNJdW9WTW5PYb4anurf5L6zbhs9jB2saHFQ714H56DzQ17b32nnQ==
lf20_l9bcfk19.json
assets6.lottiefiles.com/packages/ 		7 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets6.lottiefiles.com/packages/lf20_l9bcfk19.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:4800:2:49a2:4500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bc1293fa256832a900930b9b7aeaaa9d6c51115d9f48d9d66ccf3a31eea80dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
5vWie1fewNjwiYD_QIOZdPEua7d5zUbK
content-encoding
br
via
1.1 beaace02cc7004781239800a1c484ca0.cloudfront.net (CloudFront)
date
Sun, 04 Feb 2024 16:01:48 GMT
x-amz-cf-pop
MUC50-P2
x-cache
RefreshHit from cloudfront
last-modified
Fri, 18 Mar 2022 06:01:31 GMT
server
AmazonS3
etag
W/"601836265c586ea62ae0d23932c6a22f"
access-control-max-age
1800
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=315360000
vary
Accept-Encoding,Origin
x-amz-cf-id
JAvn4ae1UM61h9bxVyMBm5rhrWmkMaLmz_oT9Ts4sBrtNW2JtBtlow==
lf20_l9bcfk19.json
assets6.lottiefiles.com/packages/ 		7 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets6.lottiefiles.com/packages/lf20_l9bcfk19.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:4800:2:49a2:4500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bc1293fa256832a900930b9b7aeaaa9d6c51115d9f48d9d66ccf3a31eea80dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
5vWie1fewNjwiYD_QIOZdPEua7d5zUbK
content-encoding
br
via
1.1 beaace02cc7004781239800a1c484ca0.cloudfront.net (CloudFront)
date
Sun, 04 Feb 2024 16:01:48 GMT
x-amz-cf-pop
MUC50-P2
x-cache
Hit from cloudfront
last-modified
Fri, 18 Mar 2022 06:01:31 GMT
server
AmazonS3
etag
W/"601836265c586ea62ae0d23932c6a22f"
access-control-max-age
1800
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=315360000
vary
Accept-Encoding,Origin
x-amz-cf-id
GOTO_RRuOmRQLLCAgm4o7DdEIh-KKzo-tI6ejai-00cX6M5R35VqoA==
lf20_l9bcfk19.json
assets6.lottiefiles.com/packages/ 		7 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets6.lottiefiles.com/packages/lf20_l9bcfk19.json
Requested by
Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:4800:2:49a2:4500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bc1293fa256832a900930b9b7aeaaa9d6c51115d9f48d9d66ccf3a31eea80dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
5vWie1fewNjwiYD_QIOZdPEua7d5zUbK
content-encoding
br
via
1.1 beaace02cc7004781239800a1c484ca0.cloudfront.net (CloudFront)
date
Sun, 04 Feb 2024 16:01:48 GMT
x-amz-cf-pop
MUC50-P2
x-cache
Hit from cloudfront
last-modified
Fri, 18 Mar 2022 06:01:31 GMT
server
AmazonS3
etag
W/"601836265c586ea62ae0d23932c6a22f"
access-control-max-age
1800
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=315360000
vary
Accept-Encoding,Origin
x-amz-cf-id
shmKz8c2vM08BWV31Ldw1De_BNBq9hCUJ5fZWQQgukG-z8ptFx-sFw==
hi
returns-portal.com/version-live/user/ 		27 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://returns-portal.com/version-live/user/hi
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ea9676fc4357dabead88b8b1cffd1dc366de4f36cd0697e9ca4528dc91a35056

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1707062506675x258789834443857500
X-Bubble-Fiber-ID
1707062506872x746802260541198000
X-Bubble-PL
1707062505603x183
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://returns-portal.com/version-live/r/motelrocks
cache-control
no-cache
Referer
https://returns-portal.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 04 Feb 2024 16:01:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":6.6,"percents":{"top":{"bubble_cpu":30.3,"block":20.6,"capacity_rl":0,"other_pause":0,"pre_fiber":38.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":20.8,"fiber_queue":1,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":2,"fiber_queue":3,"blocks":2},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":301907}}
server
cloudflare
x-powered-by
Express
x-bubble-request-took
6
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.005 unit-seconds used
cf-ray
8504225c1d416524-LHR
x-bubble-capacity-limit
0 ms slower
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 809B 		526 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 04 Feb 2024 16:01:46 GMT
via
1.1 varnish
age
5140412
x-cache
HIT
content-length
315
x-request-id
1e20d008-6d88-4dae-9fdb-c473862ff2c9
x-served-by
cache-fra-etou8220037-FRA
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Fastly
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
139595
msearch
returns-portal.com/version-live/elasticsearch/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://returns-portal.com/version-live/elasticsearch/msearch
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
09436e6494b48ac1fbfe981161773220dad9db869b3903725be6bdf1e08cffb8

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1707062506675x258789834443857500
X-Bubble-Fiber-ID
1707062506902x270066746915687870
X-Bubble-PL
1707062505603x183
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://returns-portal.com/version-live/r/motelrocks
cache-control
no-cache
Referer
https://returns-portal.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 04 Feb 2024 16:01:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":21.6,"percents":{"top":{"bubble_cpu":48.8,"block":47.8,"capacity_rl":0,"other_pause":0,"pre_fiber":2.7},"sub":{"pp_userdb":23.2,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":16.7,"fiber_queue":0.8,"capacity_wait":0}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":2,"userdb_data":105698,"spent_time":3577856}}
server
cloudflare
x-powered-by
Express
x-bubble-request-took
22
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.055 unit-seconds used
cf-ray
8504225c4d846524-LHR
x-bubble-capacity-limit
0 ms slower
csp-report
q.stripe.com/ Frame 809B 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 04 Feb 2024 16:01:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707062507462692
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1707062507462230
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 809B 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 04 Feb 2024 16:01:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707062507462668
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1707062507462261
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XWR7LX7S16&gtm=45je41v0v9120882515za200&_p=1707062506650&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=1288301490.1707062507&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707062506&sct=1&seg=0&dl=https%3A%2F%2Freturns-portal.com%2Fversion-live%2Fr%2Fmotelrocks&dt=Returns%20%7C%20MOTEL&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=681
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XWR7LX7S16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 16:01:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://returns-portal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/he33ccwi91
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:46 GMT
content-encoding
br
last-modified
Wed, 24 Jan 2024 14:33:55 GMT
etag
W/"0x8DC1CE97EB406F9"
vary
Accept-Encoding
x-azure-ref
20240204T160146Z-e4zw9ds8ed0357kuzrq1wzrhns00000003a000000000q3fq
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
53bd29fa-901e-0009-7069-576b08000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
inner.html
m.stripe.network/ Frame 3D5F 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:7200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
199
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 04 Feb 2024 15:58:29 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 6ef87569c26a159f552948d3c30a2be0.cloudfront.net (CloudFront)
x-amz-cf-id
nmQKFNRhFoIJreZXVoHfnbpusfZkeBNrQKTQV7Tj1PzJU05aUpjGjA==
x-amz-cf-pop
MUC50-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
census-embedded.js
surveyapp.vervaunt.com/js/app/script/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://surveyapp.vervaunt.com/js/app/script/census-embedded.js?shop=motelrocks-com.myshopify.com&customerId=&orderId=
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:5464 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e6bd2c90f7fcdc815bb0f0c0c0b43f2b42badf841a5e32b80b4a42b8788aff5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 09:27:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3021
etag
W/"655dc968-2dad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afyHTGG959dqJcb3JVNvyy5ggKahXdENPIdFHAlmYky7ZZcP6B8bwKYUHdBj8E%2FbFhvyw35XDEQZTSATJ8Ja8cPVuSm5aaa%2FrLMXV21hNlmDU9vCGVpAm2JhRcWmm5xPe%2F9wcs8uPaZTlbCcwH1L5Kt4Vu5f"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
8504225df9236519-LHR
alt-svc
h3=":443"; ma=86400
1g13t589i
embed.tawk.to/626035eb7b967b11798ba8a0/ 		2 KB
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/626035eb7b967b11798ba8a0/1g13t589i
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8293fc12597115421f8128a3996a5c7a74163f8f56f7935e6b5bda1f777e9356
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://returns-portal.com/
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:47 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
server
cloudflare
etag
W/"stable-v4-65839862293"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
cf-ray
8504225dfef363f3-LHR
alt-svc
h3=":443"; ma=86400
mget
returns-portal.com/version-live/elasticsearch/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://returns-portal.com/version-live/elasticsearch/mget
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0caffb87568edea778b622ecf07438aa99e4708ecc8672fb9c8a6357c542ed5c

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1707062506675x258789834443857500
X-Bubble-Fiber-ID
1707062507092x849091222994640100
X-Bubble-PL
1707062505603x183
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
cache-control
no-cache
Referer
https://returns-portal.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 04 Feb 2024 16:01:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":15.9,"percents":{"top":{"bubble_cpu":44,"block":51.7,"capacity_rl":0,"other_pause":0,"pre_fiber":4.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":63.5,"fiber_queue":1.2,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1051252}}
server
cloudflare
x-powered-by
Express
x-bubble-request-took
16
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.016 unit-seconds used
cf-ray
8504225d7fa76524-LHR
x-bubble-capacity-limit
0 ms slower
https%3A%2F%2Fdc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io%2Fd185%2Ff1695387481986x900476664480491400%2F3%2520%25281%2529.jpeg
d1muf25xaso8hp.cloudfront.net/ 		296 KB
297 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fdc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io%2Fd185%2Ff1695387481986x900476664480491400%2F3%2520%25281%2529.jpeg?w=2048&h=1536&auto=compress&fit=crop&dpr=1
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:5e00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
5b09edb82962a512259d9730f29b2a7f307052593fdc89405a342efcabaf354c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:48 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
ZRH50-C1
age
0
x-cache
Miss from cloudfront
x-imgix-id
a56f83404613ff3efc280f14d5e14cb611e1bc2a
cross-origin-resource-policy
cross-origin
content-length
302831
x-served-by
cache-sjc10039-SJC, cache-fra-eddf8230080-FRA
x-imgix-render-farm
02.66600
last-modified
Sun, 04 Feb 2024 16:01:48 GMT
server
Google Frontend
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
s3Oi_z7OphtQ8M_eInDfhC175S6KPJbuoxemMJYrWETxH-_UZ64hQw==
https%3A%2F%2Fdc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io%2Fd185%2Ff1695387222496x292145748754690560%2Flogo-removebg-preview%2520%25287%2529.png
d1muf25xaso8hp.cloudfront.net/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fdc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io%2Fd185%2Ff1695387222496x292145748754690560%2Flogo-removebg-preview%2520%25287%2529.png?w=512&h=172&auto=compress&dpr=1&q=75&fit=max
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:5e00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e13f21d55fb12bb65a5a92c3cb5de66f883ecf99dcfb186b5df7d82b0d40b483
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:00:58 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
ZRH50-C1
age
49
x-cache
Hit from cloudfront
x-imgix-id
a3dd7ef15b11faa1e294f1b30b087eaa886151c9
cross-origin-resource-policy
cross-origin
content-length
3714
x-served-by
cache-sjc10029-SJC, cache-fra-eddf8230074-FRA
x-imgix-render-farm
02.66600
last-modified
Sun, 04 Feb 2024 16:00:57 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
zMv7OjfQiULNP8wc0KzlM1dGAIyqJBrASZywrBL3cEQtHzUzPyMKzQ==
https%3A%2F%2Fdc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io%2Ff1672944599322x310367603427115900%2Fquestion.png
d1muf25xaso8hp.cloudfront.net/ 		886 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fdc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io%2Ff1672944599322x310367603427115900%2Fquestion.png?w=32&h=32&auto=compress&dpr=1&fit=max
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:5e00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4f8557f457dc77d3a33ed440aa1410e20a20246167fd2500540391cd03033590
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:00:58 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
ZRH50-C1
age
49
x-cache
Hit from cloudfront
x-imgix-id
28206ac1d5249ea0dadd9a5b0bc7889f7bd610e1
cross-origin-resource-policy
cross-origin
content-length
886
x-served-by
cache-sjc10054-SJC, cache-fra-etou8220035-FRA
x-imgix-render-farm
02.66600
last-modified
Sun, 04 Feb 2024 16:00:58 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
CV6j5VhgPOIOLjV8iySCQ6b43RGnm04lIIGGWRLkneI-QyxJulcv2Q==
https%3A%2F%2Fdc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io%2Fd185%2Ff1695387481986x900476664480491400%2F3%2520%25281%2529.jpeg
d1muf25xaso8hp.cloudfront.net/ 		209 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fdc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io%2Fd185%2Ff1695387481986x900476664480491400%2F3%2520%25281%2529.jpeg?w=2048&h=1024&auto=compress&fit=crop&dpr=1
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:5e00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
0b6442b0f061f76d405a95fb998b8cd1bbab213002dea8634a04920851c3098c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:48 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
ZRH50-C1
age
0
x-cache
Miss from cloudfront
x-imgix-id
cd4deba35224a815ee3eaddd5b62c6a861a17549
cross-origin-resource-policy
cross-origin
content-length
213540
x-served-by
cache-sjc10049-SJC, cache-fra-etou8220104-FRA
x-imgix-render-farm
02.66600
last-modified
Sun, 04 Feb 2024 16:01:48 GMT
server
Google Frontend
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
kcLCHqWQAtPEYfpNBe0jJkShbI_ug_LT0mR2BshV6D5V03GuWYCQIg==
csp-report
q.stripe.com/ Frame 3D5F 		0
489 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 04 Feb 2024 16:01:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707062507462710
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1707062507462311
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 3D5F 		87 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:7200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 15:57:47 GMT
content-encoding
br
via
1.1 6ef87569c26a159f552948d3c30a2be0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
240
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
MUC50-P1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
N_O7ZoDmsrPhv0QlE4YNhUQOjhBY6FAAkwwkbTEG6uUKwV9cogvLVg==
collect
d.clarity.ms/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://returns-portal.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://returns-portal.com
Date
Sun, 04 Feb 2024 16:01:47 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
bulk_watch
returns-portal.com/version-live/elasticsearch/ 		77 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://returns-portal.com/version-live/elasticsearch/bulk_watch
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
814ea61d569853ee4b9d1ba6f4859480d45450a5673739309218be2d2135cc1b

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1707062506675x258789834443857500
X-Bubble-Fiber-ID
1707062507297x993573100794679600
X-Bubble-PL
1707062505603x183
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
cache-control
no-cache
Referer
https://returns-portal.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 04 Feb 2024 16:01:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":16,"percents":{"top":{"bubble_cpu":33.7,"block":58.6,"capacity_rl":0,"other_pause":0,"pre_fiber":7.1},"sub":{"pp_userdb":25,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":30.7,"fiber_queue":1.2,"capacity_wait":0}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1810652}}
server
cloudflare
x-powered-by
Express
x-bubble-request-took
16
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.028 unit-seconds used
cf-ray
8504225eba186524-LHR
x-bubble-capacity-limit
0 ms slower
census-questions
surveyapp.vervaunt.com/api/embedded/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://surveyapp.vervaunt.com/api/embedded/census-questions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:5464 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://returns-portal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
0
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8504225f1ba97756-LHR
date
Sun, 04 Feb 2024 16:01:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RMfUZLJ%2Bfl3P6dBQTFYD7Xg%2F0WMduDT28g34vrY4UnXz%2F7biP9kM6X5oCr3i4%2FYL0LRAWaRoDmW6Wpz%2F%2F7FgIKEg8qA0zr3mZG9G%2Bc7MsX5pRneS0MMD6dJWADqGR2odhRfYOpo53kSErw2jSCOo%2FkB0NMl"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Access-Control-Request-Method, Access-Control-Request-Headers
census-questions
surveyapp.vervaunt.com/api/embedded/ 		26 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://surveyapp.vervaunt.com/api/embedded/census-questions
Requested by
Host: surveyapp.vervaunt.com
URL: https://surveyapp.vervaunt.com/js/app/script/census-embedded.js?shop=motelrocks-com.myshopify.com&customerId=&orderId=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:5464 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e77463308969886f2bab0d4938e75cdb8683a5cf60434e3a139272e033e315e

Request headers

Referer
https://returns-portal.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type
application/json

Response headers

date
Sun, 04 Feb 2024 16:01:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-ratelimit-remaining
59
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLd8jeIE4UN9mV%2BVt4XEEGpoSJpsHw7s27R2LJCfnPvI%2F%2BjfA%2BoU7xtq2Gd%2Fmma06Tsu63iGyOwDo3DL2l7NqkgMeS8G%2BvIF3sx%2FVtme5taXUsSKezRpsQbIdTRJwNF0HbSbfSB0Cp%2BaY5z66YyE6T0UEWbL"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, private
x-ratelimit-limit
60
cf-ray
85042260bedc7756-LHR
alt-svc
h3=":443"; ma=86400
m
returns-portal.com/version-live/user/ 		4 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://returns-portal.com/version-live/user/m
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-Fiber-ID
1707062507303x457823899440888060
X-Bubble-PL
1707062505603x183
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
cache-control
no-cache
Referer
https://returns-portal.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 04 Feb 2024 16:01:47 GMT
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":8.6,"percents":{"top":{"bubble_cpu":30,"block":23.3,"capacity_rl":0,"other_pause":0,"pre_fiber":9.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":29.6,"fiber_queue":1,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":2,"fiber_queue":3,"blocks":2},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":388335}}
server
cloudflare
x-powered-by
Express
x-bubble-capacity-used
0.006 unit-seconds used
cf-ray
8504225eca276524-LHR
x-bubble-capacity-limit
0 ms slower
6
m.stripe.com/ Frame 3D5F 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.225.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-225-243.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f8bc36567edd3bdb49505bc9167470b1f989403bd2dccde5ddaf39b4a9a6d097
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Sun, 04 Feb 2024 16:01:48 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707062508133072
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1707062508132845
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
https%3A%2F%2Fdc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io%2Fd185%2Ff1695387481986x900476664480491400%2F3%2520%25281%2529.jpeg
d1muf25xaso8hp.cloudfront.net/ 		296 KB
297 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fdc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io%2Fd185%2Ff1695387481986x900476664480491400%2F3%2520%25281%2529.jpeg?w=2048&h=1536&auto=compress&fit=crop&dpr=1
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:5e00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
5b09edb82962a512259d9730f29b2a7f307052593fdc89405a342efcabaf354c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:48 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
ZRH50-C1
x-cache
Hit from cloudfront
x-imgix-id
a56f83404613ff3efc280f14d5e14cb611e1bc2a
cross-origin-resource-policy
cross-origin
content-length
302831
x-served-by
cache-sjc10039-SJC, cache-fra-eddf8230080-FRA
x-imgix-render-farm
02.66600
last-modified
Sun, 04 Feb 2024 16:01:48 GMT
server
Google Frontend
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
RTIc_xbjze9BmotGDMWSiuIyjGPHLYvA5I1j3U40dP5K_jTano_ytQ==
https%3A%2F%2Fdc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io%2Fd185%2Ff1695387481986x900476664480491400%2F3%2520%25281%2529.jpeg
d1muf25xaso8hp.cloudfront.net/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fdc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io%2Fd185%2Ff1695387481986x900476664480491400%2F3%2520%25281%2529.jpeg?w=&h=&auto=compress&fit=crop&dpr=1
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:5e00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
dc3f29aceb285c7d286cfdb4d86c00575f547a144b8d59274166db05fdcaecd3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:48 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
ZRH50-C1
age
0
x-cache
Miss from cloudfront
x-imgix-id
0d63888b4b8739187ca06ff7c4d9de05f0d2e218
cross-origin-resource-policy
cross-origin
content-length
115261
x-served-by
cache-sjc1000099-SJC, cache-fra-eddf8230037-FRA
x-imgix-render-farm
02.66600
last-modified
Sun, 04 Feb 2024 16:01:47 GMT
server
Google Frontend
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
dTr3JuFj9mPMUwgUtU-lvEUyPM_sd_ZEHWnTcLZHU9y-XCse588Nyw==
https%3A%2F%2Fdc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io%2Fd185%2Ff1695387222496x292145748754690560%2Flogo-removebg-preview%2520%25287%2529.png
d1muf25xaso8hp.cloudfront.net/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fdc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io%2Fd185%2Ff1695387222496x292145748754690560%2Flogo-removebg-preview%2520%25287%2529.png?w=512&h=172&auto=compress&dpr=1&q=75&fit=max
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:5e00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e13f21d55fb12bb65a5a92c3cb5de66f883ecf99dcfb186b5df7d82b0d40b483
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:00:58 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
ZRH50-C1
age
49
x-cache
Hit from cloudfront
x-imgix-id
a3dd7ef15b11faa1e294f1b30b087eaa886151c9
cross-origin-resource-policy
cross-origin
content-length
3714
x-served-by
cache-sjc10029-SJC, cache-fra-eddf8230074-FRA
x-imgix-render-farm
02.66600
last-modified
Sun, 04 Feb 2024 16:00:57 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
h6DNO28CftyViQERkQetWNbBzsHXIqPyHBaKoAyAdY1OOn5vKLaz9Q==
https%3A%2F%2Fdc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io%2Ff1672944599322x310367603427115900%2Fquestion.png
d1muf25xaso8hp.cloudfront.net/ 		886 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fdc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io%2Ff1672944599322x310367603427115900%2Fquestion.png?w=32&h=32&auto=compress&dpr=1&fit=max
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:5e00:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4f8557f457dc77d3a33ed440aa1410e20a20246167fd2500540391cd03033590
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:00:58 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
ZRH50-C1
age
49
x-cache
Hit from cloudfront
x-imgix-id
28206ac1d5249ea0dadd9a5b0bc7889f7bd610e1
cross-origin-resource-policy
cross-origin
content-length
886
x-served-by
cache-sjc10054-SJC, cache-fra-etou8220035-FRA
x-imgix-render-farm
02.66600
last-modified
Sun, 04 Feb 2024 16:00:58 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
fr1Gm-1wXeU7wXkyTM1je8WEOH7BiwDdtY3HRxSbpDEvi-lQbWFqoA==
apm
returns-portal.com/version-live/user/ 		4 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://returns-portal.com/version-live/user/apm
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-Fiber-ID
1707062508319x820358914051126300
X-Bubble-PL
1707062505603x183
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
cache-control
no-cache
Referer
https://returns-portal.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 04 Feb 2024 16:01:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":12.4,"percents":{"top":{"bubble_cpu":35.4,"block":34.9,"capacity_rl":0,"other_pause":0,"pre_fiber":26.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":35.7,"fiber_queue":0.4,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":2,"fiber_queue":3,"blocks":2},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":659425}}
server
cloudflare
x-powered-by
Express
x-bubble-request-took
13
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.01 unit-seconds used
cf-ray
850422653e266524-LHR
x-bubble-capacity-limit
0 ms slower
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1D4177A1FEB14FBFAED353AA6CFDCD43&RedC=c.clarity.ms&MXFR=0144F121907A64860A43E53A947A6A18
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1D4177A1FEB14FBFAED353AA6CFDCD43&MUID=236F50F01D1C6F60002944EB1C976E9F
42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1D4177A1FEB14FBFAED353AA6CFDCD43&MUID=236F50F01D1C6F60002944EB1C976E9F
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 16:01:48 GMT
last-modified
Wed, 10 Jan 2024 21:11:32 GMT
server
Microsoft-IIS/10.0
etag
"d765ee95944da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 04 Feb 2024 16:01:48 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2BB4775C5AB44B7E8AFFC40DE5AE27C7 Ref B: FRA31EDGE0609 Ref C: 2024-02-04T16:01:48Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1D4177A1FEB14FBFAED353AA6CFDCD43&MUID=236F50F01D1C6F60002944EB1C976E9F
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
twk-main.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		121 B
298 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/626035eb7b967b11798ba8a0/1g13t589i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://returns-portal.com/
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1325582
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"da5bb1dc647470204df0e49f5afac2de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
85042265fec263f3-LHR
twk-vendor.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		81 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/626035eb7b967b11798ba8a0/1g13t589i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://returns-portal.com/
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1325582
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"ce3014b09c6dfbd6f92bc585fd840580"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
85042265fec563f3-LHR
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		212 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/626035eb7b967b11798ba8a0/1g13t589i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://returns-portal.com/
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1325582
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"86b32a04921a039ace69980bacd1b639"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
85042265fecb63f3-LHR
twk-chunk-common.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		219 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/626035eb7b967b11798ba8a0/1g13t589i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
252458ca95d1b4ebb463113ddaf8be2331453431243c0ef8196eef04da4dcf1d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://returns-portal.com/
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1325582
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"7cb04588da7fac9195cf9fcf0a9cd695"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
85042265fecc63f3-LHR
twk-runtime.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/626035eb7b967b11798ba8a0/1g13t589i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
221f1816ebb7a87ef915cd7a2e091cb0a14082b7ac494039d4e28d29ce384e83
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://returns-portal.com/
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1325582
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"8a62145a771f178a2f2776bd2b72d0d5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
85042265fecd63f3-LHR
twk-app.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		151 B
207 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/626035eb7b967b11798ba8a0/1g13t589i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://returns-portal.com/
Origin
https://returns-portal.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1325582
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
85042265fecf63f3-LHR
widget-settings
va.tawk.to/v1/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=626035eb7b967b11798ba8a0&widgetId=1g13t589i&sv=null
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c5e8cbc13728e6a6184376c18a77c8532d5c5bb6aee018d9aa34b6899c500df
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-dtns
server
cloudflare
etag
W/"2-86-1"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
8504226708f263f3-LHR
access-control-allow-headers
content-type,x-tawk-token
start
va.tawk.to/v1/session/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be20f25ca0a0b627bbe60cbe1ad38bf4836b57371925a36bbfb232c8af56765c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://returns-portal.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Sun, 04 Feb 2024 16:01:51 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://returns-portal.com
access-control-allow-credentials
true
cf-ray
850422686ca5653c-LHR
access-control-allow-headers
content-type,x-tawk-token
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-2z3n
start
va.tawk.to/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://returns-portal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://returns-portal.com
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85042267090c63f3-LHR
date
Sun, 04 Feb 2024 16:01:48 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-2f1q
collect
d.clarity.ms/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://returns-portal.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://returns-portal.com
Date
Sun, 04 Feb 2024 16:01:48 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
en.js
embed.tawk.to/_s/v4/app/65839862293/languages/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/languages/en.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1345571
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"7f37a030886ec7fce1d065ec482789ee"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
850422686e2971c8-LHR
frg
returns-portal.com/version-live/ 		5 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://returns-portal.com/version-live/frg
Requested by
Host: returns-portal.com
URL: https://returns-portal.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

X-Bubble-Fiber-ID
1707062510304x551396348429144450
X-Bubble-PL
1707062505603x183
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
cache-control
no-cache
Referer
https://returns-portal.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Sun, 04 Feb 2024 16:01:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":13,"percents":{"top":{"bubble_cpu":21.4,"block":60.2,"capacity_rl":0,"other_pause":0,"pre_fiber":18.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":22.8,"fiber_queue":3.9,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":3,"fiber_queue":4,"blocks":3},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":415362}}
server
cloudflare
x-powered-by
Express
x-bubble-request-took
13
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.006 unit-seconds used
cf-ray
850422718e9f6524-LHR
x-bubble-capacity-limit
0 ms slower
collect
d.clarity.ms/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.174.66 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://returns-portal.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://returns-portal.com
Date
Sun, 04 Feb 2024 16:01:50 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
twk-chunk-2c776523.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:51 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1345573
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"70aec2dd89cac4933594c25b71d61f46"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
85042277cd5f71c8-LHR
twk-chunk-9294da6c.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-9294da6c.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea2c7fe5b9f379bd51bc7a9d6016ddc2f445164a3dd5738a319fbcc23402fa1d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:51 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1345574
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"398211e86ba1f74c4421bde7a06fc780"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
85042277cd6171c8-LHR
twk-chunk-2d0b383d.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		699 B
677 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2d0b383d.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:51 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1345574
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"838903127a65ec440893b4945c40ca4a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
85042277cd6271c8-LHR
twk-chunk-48f3b594.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-48f3b594.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
171130288b9912be9b602fe27afeed79e4ecdf6ea7997ce8c97b0d5f5aba2359
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:51 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1345575
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"d1392466f248728bc183c96015db868c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
85042277cd6571c8-LHR
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		906 B
663 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-4fe9d5dd.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:51 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1345574
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"1c5ecf371149feca23bd895ba9dfec4d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
85042277cd6771c8-LHR
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		535 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2d0b9454.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:51 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1345573
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"c506281367048d4a134c9affbc68c8c6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
85042277cd6971c8-LHR
twk-chunk-24d8db78.js
embed.tawk.to/_s/v4/app/65839862293/js/ 		110 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-24d8db78.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db3a997bf0303354210ecb224dc7b4bb1f81d34aa95fd06cdf13498c265339d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:51 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1345575
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 01:45:14 GMT
server
cloudflare
etag
W/"1eaf1603955ff543fb810fe5edc51e58"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
85042277cd6b71c8-LHR
min-widget.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame 7086 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/css/min-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:51 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1345573
cf-polished
origSize=24831
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 01:45:13 GMT
server
cloudflare
etag
W/"5742a34aaab2a5983c7c11cdeef1c0ee"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
850422787e5e71c8-LHR
message-preview.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame EE93 		40 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/css/message-preview.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:51 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1345573
cf-polished
origSize=40832
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 01:45:13 GMT
server
cloudflare
etag
W/"cf4a08d496f49489af30571e3cbb48f3"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
850422788e7a71c8-LHR
max-widget.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame C266 		76 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65839862293/css/max-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799596c2833003b4bd92b1454ba52de29fb4fd07edb07648d64e567b0d293f85
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:51 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1345574
cf-polished
origSize=78180
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 01:45:13 GMT
server
cloudflare
etag
W/"0ab357443b798b4a1db6c4f22b1590f4"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
85042278bf0471c8-LHR
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 		295 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://returns-portal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 16:01:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2611149
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230136-FRA, cache-lga21957-LGA
server
cloudflare
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=op1jFoISsS%2F5Zxbc5slcHIgtm9BqytLj%2FwksTuOI5SMoKgIw1BrzU90KMpaosGTmzOinwBmC%2BkbdZBj11dp0m9fruPz4ov5lWnNPprQnawVq5uEKmsQzMgZleDKoZeQstf9ul%2BlULMtOqDtFFJg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
85042278fed423c5-LHR
6
m.stripe.com/ Frame 3D5F 		156 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.225.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-225-243.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f8bc36567edd3bdb49505bc9167470b1f989403bd2dccde5ddaf39b4a9a6d097
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Sun, 04 Feb 2024 16:01:51 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707062511771313
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1707062511770828
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
v3
va.tawk.to/log-performance/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://returns-portal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://returns-portal.com
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8504227b68e1641e-LHR
date
Sun, 04 Feb 2024 16:01:52 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-nrzr
v3
va.tawk.to/log-performance/ 		5 B
263 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://returns-portal.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Sun, 04 Feb 2024 16:01:52 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://returns-portal.com
access-control-allow-credentials
true
cf-ray
8504227c7b37641e-LHR
access-control-allow-headers
content-type,x-tawk-token
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-z828
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XWR7LX7S16&gtm=45je41v0v9120882515za200&_p=1707062506650&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=1288301490.1707062507&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&sid=1707062506&sct=1&seg=0&dl=https%3A%2F%2Freturns-portal.com%2Fversion-live%2Fr%2Fmotelrocks&dt=Returns%20%7C%20MOTEL&_s=2&tfd=5686
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XWR7LX7S16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://returns-portal.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 16:01:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://returns-portal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| bubble_session_uid object| headers_source_maps object| load_error_log object| _bubble_page_load_data object| webfont object| WebFont function| FontFaceObserver string| gm_key boolean| glrl_key_status string| bubble_page_load_id string| bubble_plp_token string| _p string| bubble_page_name function| $ function| jQuery function| Lib_post_load string| bubble_bundle_name object| Base64 object| BrowserDetect function| highlight_dom_changes function| local_storage_fallback object| u function| appquery function| google_web_fonts_active_cb function| fontface_webfonts_loaded_cb function| clearImmediate function| setImmediate object| element_performance_counts function| kill_notifier_socket function| restore_notifier_socket number| server_time_offset object| client_db object| safe_require object| testing function| authenticate_as object| document_ready_key function| display_page function| switch_page object| preloaded object| __code__ function| Inputmask object| _bubble_watcher_cache number| bubble_version object| optional_modules object| plugins object| bubble_run_derived object| app object| translation_data object| language_data string| application_language function| Lib function| everything_ready function| wait_for_everything function| ClipboardJS function| filterCSS function| filterXSS function| download object| feather function| _0x167953 function| _0x3c42 function| _0x3c6b function| _0x1c6673 object| Papa function| Compressor object| webpackChunkStripeJSouter function| noop function| Stripe object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions function| clarity function| gtag object| dataLayer boolean| google_web_fonts_active object| fontface_loaded boolean| all_fontface_loaded number| render_end_timestamp object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| Tawk_API object| Tawk_LoadStart object| censusEmbeddedWidgetHelpers string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window object| emojione

18 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: e779b7aa15994318809e486ddd249053.20240204.20250203
.returns-portal.com/ Name: _ga
Value: GA1.1.1288301490.1707062507
.returns-portal.com/ Name: _clck
Value: 3vmtmu%7C2%7Cfiz%7C0%7C1495
.returns-portal.com/ Name: _clsk
Value: m49lod%7C1707062507874%7C1%7C1%7Cd.clarity.ms%2Fcollect
.returns-portal.com/ Name: _ga_XWR7LX7S16
Value: GS1.1.1707062506.1.1.1707062508.0.0.0
m.stripe.com/ Name: m
Value: 479fd5bf-c571-4544-ba0d-5a1d8c747a3d0cc37a
.returns-portal.com/ Name: __stripe_mid
Value: 2265d321-a209-4450-a4d8-2ef73d8b05d9331364
.returns-portal.com/ Name: __stripe_sid
Value: 251ce7db-cef4-4837-acb7-5f725d8d29f46e3d86
returns-portal.com/ Name: twk_idm_key
Value: DnyHf4ykCuHvmyZa4gxee
.bing.com/ Name: MUID
Value: 236F50F01D1C6F60002944EB1C976E9F
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 236F50F01D1C6F60002944EB1C976E9F
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 236F50F01D1C6F60002944EB1C976E9F
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
returns-portal.com/ Name: TawkConnectionTime
Value: 0
.returns-portal.com/ Name: twk_uuid_626035eb7b967b11798ba8a0
Value: %7B%22uuid%22%3A%221.bJrwpPYUACT2FjcywZAO7BhwvUyyAYCkEWJljClzt8wK56KhzQa8AxV47cc3vPIAUe1VPlZCQHY32G2nW7Oek8xWCEHukYtXI6LGYMSiLOxnaFrviebJQpXnuosPV%22%2C%22version%22%3A3%2C%22domain%22%3A%22returns-portal.com%22%2C%22ts%22%3A1707062511301%7D

22 Console Messages

Source Level URL
Text
network error URL: https://fonts.googleapis.com/css2?display=swap&
Message:
Failed to load resource: the server responded with a status of 400 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
other warning URL: https://returns-portal.com/version-live/r/motelrocks
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://returns-portal.com/css/style.css
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://surveyapp.vervaunt.com/api/embedded/census-questions
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://returns-portal.com/version-live/r/motelrocks?s=1&lang=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets6.lottiefiles.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdnjs.cloudflare.com
d.clarity.ms
d1muf25xaso8hp.cloudfront.net
d2tf8y1b8kxrzw.cloudfront.net
dc73e1d24296f4bfd0e069c4cd497f06.cdn.bubble.io
embed.tawk.to
f84b6cef02afc70067889de47ac8b2b8.cdn.bubble.io
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
region1.google-analytics.com
returns-portal.com
surveyapp.vervaunt.com
unpkg.com
va.tawk.to
www.clarity.ms
www.googletagmanager.com
104.16.137.79
104.16.224.78
104.19.241.93
151.101.64.176
2001:4860:4802:32::36
2600:9000:2190:5e00:1c:37e5:3f40:21
2600:9000:223d:9e00:1f:fceb:ff00:21
2600:9000:225b:7200:19:7d10:bd80:93a1
2600:9000:237d:4800:2:49a2:4500:93a1
2606:4700:10::6816:1983
2606:4700:10::ac43:2642
2606:4700:3036::6815:5464
2606:4700::6810:5514
2606:4700::6810:7caf
2606:4700::6811:190e
2620:1ec:bdf::60
2620:1ec:c11::200
2a00:1450:4001:802::200a
2a00:1450:4001:811::2008
2a00:1450:4001:830::2003
40.76.174.66
44.235.225.243
54.187.119.242
68.219.88.97
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
09436e6494b48ac1fbfe981161773220dad9db869b3903725be6bdf1e08cffb8
0b6442b0f061f76d405a95fb998b8cd1bbab213002dea8634a04920851c3098c
0caffb87568edea778b622ecf07438aa99e4708ecc8672fb9c8a6357c542ed5c
0db3a997bf0303354210ecb224dc7b4bb1f81d34aa95fd06cdf13498c265339d
0e6bd2c90f7fcdc815bb0f0c0c0b43f2b42badf841a5e32b80b4a42b8788aff5
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
171130288b9912be9b602fe27afeed79e4ecdf6ea7997ce8c97b0d5f5aba2359
1a7fd72723cf40c05b658217f97f070c460bfcb6a817baafecc919b5e541f1f3
221f1816ebb7a87ef915cd7a2e091cb0a14082b7ac494039d4e28d29ce384e83
2303ed4ee7029c77d59b21c5bc81deec930d6254aadb54317c9e05b1daae7342
24fd9bd824ddbd3b18627e6ce950df79dfd3307328d540ad457cccaf2de531f6
252458ca95d1b4ebb463113ddaf8be2331453431243c0ef8196eef04da4dcf1d
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
35c7d350dedf7fddcad303d24704ee5b7b891a9ccc0fc19d8ddc747d7eb3c0b9
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
370aa036315e948fb51c378ae79457afaa85120f65158e0abade21ab8ecd37a1
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
466ae3288a2b125b1425bf26ebeb027b06e5fb7f710a9dc989aecf5d6a6b36db
479f6b47530390fb97838b0646ba6a9344f534d8e43c64551d6a4a7fa9040a51
4f8557f457dc77d3a33ed440aa1410e20a20246167fd2500540391cd03033590
50901029f5dea648828e170e42af3b23ea33d2c1196c705690aa4638ca5c7e30
52dc1a9e096f87c9eb53f5f78d24aeadcac83cf7ecc14f6098bae2e56f8c08e1
5a896b35367d958d102f97f4fd08b5cb0dd11a70cb8a0d8754b624aec866ed8d
5b09edb82962a512259d9730f29b2a7f307052593fdc89405a342efcabaf354c
5f72f11fd865e234912dd0bc1ac1c136e4fdedc56065e77e341b19c16fc9e702
613b31836eee1d9190d8e9619170d94fcbae239d0c397cd8fa6cd25d994bada7
68e64be03d07ca3e8b4bf5432dbc9ca78b2405de2aa0236e1a86a43338ca77f6
6af5ec754458d1d1a6fa4f91ae9289cae7365d193cdf977c51ed46c72d08287e
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
72eeb0a6d842a5a31a34fb1d912adb19a4d88216d6bc6a93306d18c7a16a1d25
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
799596c2833003b4bd92b1454ba52de29fb4fd07edb07648d64e567b0d293f85
7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
814ea61d569853ee4b9d1ba6f4859480d45450a5673739309218be2d2135cc1b
8293fc12597115421f8128a3996a5c7a74163f8f56f7935e6b5bda1f777e9356
86ad7ab2a7edb6929bb527b0954aafe9d7b78b067e94c414b06d23f4fd518e8c
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3
8bc1293fa256832a900930b9b7aeaaa9d6c51115d9f48d9d66ccf3a31eea80dc
8de4b97c008222bca65e9b43e9587a1a74fb33a87b16057732c58937f8114c70
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
97ebdbe7d524a146f58d55727eb6ae3a9cbb7530d1575a9095afbcae72df8f79
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9c5e8cbc13728e6a6184376c18a77c8532d5c5bb6aee018d9aa34b6899c500df
9e77463308969886f2bab0d4938e75cdb8683a5cf60434e3a139272e033e315e
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a347097a132cdbf380c030e87636122724ab40554425df2bbd0245522f0d5ab9
ac7807af2d154885a8f09735a785ebcb6c88b14fa67063ade6aa537b686e983c
ad293b176ac4a3d9ef6bf23aec7af951291037efe5cbf64676221149419138b2
b268d8d7e58b5df0bbd18aecb0add2e65801fa45c99e8afbcf1189e6c6c9723f
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bd4ab0f9b4c04f4d2e5b906bef5129dfc193022c1662b5dba60a6e5168d74e60
be20f25ca0a0b627bbe60cbe1ad38bf4836b57371925a36bbfb232c8af56765c
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6029de176821c4be61103b153457408a221616f2fe258cb3736430552516ff0
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd
d8014a4e31b3fc6253c373e7d84ec661ed7825196fad429e4791aeb395acdc2c
dc3f29aceb285c7d286cfdb4d86c00575f547a144b8d59274166db05fdcaecd3
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e13f21d55fb12bb65a5a92c3cb5de66f883ecf99dcfb186b5df7d82b0d40b483
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67cfdf3f17d7651c3bb9fa68d5a754f3c586151eecf8f1df75257f860fbe536
e7374cc188cd8874d6a9e1f42b9667c597ccbfc61d7f78436bef920bcafa2d21
e7be0eda7f23a01e49cf4e3b976c3fbda22e825de7e5c328c05daecb774115cd
ea2c7fe5b9f379bd51bc7a9d6016ddc2f445164a3dd5738a319fbcc23402fa1d
ea9676fc4357dabead88b8b1cffd1dc366de4f36cd0697e9ca4528dc91a35056
ea996c210fab2c42d98ddc3f66933ec339e8b58469325f65097a25f3572469fe
eec0a8df56cf3bd913fba5ce0cfe568a54ad5bb8175052b839feb5e46d8c1646
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5b5197ffb90b53ceaf1b4a1b0ccdd5e48e14d87c8176220eacf328ab609fe5e
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f605bf0857e1a6b753a24f1a564aaf13568512749e6027484c802d5d6c895d60
f8bc36567edd3bdb49505bc9167470b1f989403bd2dccde5ddaf39b4a9a6d097
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663