safelyreturn.com Open in urlscan Pro
167.99.242.112  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response safelyreturn.com/	900 B 1 KB	205ms 8ms	Document text/html	167.99.242.112
General Check archive.org Show headers Download Go to Full URL https://safelyreturn.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.242.112 Frankfurt am Main, Germany, ASN (), Reverse DNS Software Netlify / Resource Hash ec442820e75df717ad6f420dd07bdec837a9a79e302be529cd51baddf3ecb4d5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :method GET :authority safelyreturn.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers cache-control public, max-age=0, must-revalidate content-length 900 content-type text/html; charset=UTF-8 date Sat, 11 Sep 2021 01:55:56 GMT etag "9a40d086a1a1d984b868f6875b59f6aa-ssl" strict-transport-security max-age=31536000 x-nf-request-id 01FFB1Q024WCP9WN108G26DC8S server Netlify age 59375
GET H2	200	vendor.a7e7b216.js Show response safelyreturn.com/assets/	94 KB 34 KB	175ms 175ms	Script application/javascript	167.99.242.112
General Check archive.org Show headers Download Go to Full URL https://safelyreturn.com/assets/vendor.a7e7b216.js Requested by Host: safelyreturn.com URL: https://safelyreturn.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.242.112 Frankfurt am Main, Germany, ASN (), Reverse DNS Software Netlify / Resource Hash bf029d553ab37269dd624c6bfbcc691b986819b3320ee8eeaa5b877b5574b847 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :path /assets/vendor.a7e7b216.js pragma no-cache origin https://safelyreturn.com accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest script :authority safelyreturn.com referer https://safelyreturn.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://safelyreturn.com/ Origin https://safelyreturn.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-nf-request-id 01FFB1Q031FHGZ2AJ4R3D6CV8R date Sat, 11 Sep 2021 18:22:34 GMT content-encoding br server Netlify age 177 etag "0cb7cd3d5f17a1b8185fbe3732d510d4-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0, must-revalidate strict-transport-security max-age=31536000 accept-ranges bytes
GET H2	200	index.0abfd2f9.js Show response safelyreturn.com/assets/	28 KB 10 KB	175ms 174ms	Script application/javascript	167.99.242.112
General Check archive.org Show headers Download Go to Full URL https://safelyreturn.com/assets/index.0abfd2f9.js Requested by Host: safelyreturn.com URL: https://safelyreturn.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.242.112 Frankfurt am Main, Germany, ASN (), Reverse DNS Software Netlify / Resource Hash 9543ab1fe92495c0afce7b33701258f7fd1326729f521c17eeaca0e43762abd7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :path /assets/index.0abfd2f9.js pragma no-cache origin https://safelyreturn.com accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest script :authority safelyreturn.com referer https://safelyreturn.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://safelyreturn.com/ Origin https://safelyreturn.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-nf-request-id 01FFB1Q031STYKWR4FWWSTY1TB date Sat, 11 Sep 2021 18:22:34 GMT content-encoding br server Netlify age 177 etag "dcf2f60da549b81a4c1e514c44ebe566-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0, must-revalidate strict-transport-security max-age=31536000 accept-ranges bytes
GET H2	200	index.a770d57e.css safelyreturn.com/assets/	34 KB 6 KB	127ms 127ms	Stylesheet text/css	167.99.242.112
General Check archive.org Show headers Download Go to Full URL https://safelyreturn.com/assets/index.a770d57e.css Requested by Host: safelyreturn.com URL: https://safelyreturn.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.242.112 Frankfurt am Main, Germany, ASN (), Reverse DNS Software Netlify / Resource Hash b541fd5dbc2c9a4860788aaeb6e4bf0929f7ca3222275e4ec8cd982ac07cd495 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :path /assets/index.a770d57e.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority safelyreturn.com referer https://safelyreturn.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://safelyreturn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-nf-request-id 01FFB1Q032M239APNXDPYJD3F7 date Sat, 11 Sep 2021 18:22:34 GMT content-encoding br server Netlify age 177 etag "2c68487f1b48a18dd9c972f3cef5d204-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=0, must-revalidate strict-transport-security max-age=31536000 accept-ranges bytes
GET H2	200	css fonts.googleapis.com/	18 KB 1 KB	72ms 24ms	Stylesheet text/css	64.233.167.95
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Inter:100,200,300,400,500,600,700,800,900 Requested by Host: safelyreturn.com URL: https://safelyreturn.com/assets/index.a770d57e.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.167.95 , United States, ASN (), Reverse DNS Software ESF / Resource Hash 617c089c21c2cf560242975d028eebdfcaaf563692e6ecf041a3a955df711f0f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://safelyreturn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 11 Sep 2021 18:25:32 GMT server ESF date Sat, 11 Sep 2021 18:25:32 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 11 Sep 2021 18:25:32 GMT
GET H2	200	Main.e1eeb272.js Show response safelyreturn.com/assets/	431 B 531 B	128ms 127ms	Script application/javascript	167.99.242.112
General Check archive.org Show headers Download Go to Full URL https://safelyreturn.com/assets/Main.e1eeb272.js Requested by Host: safelyreturn.com URL: https://safelyreturn.com/assets/index.0abfd2f9.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.242.112 Frankfurt am Main, Germany, ASN (), Reverse DNS Software Netlify / Resource Hash 004695ebb0d4157107ab91cd716bb56b10696a8d8599c33bc33c00abc623d4ce Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :path /assets/Main.e1eeb272.js pragma no-cache origin https://safelyreturn.com accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest script :authority safelyreturn.com :scheme https sec-fetch-site same-origin :method GET Referer Origin https://safelyreturn.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-nf-request-id 01FFB1Q0E9D83KP9872WQGV2YP date Sat, 11 Sep 2021 18:22:34 GMT server Netlify age 178 etag "590e64233e461729063ff8f7b1bbcaec-ssl" strict-transport-security max-age=31536000 content-type application/javascript; charset=UTF-8 cache-control public, max-age=0, must-revalidate accept-ranges bytes content-length 431
GET H2	200	Footer.60f768d2.js Show response safelyreturn.com/assets/	25 KB 6 KB	134ms 133ms	Script application/javascript	167.99.242.112
General Check archive.org Show headers Download Go to Full URL https://safelyreturn.com/assets/Footer.60f768d2.js Requested by Host: safelyreturn.com URL: https://safelyreturn.com/assets/index.0abfd2f9.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.242.112 Frankfurt am Main, Germany, ASN (), Reverse DNS Software Netlify / Resource Hash 63d30ea84895a4c62868276a877f2e820c6586f18333cd1fb2b6038ec41f01a6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :path /assets/Footer.60f768d2.js pragma no-cache origin https://safelyreturn.com accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest script :authority safelyreturn.com :scheme https sec-fetch-site same-origin :method GET Referer Origin https://safelyreturn.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-nf-request-id 01FFB1Q0E9RQBJ9B8R83Q7CGD9 date Sat, 11 Sep 2021 18:22:34 GMT content-encoding br server Netlify age 178 etag "9bc48f170f95bc30ea011abd4195811d-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0, must-revalidate strict-transport-security max-age=31536000 accept-ranges bytes
GET H2	200	CodeInput.6b22ef77.js Show response safelyreturn.com/assets/	3 KB 1 KB	132ms 132ms	Script application/javascript	167.99.242.112
General Check archive.org Show headers Download Go to Full URL https://safelyreturn.com/assets/CodeInput.6b22ef77.js Requested by Host: safelyreturn.com URL: https://safelyreturn.com/assets/index.0abfd2f9.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.242.112 Frankfurt am Main, Germany, ASN (), Reverse DNS Software Netlify / Resource Hash 255e42e03a9d30c676274370f2ff86786aa5ea8a38377dbc99553c53a54e1ae6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :path /assets/CodeInput.6b22ef77.js pragma no-cache origin https://safelyreturn.com accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest script :authority safelyreturn.com :scheme https sec-fetch-site same-origin :method GET Referer Origin https://safelyreturn.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-nf-request-id 01FFB1Q0E9RCFW33D0VQSP5B81 date Sat, 11 Sep 2021 18:22:34 GMT content-encoding br server Netlify age 178 etag "6415dce670394c75b35cedfa8a4f1f6c-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0, must-revalidate strict-transport-security max-age=31536000 accept-ranges bytes content-length 1231
GET H2	200	LoadingIndicator.b2a9fa57.js Show response safelyreturn.com/assets/	510 B 609 B	127ms 127ms	Script application/javascript	167.99.242.112
General Check archive.org Show headers Download Go to Full URL https://safelyreturn.com/assets/LoadingIndicator.b2a9fa57.js Requested by Host: safelyreturn.com URL: https://safelyreturn.com/assets/index.0abfd2f9.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.99.242.112 Frankfurt am Main, Germany, ASN (), Reverse DNS Software Netlify / Resource Hash 402078f2b63525fb1c5771b27e55d56576ccd81e1c022f8b44b6ea511a344e42 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :path /assets/LoadingIndicator.b2a9fa57.js pragma no-cache origin https://safelyreturn.com accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest script :authority safelyreturn.com :scheme https sec-fetch-site same-origin :method GET Referer Origin https://safelyreturn.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-nf-request-id 01FFB1Q0E9TJD6RKQ84N4C9FN4 date Sat, 11 Sep 2021 18:22:34 GMT server Netlify age 178 etag "7ee8bcdfe1a56adc4e255f1f71fd9966-ssl" strict-transport-security max-age=31536000 content-type application/javascript; charset=UTF-8 cache-control public, max-age=0, must-revalidate accept-ranges bytes content-length 510
GET H2	200	7T7LK4,000000.png d3il08p0vgwdw.cloudfront.net/v0/	4 KB 4 KB	83ms 38ms	Image binary/octet-stream	13.224.89.207
General Check archive.org Show headers Download Go to Show image Full URL https://d3il08p0vgwdw.cloudfront.net/v0/7T7LK4,000000.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.89.207 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash da62e32db315e47e54e550fa8110ca1e834f7459e0a81c0e7af8dbdee294da64 Request headers Accept-Language de-DE,de;q=0.9 Referer https://safelyreturn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 11 Sep 2021 18:22:41 GMT via 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront) last-modified Fri, 05 Feb 2021 06:26:22 GMT server AmazonS3 age 172 etag "ab3f722a64a01b941cf737cc2284db90" x-cache Hit from cloudfront content-type binary/octet-stream x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 4210 x-amz-cf-id GSbOuVJ_bVB4oeirxybl0tJ96TAdjQbe2h80Nysm_chjWDgt_ih74Q==
GET H2	200	UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 fonts.gstatic.com/s/inter/v3/	36 KB 37 KB	178ms 56ms	Font font/woff2	142.250.74.131
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v3/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Inter:100,200,300,400,500,600,700,800,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.131 , United States, ASN (), Reverse DNS Software sffe / Resource Hash f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://safelyreturn.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 10:57:00 GMT x-content-type-options nosniff age 113312 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37056 x-xss-protection 0 last-modified Thu, 28 Jan 2021 22:48:53 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 10 Sep 2022 10:57:00 GMT
GET H2	200	Z5NBWG,000000.png d3il08p0vgwdw.cloudfront.net/v0/	4 KB 4 KB	53ms 33ms	Image binary/octet-stream	13.224.89.207
General Check archive.org Show headers Download Go to Show image Full URL https://d3il08p0vgwdw.cloudfront.net/v0/Z5NBWG,000000.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.89.207 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash 470032c7459cea9d645db96a927bb62c99d74525d42f66682b0bd71fdd3c1eac Request headers Accept-Language de-DE,de;q=0.9 Referer https://safelyreturn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 11 Sep 2021 18:22:41 GMT via 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront) last-modified Fri, 05 Feb 2021 06:24:15 GMT server AmazonS3 age 172 etag "1cef5a9ad34230aaff27d030c1587647" x-cache Hit from cloudfront content-type binary/octet-stream x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 4050 x-amz-cf-id Yb5RTrPSeHtA1lEDBkic5urhp-ShZB8w7k2hQS2HdCNoiTIjm_Jmcw==
POST H2	200	page_view Show response 1b02f4b7wl.execute-api.us-east-2.amazonaws.com/api/	4 B 444 B	384ms 383ms	XHR application/json	13.224.94.62
General Check archive.org Show headers Download Go to Full URL https://1b02f4b7wl.execute-api.us-east-2.amazonaws.com/api/page_view Requested by Host: safelyreturn.com URL: https://safelyreturn.com/assets/vendor.a7e7b216.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.94.62 , United States, ASN (), Reverse DNS Software / Resource Hash 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Request headers Accept application/json, text/plain, */* Referer https://safelyreturn.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Sat, 11 Sep 2021 18:25:33 GMT via 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront) x-amz-cf-pop ZRH50-C1 x-amzn-requestid f28b68b0-c919-4dac-863e-917c9d3157d9 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * x-amzn-trace-id Root=1-613cf49d-7801ccd848df644f6da46950;Sampled=0 access-control-allow-headers Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key x-amz-apigw-id FgsokFBjCYcFs-g= content-length 4 x-amz-cf-id roigMo7H6C1rKYosP6j4mFAsh--BkFuvnhLqrPYlKVAx-3UqVQBXcA==
OPTIONS H2	200	page_view 1b02f4b7wl.execute-api.us-east-2.amazonaws.com/api/	0 0	365ms 319ms	Preflight application/json	13.224.94.62
General Check archive.org Show headers Download Go to Full URL https://1b02f4b7wl.execute-api.us-east-2.amazonaws.com/api/page_view Protocol H2 Server 13.224.94.62 , United States, ASN (), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://safelyreturn.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Response headers content-type application/json content-length 0 date Sat, 11 Sep 2021 18:25:32 GMT x-amzn-requestid b9e4d58b-cafa-4898-b5ae-f686699cdb68 access-control-allow-origin * access-control-allow-headers Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key x-amz-apigw-id FgsohH49iYcF14w= access-control-allow-methods POST,OPTIONS x-cache Miss from cloudfront via 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront) x-amz-cf-pop ZRH50-C1 x-amz-cf-id v81pNJFvMLcoUBFPlnkovgCGbiEzv2q_8sdrKQ8_A5FMkz0ChKiBfQ==
GET H2	200	KZH468,000000.png d3il08p0vgwdw.cloudfront.net/v0/	4 KB 4 KB	45ms 36ms	Image binary/octet-stream	13.224.89.207
General Check archive.org Show headers Download Go to Show image Full URL https://d3il08p0vgwdw.cloudfront.net/v0/KZH468,000000.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.89.207 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash 9ebdbe25e136b3cad6552b50f575758032e7eab5686b87c4d7a071f4ca6269de Request headers Accept-Language de-DE,de;q=0.9 Referer https://safelyreturn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 11 Sep 2021 18:22:41 GMT via 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront) last-modified Fri, 05 Feb 2021 06:24:23 GMT server AmazonS3 age 172 etag "d1c12fde6433f6ffd6fdf76721c2e8ae" x-cache Hit from cloudfront content-type binary/octet-stream x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 4167 x-amz-cf-id Qo6E24pVAu1GJT2Yb96P9mx86xYaTPXakakcj9iMa63321-nIa9R4g==
GET H2	200	4GCRLA,000000.png d3il08p0vgwdw.cloudfront.net/v0/	4 KB 4 KB	25ms 25ms	Image binary/octet-stream	13.224.89.207
General Check archive.org Show headers Download Go to Show image Full URL https://d3il08p0vgwdw.cloudfront.net/v0/4GCRLA,000000.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.89.207 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash f0c6af553999790504b3a3f59abfa08383e2302fa4a6a9c2eece3b48855004f2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://safelyreturn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 11 Sep 2021 18:22:41 GMT via 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront) last-modified Fri, 05 Feb 2021 06:24:30 GMT server AmazonS3 age 172 etag "4f4090d1163e06a59f5f74f65e8e3552" x-cache Hit from cloudfront content-type binary/octet-stream x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 4117 x-amz-cf-id YSnoJ4Sl28M8jnaYOFOY-eN_T8jLg6xvT9zQRh_qgm4M9nSm7auFmg==
GET H2	200	S7BCE2,000000.png d3il08p0vgwdw.cloudfront.net/v0/	4 KB 4 KB	29ms 28ms	Image binary/octet-stream	13.224.89.207
General Check archive.org Show headers Download Go to Show image Full URL https://d3il08p0vgwdw.cloudfront.net/v0/S7BCE2,000000.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.89.207 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash fd5f594e5688e607973bacf83311cf9eebf45ca481c2cab40508cf6155b85a8c Request headers Accept-Language de-DE,de;q=0.9 Referer https://safelyreturn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 11 Sep 2021 18:22:41 GMT via 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront) last-modified Fri, 05 Feb 2021 06:24:37 GMT server AmazonS3 age 172 etag "4c0209634d3fa8c2f412d4679352b080" x-cache Hit from cloudfront content-type binary/octet-stream x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 4220 x-amz-cf-id dYD-FZXSbhdjzbGwhU2eehm0GDb_tJaiqcYpx0tlwUmXRkknkzTcPw==
GET H2	200	VSK33E,000000.png d3il08p0vgwdw.cloudfront.net/v0/	4 KB 4 KB	22ms 22ms	Image binary/octet-stream	13.224.89.207
General Check archive.org Show headers Download Go to Show image Full URL https://d3il08p0vgwdw.cloudfront.net/v0/VSK33E,000000.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.89.207 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash dfe1524bd88ebdbfdc5a5a6b10e33dda5762ecfa2f0edc59d34e685861126e9b Request headers Accept-Language de-DE,de;q=0.9 Referer https://safelyreturn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 11 Sep 2021 18:22:41 GMT via 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront) last-modified Fri, 05 Feb 2021 06:24:44 GMT server AmazonS3 age 172 etag "6a14943047fdc999d58a5c69dae6a8cb" x-cache Hit from cloudfront content-type binary/octet-stream x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 4195 x-amz-cf-id vHoN54uFpTQNX0qHBmpI1RJiY3OZ-SdeeG-OAfCLcBwR_mDHOqYqRw==
GET H2	200	B84VZK,000000.png d3il08p0vgwdw.cloudfront.net/v0/	4 KB 5 KB	29ms 29ms	Image binary/octet-stream	13.224.89.207
General Check archive.org Show headers Download Go to Show image Full URL https://d3il08p0vgwdw.cloudfront.net/v0/B84VZK,000000.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.89.207 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash 2004fafe63498415c4f5f838b78327a217c36b846806e434079af0b4fa9bc54a Request headers Accept-Language de-DE,de;q=0.9 Referer https://safelyreturn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 11 Sep 2021 18:22:41 GMT via 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront) last-modified Fri, 05 Feb 2021 06:24:52 GMT server AmazonS3 age 172 etag "1bdcbacd3c0ce1976ebd6e8d1c655910" x-cache Hit from cloudfront content-type binary/octet-stream x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 4321 x-amz-cf-id IKqSlTC9sohG-VPi3myMVg2Mtu6dvhykf09bDHeZ6KjGBtQm62l0Jw==
GET H2	200	ELTZV7,000000.png d3il08p0vgwdw.cloudfront.net/v0/	4 KB 4 KB	28ms 28ms	Image binary/octet-stream	13.224.89.207
General Check archive.org Show headers Download Go to Show image Full URL https://d3il08p0vgwdw.cloudfront.net/v0/ELTZV7,000000.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.89.207 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash 989dc3e27e4c054a33b6bc2fa8db2191386cfa40a3ddeb6136e93355308ef2d6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://safelyreturn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 11 Sep 2021 18:22:41 GMT via 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront) last-modified Fri, 05 Feb 2021 06:25:02 GMT server AmazonS3 age 172 etag "2dfacdcb79f314ed39cb2814a01481f1" x-cache Hit from cloudfront content-type binary/octet-stream x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 4114 x-amz-cf-id 1nMEGsSUXxBqvr01mlNuoIdbQk8S85UnDdrHlGcpZdXakfcMW8gtPg==
GET H2	200	LDLLE8,000000.png d3il08p0vgwdw.cloudfront.net/v0/	4 KB 4 KB	26ms 25ms	Image binary/octet-stream	13.224.89.207
General Check archive.org Show headers Download Go to Show image Full URL https://d3il08p0vgwdw.cloudfront.net/v0/LDLLE8,000000.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.89.207 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash 8801e9d218c1daebeb9cc743b12d938bf9e151509ae9fa013d8baa134e3d3312 Request headers Accept-Language de-DE,de;q=0.9 Referer https://safelyreturn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 11 Sep 2021 18:22:42 GMT via 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront) last-modified Fri, 05 Feb 2021 06:25:53 GMT server AmazonS3 age 172 etag "b67edc341209bbf6c6190c6cff0f35f4" x-cache Hit from cloudfront content-type binary/octet-stream x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 4246 x-amz-cf-id LQ7AIz7h_idIhmEOP8nYRBj85MCDfUflargNnRK0J848ZKaBaJ1l8g==
GET H2	200	GD38DE,000000.png d3il08p0vgwdw.cloudfront.net/v0/	4 KB 4 KB	462ms 462ms	Image binary/octet-stream	13.224.89.207
General Check archive.org Show headers Download Go to Show image Full URL https://d3il08p0vgwdw.cloudfront.net/v0/GD38DE,000000.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.89.207 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash c9b04993898aa5c288aba94f4755fc22db20ae65285c23af004b13cb88b3c2ec Request headers Accept-Language de-DE,de;q=0.9 Referer https://safelyreturn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 11 Sep 2021 18:25:41 GMT via 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront) last-modified Fri, 05 Feb 2021 06:25:16 GMT server AmazonS3 x-amz-cf-pop ZRH50-C1 etag "8120ae8dd7e46639c3c16d221444b90c" x-cache Miss from cloudfront content-type binary/octet-stream accept-ranges bytes content-length 4094 x-amz-cf-id dKSJnytO3o2pxfKMVoHrAf3yLctPEjtd16a4aVqbMsOmgX5qxzVVEQ==
GET		S2NLKS,000000.png d3il08p0vgwdw.cloudfront.net/v0/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

d3il08p0vgwdw.cloudfront.net

URL

https://d3il08p0vgwdw.cloudfront.net/v0/S2NLKS,000000.png

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| core object| __core-js_shared__

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1b02f4b7wl.execute-api.us-east-2.amazonaws.com
d3il08p0vgwdw.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
safelyreturn.com
d3il08p0vgwdw.cloudfront.net
13.224.89.207
13.224.94.62
142.250.74.131
167.99.242.112
64.233.167.95
004695ebb0d4157107ab91cd716bb56b10696a8d8599c33bc33c00abc623d4ce
2004fafe63498415c4f5f838b78327a217c36b846806e434079af0b4fa9bc54a
255e42e03a9d30c676274370f2ff86786aa5ea8a38377dbc99553c53a54e1ae6
402078f2b63525fb1c5771b27e55d56576ccd81e1c022f8b44b6ea511a344e42
470032c7459cea9d645db96a927bb62c99d74525d42f66682b0bd71fdd3c1eac
617c089c21c2cf560242975d028eebdfcaaf563692e6ecf041a3a955df711f0f
63d30ea84895a4c62868276a877f2e820c6586f18333cd1fb2b6038ec41f01a6
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
8801e9d218c1daebeb9cc743b12d938bf9e151509ae9fa013d8baa134e3d3312
9543ab1fe92495c0afce7b33701258f7fd1326729f521c17eeaca0e43762abd7
989dc3e27e4c054a33b6bc2fa8db2191386cfa40a3ddeb6136e93355308ef2d6
9ebdbe25e136b3cad6552b50f575758032e7eab5686b87c4d7a071f4ca6269de
b541fd5dbc2c9a4860788aaeb6e4bf0929f7ca3222275e4ec8cd982ac07cd495
bf029d553ab37269dd624c6bfbcc691b986819b3320ee8eeaa5b877b5574b847
c9b04993898aa5c288aba94f4755fc22db20ae65285c23af004b13cb88b3c2ec
da62e32db315e47e54e550fa8110ca1e834f7459e0a81c0e7af8dbdee294da64
dfe1524bd88ebdbfdc5a5a6b10e33dda5762ecfa2f0edc59d34e685861126e9b
ec442820e75df717ad6f420dd07bdec837a9a79e302be529cd51baddf3ecb4d5
f0c6af553999790504b3a3f59abfa08383e2302fa4a6a9c2eece3b48855004f2
f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac
fd5f594e5688e607973bacf83311cf9eebf45ca481c2cab40508cf6155b85a8c