urlscan.io logo urlscan.io
SecurityTrails logo

safesend.com Open in urlscan Pro
137.184.157.230  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://safesendreturns.com/
Effective URL: https://safesend.com/solutions/safesend-returns/
Submission Tags: falconsandbox
Submission: On April 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 4 countries across 22 domains to perform 72 HTTP transactions. The main IP is 137.184.157.230, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is safesend.com. The Cisco Umbrella rank of the primary domain is 479764.
TLS certificate: Issued by R3 on March 31st 2024. Valid for: 3 months.
This is the only time safesend.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.152.147 16509 (AMAZON-02)
1 26 137.184.157.230 14061 (DIGITALOC...)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
5 2a00:1450:400... 15169 (GOOGLE)
6 104.18.70.113 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.72.113 13335 (CLOUDFLAR...)
2 54.227.174.173 14618 (AMAZON-AES)
1 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 188.114.97.3 13335 (CLOUDFLAR...)
1 104.16.53.111 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
3 104.18.37.212 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 104.16.117.43 13335 (CLOUDFLAR...)
72 27
1    3.33.152.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com
safesendreturns.com
26    137.184.157.230 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
safesend.com
5    2a02:26f0:3500:16::215:1484 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
5    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
solve-widget.forethought.ai
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:89d1 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2606:4700::6810:4869 (United States)

ASN13335 (CLOUDFLARENET, US)
scout-cdn.salesloft.com
1    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
2    54.227.174.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-174-173.compute-1.amazonaws.com
scout.salesloft.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700:20::681a:480 (United States)

ASN13335 (CLOUDFLARENET, US)
www.vbt.io
2    2606:4700::6810:6bfe (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
forms.hscollectedforms.net
1    2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:df98 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
solve-widget.forethought.ai
1    104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)
cpaperless.zendesk.com
1    2606:4700::6812:f06c (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
1    2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
3    104.18.37.212 (None, )

ASN13335 (CLOUDFLARENET, US)
js.zi-scripts.com
1    2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
5    104.16.117.43 (None, )

ASN13335 (CLOUDFLARENET, US)
ws-assets.zoominfo.com
ws.zoominfo.com
Apex Domain
Subdomains		 Transfer
26 safesend.com
safesend.com — Cisco Umbrella Rank: 479764
559 KB
7 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2198
ekr.zdassets.com — Cisco Umbrella Rank: 2568
361 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 328
www.linkedin.com — Cisco Umbrella Rank: 613
px4.ads.linkedin.com — Cisco Umbrella Rank: 6223
3 KB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 463
p.typekit.net — Cisco Umbrella Rank: 574
90 KB
5 zoominfo.com
ws-assets.zoominfo.com — Cisco Umbrella Rank: 11694
ws.zoominfo.com — Cisco Umbrella Rank: 4706
30 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
357 KB
3 zi-scripts.com
js.zi-scripts.com — Cisco Umbrella Rank: 6963
4 KB
3 salesloft.com
scout-cdn.salesloft.com — Cisco Umbrella Rank: 10820
scout.salesloft.com — Cisco Umbrella Rank: 13740
4 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4528
forms.hscollectedforms.net — Cisco Umbrella Rank: 4688
26 KB
2 forethought.ai
solve-widget.forethought.ai — Cisco Umbrella Rank: 15817
10 KB
1 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 2416
1 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 781
17 KB
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3493
1 KB
1 zendesk.com
cpaperless.zendesk.com
1 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3146
4 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2216
22 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2206
23 KB
1 vbt.io
www.vbt.io — Cisco Umbrella Rank: 93045
517 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2404
242 B
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2505
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
1 safesendreturns.com
safesendreturns.com — Cisco Umbrella Rank: 66787
331 B
72 22
Domain Requested by
26 safesend.com 1 redirects safesend.com
6 static.zdassets.com safesend.com
static.zdassets.com
5 www.googletagmanager.com safesend.com
www.googletagmanager.com
js.hsadspixel.net
5 use.typekit.net safesend.com
use.typekit.net
4 ws.zoominfo.com js.zi-scripts.com
ws-assets.zoominfo.com
4 px.ads.linkedin.com 3 redirects snap.licdn.com
3 js.zi-scripts.com safesend.com
js.zi-scripts.com
2 scout.salesloft.com scout-cdn.salesloft.com
2 solve-widget.forethought.ai safesend.com
solve-widget.forethought.ai
1 ws-assets.zoominfo.com js.zi-scripts.com
1 track.hubspot.com
1 px4.ads.linkedin.com safesend.com
1 www.linkedin.com 1 redirects
1 snap.licdn.com js.hsadspixel.net
1 forms.hscollectedforms.net js.hscollectedforms.net
1 api.hubapi.com js.hsadspixel.net
1 cpaperless.zendesk.com static.zdassets.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 www.vbt.io safesend.com
1 region1.google-analytics.com www.googletagmanager.com
1 ekr.zdassets.com static.zdassets.com
1 scout-cdn.salesloft.com safesend.com
1 p.typekit.net use.typekit.net
1 js.hs-scripts.com safesend.com
1 fonts.googleapis.com safesend.com
1 safesendreturns.com 1 redirects
72 29
Subject Issuer Validity Valid
safesend.com
R3		 2024-03-31 -
2024-06-29		 3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
zdassets.com
E1		 2024-03-03 -
2024-06-01		 3 months crt.sh
solve-widget.forethought.ai
GTS CA 1P5		 2024-02-25 -
2024-05-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
hs-scripts.com
E1		 2024-04-01 -
2024-06-30		 3 months crt.sh
salesloft.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-20 -
2025-04-19		 a year crt.sh
vbt.io
GTS CA 1P5		 2024-03-03 -
2024-06-01		 3 months crt.sh
hscollectedforms.net
E1		 2024-03-29 -
2024-06-27		 3 months crt.sh
hs-banner.com
E1		 2024-04-01 -
2024-06-30		 3 months crt.sh
hs-analytics.net
GTS CA 1P5		 2024-04-13 -
2024-07-12		 3 months crt.sh
hsadspixel.net
E1		 2024-04-16 -
2024-07-15		 3 months crt.sh
cpaperless.zendesk.com
Cloudflare Inc ECC CA-3		 2024-03-05 -
2024-12-31		 10 months crt.sh
hubapi.com
E1		 2024-03-06 -
2024-06-04		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2024-07-30		 6 months crt.sh
zi-scripts.com
GTS CA 1P5		 2024-03-29 -
2024-06-27		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2024-01-06 -
2024-12-31		 a year crt.sh
zoominfo.com
E1		 2024-03-22 -
2024-06-20		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://safesend.com/solutions/safesend-returns/
Frame ID: A6A1EE3185083A724CA33A9B5F08E6C2
Requests: 62 HTTP requests in this frame

Frame: https://solve-widget.forethought.ai/?v=2
Frame ID: 6814D59525D1D6766D7F3E33193B28DA
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js
Frame ID: 1FEA000A0A765B8BE803750AB2F994BB
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SafeSend Returns | Tax Return Assembly & Delivery | SafeSend

Page URL History Show full URLs

  1. http://safesendreturns.com/ HTTP 307
    https://safesendreturns.com/ HTTP 307
    http://safesendreturns.com/ HTTP 301
    https://safesend.com/safesend-returns HTTP 301
    https://safesend.com/solutions/safesend-returns/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

72
Requests

97 %
HTTPS

63 %
IPv6

22
Domains

29
Subdomains

27
IPs

4
Countries

1513 kB
Transfer

21148 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://safesendreturns.com/ HTTP 307
    https://safesendreturns.com/ HTTP 307
    http://safesendreturns.com/ HTTP 301
    https://safesend.com/safesend-returns HTTP 301
    https://safesend.com/solutions/safesend-returns/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5579476&time=1713364003614&li_adsId=15c31b32-09ab-4288-aeb6-8cd8e16fa99a&url=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5579476&time=1713364003614&li_adsId=15c31b32-09ab-4288-aeb6-8cd8e16fa99a&url=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5579476%26time%3D1713364003614%26li_adsId%3D15c31b32-09ab-4288-aeb6-8cd8e16fa99a%26url%3Dhttps%253A%252F%252Fsafesend.com%252Fsolutions%252Fsafesend-returns%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5579476&time=1713364003614&li_adsId=15c31b32-09ab-4288-aeb6-8cd8e16fa99a&url=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5579476&time=1713364003614&li_adsId=15c31b32-09ab-4288-aeb6-8cd8e16fa99a&url=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&cookiesTest=true&liSync=true&e_ipv6=AQLzNirDQI_KMAAAAY7sc-8yzvCv69oQ6Sd5m1WPXzG7VjPw6C8Ao2Y_THhtVr2OwOpuQ-DnxO4D

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
safesend.com/solutions/safesend-returns/
Redirect Chain
  • http://safesendreturns.com/
  • https://safesendreturns.com/
  • http://safesendreturns.com/
  • https://safesend.com/safesend-returns
  • https://safesend.com/solutions/safesend-returns/
36 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3509e76ccdf539c77398c41a0ae50c43d124ef8a7819f6d5e893cd5f361b10d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 17 Apr 2024 14:26:42 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://safesend.com/wp-json/>; rel="https://api.w.org/" <https://safesend.com/wp-json/wp/v2/pages/638>; rel="alternate"; type="application/json" <https://safesend.com/?p=638>; rel=shortlink
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
a7c_HTTP.200,a7c_page,a7c_URL.91cc1ea937e93d9a61417ebf9b0bf28a,a7c_Po.638,a7c_PGS,a7c_
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=3600
content-type
text/html; charset=UTF-8
date
Wed, 17 Apr 2024 14:26:41 GMT
expires
Wed, 17 Apr 2024 15:26:41 GMT
location
/solutions/safesend-returns/
server
nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-litespeed-cache-control
no-cache
x-litespeed-tag
a7c_HTTP.301,a7c_HTTP.301
x-redirect-by
redirection
x-xss-protection
1; mode=block
peg5sgu.css
use.typekit.net/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/peg5sgu.css
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
784b3fe028d46b2c0a0bedd24d34fc27c364f72d89c0468b6d0ef689aea7c619
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 17 Apr 2024 14:26:42 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
938
main.css
safesend.com/css/ 		208 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safesend.com/css/main.css
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
155d68cb587433babd0a39e7cf92730b3a1ad6fd7a2b09d80a3e047692835966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/solutions/safesend-returns/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 01 Apr 2024 04:41:30 GMT
server
nginx
etag
W/"660a3afa-33e4d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		267 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N4ED345K9H
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f00df27fe305b578ea1d8b4853ebbfa8a793527d6b606178cec72d37f63fc46d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92013
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Apr 2024 14:26:42 GMT
js
www.googletagmanager.com/gtag/ 		250 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-600168156
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7f9c66fc402cee23d06d4d781c1a33fa2fd73706425f974c1ea716e9a8495d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88150
x-xss-protection
0
last-modified
Wed, 17 Apr 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 Apr 2024 14:26:42 GMT
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=e4a08ad3-109d-46df-bd26-4999d64bd479
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
1DHHFWH3W18K6FRC
age
37
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
5TasfsCC0Yo0G0gENC9tgPwNwQQuDA+LF1NR4PaHPWKuj9Ynj1IpeWN+v/53DFIisbV1tReMCPC+708ujeHb+A==
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vJ3DaPPbQ0AR%2FkutN4Rkd4K4kyNcvRZTosW18U%2FarDlHK9gczfyAxn6E%2FuVs95%2B0wta3WdYVCTvOw1SUY3TMSTK0%2FDaKron9ljxbZRHVqaJsfO1ljFltEd8r46VAuLP8UGxbkf0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
875d1775ac068ed6-FRA
access-control-allow-headers
*
embed.js
solve-widget.forethought.ai/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://solve-widget.forethought.ai/embed.js
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3df3bc16180facf0fb67125ddb4fb8fe94de24c7d884002c331b944d9930507e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"17fd41713e8bd743b88dc04e0f613218"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Erz%2FuHxpVHP6lsrcvoc1UEXMziBjYMFRlxhIx0r5rHPjnjlZ7%2F6s1A4VWTMgk4nVaG7Ad9TEQs%2BYKimuIVpBmFTjZQQL7TOT1HHxNYk4rSvsKs%2FpmYJNFG2%2FuT76dygBh%2B%2F4034YPqouwOm4%2FkWk0GvR9419yvavb2A%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
875d1775cccf190b-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		24 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans%3A400italic%2C700italic%2C400%2C700%7CNoto+Serif%3A400italic%2C700italic%2C400%2C700%7CInconsolata%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8da970c392a4e9e535629ac6661620968785dadda32e4280d04e9ddcc972fbc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Apr 2024 14:26:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Apr 2024 14:00:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Apr 2024 14:26:42 GMT
style.css
safesend.com/wp-content/themes/safesend/ 		837 B
709 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safesend.com/wp-content/themes/safesend/style.css?ver=6.5.2
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1a1fd3be6d8270cea04d54b3e34b516954c21e9f7f0e13009734b5d1a5ccaeb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/solutions/safesend-returns/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Jun 2023 23:36:44 GMT
server
nginx
etag
W/"64865a8c-345"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
logo.png
safesend.com/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/logo.png
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d2ae6a17951c333ad801a95a6a89284aab6b9fc26546d9944ac953a6e4df227f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/solutions/safesend-returns/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-1a63"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
6755
x-xss-protection
1; mode=block
returns.png
safesend.com/img/logos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/logos/returns.png
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
3def882cf0377243fc79620a58078e7348370b01335d1e9db1c42e0a387ad3bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/solutions/safesend-returns/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-1c57"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
7255
x-xss-protection
1; mode=block
dollars.png
safesend.com/img/icons/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/icons/dollars.png
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
0887bd3d99ac8c52fd966b31f24e3db6a3aebe41eeaa5b289023b3be1c7e4ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/solutions/safesend-returns/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-14e9"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
5353
x-xss-protection
1; mode=block
clock-2.png
safesend.com/img/icons/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/icons/clock-2.png
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d1ee65f4db0cb8e820e9b4ea86af2f0034fc4a8f93bad73bc6f96fe633dc8a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/solutions/safesend-returns/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-1918"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
6424
x-xss-protection
1; mode=block
people.png
safesend.com/img/icons/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/icons/people.png
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
73d3ce1ecea3cb6b1069bb5d7724ce69b5419175d6a981834ac2e2fbef91538d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/solutions/safesend-returns/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-1acb"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
6859
x-xss-protection
1; mode=block
stars.png
safesend.com/img/icons/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/icons/stars.png
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
3395dab0f1bc72b607bba1ef110a10a0d66031c18875c4c0af72c2ee065b5fd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/solutions/safesend-returns/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-2633"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
9779
x-xss-protection
1; mode=block
jquery.min.js
safesend.com/js/vendor/jquery/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safesend.com/js/vendor/jquery/jquery.min.js
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/solutions/safesend-returns/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
W/"64911264-15851"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
foundation.min.js
safesend.com/js/vendor/foundation/ 		479 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safesend.com/js/vendor/foundation/foundation.min.js
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
f29692bed02af855a1b94e4b99ac94de8b6f4a41d86ac6ac2897e47d0a0d66b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/solutions/safesend-returns/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
W/"64911264-77b01"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
jquery.validate.min.js
safesend.com/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safesend.com/js/jquery.validate.min.js
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/solutions/safesend-returns/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
W/"64911264-5f7b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cleave.min.js
safesend.com/js/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safesend.com/js/cleave.min.js
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
7eb194c2648de022cb8f29399b9f4409d5ec0cc5314d6e4eea175c78d1d5089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/solutions/safesend-returns/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
W/"64911264-528d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
app.js
safesend.com/js/dist/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safesend.com/js/dist/app.js
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
3d7292c7b36ba160ca4c22a9dc2901c5a470751af5c70e2a5900b0e2424f71b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/solutions/safesend-returns/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Nov 2023 21:22:47 GMT
server
nginx
etag
W/"655d1fa7-3421"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
20493702.js
js.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/20493702.js
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6018d19868936081bce7a56e4e5068d7c701d574722fd1bd3d9ab7c1e3fff8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
dee8f3b5-3a99-4bc1-9828-4046036304ec
x-envoy-upstream-service-time
13
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
dee8f3b5-3a99-4bc1-9828-4046036304ec
last-modified
Wed, 17 Apr 2024 11:43:37 GMT
server
cloudflare
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://safesend.com
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-697677dfc-spwfg
access-control-allow-credentials
true
cache-control
public, max-age=90
cf-ray
875d1778fe3a5d78-FRA
expires
Wed, 17 Apr 2024 14:28:12 GMT
foundation.min.css
safesend.com/css/vendor/foundation/ 		142 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safesend.com/css/vendor/foundation/foundation.min.css
Requested by
Host: safesend.com
URL: https://safesend.com/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
fe529a0c4b6a9ef7421fad70c10e9337402adcb8536e7f64c1bf4ae6fba11aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/css/main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:47 GMT
server
nginx
etag
W/"64911263-23702"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=peg5sgu&ht=tk&f=15723.15724.15725.15726.15780.15782.37496.37497.42302&a=2580944&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/peg5sgu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.typekit.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
gtm.js
www.googletagmanager.com/ 		263 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N3CL2TT
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
061f315e6d14dcb80c0bd256ddb4bebd114ad70bc989c5fd436df414f6882aaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92640
x-xss-protection
0
last-modified
Wed, 17 Apr 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 Apr 2024 14:26:42 GMT
sl.js
scout-cdn.salesloft.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scout-cdn.salesloft.com/sl.js
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4869 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
x-amz-version-id
6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
EZPGEPEQRJ835T56
age
6231
alt-svc
h3=":443"; ma=86400
x-amz-id-2
vj/H9CfyiKNwtvLJrelCw6CtXo93qB0KDTwbomYs8Kf/kZA94jYHXVgMqek/RNtsa+9eO7BrPxA=
last-modified
Mon, 13 Dec 2021 16:28:37 GMT
server
cloudflare
etag
W/"d74cc4825c8e333b2116da3fcc649db1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
875d17794d4b3665-FRA
expires
Wed, 17 Apr 2024 18:26:42 GMT
e4a08ad3-109d-46df-bd26-4999d64bd479
ekr.zdassets.com/compose/ 		1022 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/e4a08ad3-109d-46df-bd26-4999d64bd479
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=e4a08ad3-109d-46df-bd26-4999d64bd479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f018dee305cc045acc1ee90ebf7e9ff9cc37ef7c31b7167780c47c69dc115f2a
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
872abd15a9554cb1-SEA, 872abd15a9554cb1-SEA
x-runtime
0.010506
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"f018dee305cc045acc1ee90ebf7e9ff9"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gM2Qku%2BFyukc5vB%2FBWY1oU0%2FT36SYzRrrKRza%2BMCSWWaQjEAfYy7IfsbKokRF05gFH8ugvHvZtbj%2BtB3nXXe5vfQfeNuZrG5EyHIPx2kAJoeFGGKYMenSqKLTYK1s9v0kOY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
875d1778adfd71d0-FRA
client-side.mp4
safesend.com/video/ 		8 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://safesend.com/video/client-side.mp4
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://safesend.com/solutions/safesend-returns/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Jul 2023 22:12:36 GMT
server
nginx
etag
"64bb02d4-b7ccc0"
x-frame-options
SAMEORIGIN
content-type
video/mp4
Content-Range
bytes 0-12045503/12045504
Content-Length
12045504
x-xss-protection
1; mode=block
firm-side.mp4
safesend.com/video/ 		8 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://safesend.com/video/firm-side.mp4
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://safesend.com/solutions/safesend-returns/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Jul 2023 22:12:36 GMT
server
nginx
etag
"64bb02d4-90b0e2"
x-frame-options
SAMEORIGIN
content-type
video/mp4
Content-Range
bytes 0-9482465/9482466
Content-Length
9482466
x-xss-protection
1; mode=block
46af3b4d-6c9f-4935-ac60-11f839dfb3de
https://safesend.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://safesend.com/46af3b4d-6c9f-4935-ac60-11f839dfb3de
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
bg24.jpg
safesend.com/img/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/bg24.jpg
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff845cb4242bfc02e5e69dd2040af1597671cb21a13044926c71da06d8c76d31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/solutions/safesend-returns/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-191de"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
102878
x-xss-protection
1; mode=block
shape.png
safesend.com/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/shape.png
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
05f2fbd5e3ceb9405b1dd1d282d384e53543454d0354f2e6f905c04c2efc2cba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/solutions/safesend-returns/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-d30"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
3376
x-xss-protection
1; mode=block
green-stripes2.png
safesend.com/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/green-stripes2.png
Requested by
Host: safesend.com
URL: https://safesend.com/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
028d226f2d1880c9460ae6575d8baa726e9fa28dfd434426deabbcff5b725ad3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/css/main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-1d11"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
7441
x-xss-protection
1; mode=block
bg31.jpg
safesend.com/img/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/bg31.jpg
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3a4b3fc49c8963cb2a7d5ee2827a82d309456227174b517256b2a343116463d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/solutions/safesend-returns/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-d039"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
53305
x-xss-protection
1; mode=block
l
use.typekit.net/af/b0bf15/00000000000000007735a103/30/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/b0bf15/00000000000000007735a103/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/peg5sgu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
399c13fe7c0ed145edc5ec0c92ac7cb47492d936cf94610e1b80e2fece4912d9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.typekit.net/peg5sgu.css
Origin
https://safesend.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
server
nginx
etag
"f1dbc66121524451893978a2dec3f54418968a6a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22328
fa-solid-900.woff2
safesend.com/css/vendor/fontawesome/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://safesend.com/css/vendor/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: safesend.com
URL: https://safesend.com/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/css/main.css
Origin
https://safesend.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:47 GMT
server
nginx
etag
"64911263-127d0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
content-length
75728
x-xss-protection
1; mode=block
l
use.typekit.net/af/7fe570/00000000000000007735a0ee/30/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/7fe570/00000000000000007735a0ee/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/peg5sgu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
dd4be9042a59092f846756f53e210e006fccb12797ece1f1e6fb8fa2e5c2e387

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.typekit.net/peg5sgu.css
Origin
https://safesend.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
server
nginx
etag
"3a99f8a8066e011d44c6f3be700416e5cbeb0438"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22172
fa-brands-400.woff2
safesend.com/css/vendor/fontawesome/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://safesend.com/css/vendor/fontawesome/webfonts/fa-brands-400.woff2
Requested by
Host: safesend.com
URL: https://safesend.com/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/css/main.css
Origin
https://safesend.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:47 GMT
server
nginx
etag
"64911263-12648"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
content-length
75336
x-xss-protection
1; mode=block
l
use.typekit.net/af/d22e78/00000000000000007735a109/30/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/d22e78/00000000000000007735a109/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/peg5sgu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f42405ae266f4dc6cf461296e8e27e52c14d7bed49c84d575098a2d6c1dd4f22

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.typekit.net/peg5sgu.css
Origin
https://safesend.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
server
nginx
etag
"65fd196bfef2057d3b89d2ff27e7fbf7b1bed9a5"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22752
l
use.typekit.net/af/21b2f2/00000000000000007735a100/30/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/21b2f2/00000000000000007735a100/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/peg5sgu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
34d4559f46dfa5f9a67243a7bbaf9d5d4bacfe7bd392fc16a6c4e0c6d95e1630

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.typekit.net/peg5sgu.css
Origin
https://safesend.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
server
nginx
etag
"cd51b03cc6528cf7a0b4fae7aade3b009001629b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23104
r
scout.salesloft.com/ 		41 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMTA2MTN9.vaqalEp0D3AjH4wmOwXvzRDSPFjM6cM3G0Cn_lS60-A
Requested by
Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.227.174.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-174-173.compute-1.amazonaws.com
Software
/
Resource Hash
b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://safesend.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
41
x-request-id
48bf88638e4a1fc2387c6a9baf58381b
js
www.googletagmanager.com/gtag/ 		267 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N4ED345K9H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-600168156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30784ef1d7273a2203513008bf3eb9eb216981304225501cd664b5163eba974a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92095
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Apr 2024 14:26:42 GMT
collect
region1.google-analytics.com/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-N4ED345K9H&gtm=45je44f0v9132332111za200&_p=1713364002549&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1658234620.1713364003&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1713364002&sct=1&seg=0&dl=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&dt=SafeSend%20Returns%20%7C%20Tax%20Return%20Assembly%20%26%20Delivery%20%7C%20SafeSend&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4654
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N4ED345K9H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 14:26:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://safesend.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracker
www.vbt.io/ 		0
517 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vbt.io/tracker?_account=VBT-35003-4873&_domain=https://safesend.com
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:480 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ANi%2FeMSEl8ELPbOaA9YciRuDpt2BOlpjXkEpH1LKblmiCwDG5FnDauUSilpJSYdcssjRVtkBOnn4eozFuE5zZ%2FG9QZBh8juIObvRMDGcbyMm8FbDSQJQ%2FzVjgWIM%2FbDX9ZetHC9HOFQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
cf-ray
875d177b695c1e54-FRA
collectedforms.js
js.hscollectedforms.net/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20493702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c76dd89a767afd512ce6c6370424f39a632ebb736c16ac37952fbfd97575448
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Origin
https://safesend.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:43 GMT
x-amz-version-id
_rd02ux3UWoVQsATQDf.p_LxkLPJ6umh
via
1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
13401d19-e0f2-431c-b93c-5d4cab4a4f8b
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.491/bundles/project.js&cfRay=875d177b485a9756-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
2
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
13401d19-e0f2-431c-b93c-5d4cab4a4f8b
last-modified
Wed, 10 Apr 2024 18:06:23 UTC
server
cloudflare
etag
W/"020909a609cf986b4a8a88cfb577a8db"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-z4v48
cf-ray
875d177b485a9756-FRA
x-amz-cf-id
_ohil5W0Cz_fCWPzkRqn8I2t9uqbCbrCPFy3op3LqFAihrKycQOZ2A==
x-hs-target-asset
collected-forms-embed-js/static-1.491/bundles/project.js
banner.js
js.hs-banner.com/v2/20493702/ 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/20493702/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20493702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
426ac3d85510f8d3ce339d485b6a4d6e5e5a13b2730bf4f4a771f9b20aad5cab

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:43 GMT
x-amz-version-id
YfET.CIliqIB3BM.FFqddn_amKEaN5ix
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
P4F43EW3M5MY30RZ
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
2bed2da3-4f58-4eac-b691-1ede4dc811e7
x-envoy-upstream-service-time
23
x-amz-id-2
DTng3RoPaM9Tbw6fAujybL6gRkRhAsSLDH7AcV7stRap1Sl4BiDcIFeAD1/SFtx/3qZAtD4qaSY=
x-evy-trace-listener
listener_https
x-request-id
2bed2da3-4f58-4eac-b691-1ede4dc811e7
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 15 Apr 2024 15:58:12 GMT
server
cloudflare
etag
W/"47c6add63ff8752b9a78970e53871534"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://safesend.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-snf7h
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
875d177b58b5048f-FRA
expires
Wed, 17 Apr 2024 14:31:43 GMT
20493702.js
js.hs-analytics.net/analytics/1713363900000/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1713363900000/20493702.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20493702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2f4e821f8a3443a115adbc4ebb0d3d6f86778ac10368c1d9841592a23fb29de

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:43 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
0WRPA92CYACVG44T
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
8dd22224-c937-49bc-9472-86be73acc545
x-envoy-upstream-service-time
24
x-amz-id-2
vhbptREucewUkAxj6ThBJOOxTPDlr/QLe5NE3g14MSNqE9lT4qWMc3gNxGMoKrT1HzGZGxm5fI/M4L2QptCgQZZpLBjCQMlP
x-evy-trace-listener
listener_https
x-request-id
8dd22224-c937-49bc-9472-86be73acc545
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 15 Apr 2024 19:36:56 GMT
server
cloudflare
etag
W/"75ba06cb04b5b9fac09d514d8e2b33c5"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-snf7h
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
875d177b5d5b03f4-FRA
expires
Wed, 17 Apr 2024 14:31:43 GMT
fb.js
js.hsadspixel.net/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20493702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:df98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0360c12a2f39ba0f8873ab217623c352fef0d3672befb9ce5136946e537f29be
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:43 GMT
x-amz-version-id
BtO8p0y7ZopGQ_LpMP80hwfqbg3Puoq5
via
1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
21
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.548/bundles/pixels-release.js&cfRay=875d16f7adafbc03-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
7babb6a6-01b1-411a-bcd3-274983a8f6b4
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
2
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
7babb6a6-01b1-411a-bcd3-274983a8f6b4
last-modified
Tue, 16 Apr 2024 13:53:51 UTC
server
cloudflare
etag
W/"854c1cae2954b4bee672fc0896af4bc9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-xzfkt
cf-ray
875d177b5bd55d3e-FRA
x-amz-cf-id
pvgZYpO28TsOiXa9jdmhjdsbdOPPHi3DQwOAvuXtMHG9nUedpJiI7Q==
x-hs-target-asset
adsscriptloaderstatic/static-1.548/bundles/pixels-release.js
/
solve-widget.forethought.ai/ Frame 6814 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://solve-widget.forethought.ai/?v=2
Requested by
Host: solve-widget.forethought.ai
URL: https://solve-widget.forethought.ai/embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://safesend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-transform
cf-ray
875d177b3e475d5d-FRA
content-type
text/html; charset=utf-8
date
Wed, 17 Apr 2024 14:26:43 GMT
etag
"139eb7ec8e2491d2f9685e00919fcbc1"
link
<https://solve-api.forethought.ai/>; rel="preconnect", <https://static.cloudflareinsights.com>; rel="preconnect", <https://cloudflareinsights.com>; rel="preconnect"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RQsIG8HCTUxdcWVQsuXow4f%2BvMomKRDuPY3rBLSm19pQaNvFvnww%2FFwgZiOmbDP8i4dmp5reFZ0zHlrzX%2Fztu%2BRvkmjnoqF%2FZin0WDpQ8cG%2B45%2B1Xwrbu1OdFssBAhpRbxYld572mhiIm4ARzGU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
wp-emoji-release.min.js
safesend.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safesend.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/solutions/safesend-returns/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Apr 2024 19:40:57 GMT
server
nginx
etag
W/"660c5f49-4926"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
web-widget-main-7bc1c0f.js
static.zdassets.com/web_widget/classic/latest/ Frame 1FEA 		969 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=e4a08ad3-109d-46df-bd26-4999d64bd479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4ac95d1ab40c0d78d98acf1da862b901ce896b43f738c7b1731c986a612bf4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:43 GMT
x-amz-version-id
_IYDenNVju8wHXIpAa8FJzBqmTlghdyK
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
64S1GV9HNQKB0DVA
age
45
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
ldH41+NY0+fYAgvbqFIJmvudIE2j/SxzaKSwKqxB3P/vSWpJ08HqoFV2mSP6KWgMbK8lgvcvTvmD4moNqUmffw==
last-modified
Mon, 08 Apr 2024 13:46:13 GMT
server
cloudflare
etag
W/"3784cf5e1ddd3a68e335f3bb4a5e2fcd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zuKOMNAcplgTWKM3cIiMV9s2IafSOfjLcH8ttyjHZj6dxyo8%2F3Zr%2FFhxsICPedwtnpaC72mbbIEZbPuxsLDxL30Gf%2F4SEhJU7Dj3iSdKs6VRLfbb2H2AQ6XKGpX%2BD5c7%2B9l5OQg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
875d177b1ac88ed6-FRA
access-control-allow-headers
*
expires
Tue, 08 Apr 2025 13:46:12 GMT
en-us-json-7bc1c0f.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 1FEA 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-7bc1c0f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:43 GMT
x-amz-version-id
LLNIVxZ_bojnmbOmqAvI_43_VNrKfel_
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
DKWT4SJ3NP0VX855
age
528094
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
W9B1SBtAeKjZ8kR3+2GgpY7yqrRwEUd74ifS+fdKkR32Prbx0bEwMeNV6dGVRlF6Cg02ybWPMLk=
last-modified
Mon, 08 Apr 2024 13:46:15 GMT
server
cloudflare
etag
W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vSdmgdqcxz2r0uwP%2FDxKTCWyKHJMGIb%2F6ry%2BMnMFV9XZAlKBlusPP8MAk0QY9pFAl55IYf%2Buw8J%2BQGo%2FpIPdB%2BnynIDJFJsOnKfynxX%2BRYcaR%2BWJGkYxWEiVJgzgLrcNBfo7w%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
875d177ef81c8ed6-FRA
access-control-allow-headers
*
expires
Tue, 08 Apr 2025 13:46:13 GMT
config
cpaperless.zendesk.com/embeddable/ Frame 1FEA 		676 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpaperless.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acba7e10b205d6f1b747644d945928130a482df042f6598977d91c3375ab4a70

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:43 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-54668d8dc5-fg5bj
x-cached
MISS
x-runtime
0.002440
last-modified
Wed, 17 Apr 2024 13:34:01 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L8MTdLml7G74xoFqlJeyGsmIluZpFDF6xkFpLjMrgFazpYrtMV6VCYch2HIWZmfrMeAu6%2F81t9H%2F6%2Ba9mXmHkL75UUVSD4FKXUrGMlKzM6v3lxqTi2bCtqmqZcBKviPXHSHIiFPlcwU%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
875d177c8fc437e3-FRA
i
scout.salesloft.com/ 		48 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/i
Requested by
Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.227.174.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-174-173.compute-1.amazonaws.com
Software
/
Resource Hash
f823fa16096cb1889682fb3228d543ea4a9e39551a2ebf6ad674239e121e7253
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://safesend.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
48
x-request-id
6d07b9f3f1d7756abfc7f170d5ff2863
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 		180 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=20493702
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f06c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b01ce6249a489445642aedfd0681ff3066102c96d0b7f1d5e55ece660da2590
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
75ecc2e9-bf73-47d3-a63e-873c5abfc4b5
content-encoding
br
x-envoy-upstream-service-time
34
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
75ecc2e9-bf73-47d3-a63e-873c5abfc4b5
server
cloudflare
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://safesend.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-697677dfc-fd7h8
access-control-max-age
180
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hS9op4jWNEthPDVB5mDDEwLjspqQ9SXOPKTjBR8w8ouUb47V4Yjju%2B4iAXh0TKiGr8AnqjNVA9g2gNywsxTnPm63xSkMCmQMPGLj1jjdCixWLfjsPdg%2B2Zxd24j0pA50BP2C5y3usYXkJOw3"}],"group":"cf-nel","max_age":604800}
cf-ray
875d177c981f3834-FRA
access-control-allow-headers
*
json
forms.hscollectedforms.net/collected-forms/v1/config/ 		116 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=20493702&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79d4ea180096539ea6d1b5502513bd55a764cd6d31a9bdca463258c6f30ae0bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
36c35536-fcae-43aa-9373-6cb8b8d1db49
x-envoy-upstream-service-time
10
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
36c35536-fcae-43aa-9373-6cb8b8d1db49
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://safesend.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-68b7f7fbff-n7dww
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
875d177c79ae9756-FRA
js
www.googletagmanager.com/gtag/ 		250 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-600168156
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7f9c66fc402cee23d06d4d781c1a33fa2fd73706425f974c1ea716e9a8495d4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:42 GMT
content-encoding
br
last-modified
Wed, 17 Apr 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88150
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Apr 2024 14:26:42 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6cc4c722a50b4152194b13e7e3c8a1a5a5f23b17988f8fa85404394efc5c0984
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Apr 2024 07:42:51 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=71090
accept-ranges
bytes
content-length
17238
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5579476&time=1713364003614&li_adsId=15c31b32-09ab-4288-aeb6-8cd8e16fa99a&url=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5579476&time=1713364003614&li_adsId=15c31b32-09ab-4288-aeb6-8cd8e16fa99a&url=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&cookiesT...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5579476%26time%3D1713364003614%26li_adsId%3D15c31b32-09ab-4288-aeb6-8cd8e16fa99a%...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5579476&time=1713364003614&li_adsId=15c31b32-09ab-4288-aeb6-8cd8e16fa99a&url=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&cookiesT...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5579476&time=1713364003614&li_adsId=15c31b32-09ab-4288-aeb6-8cd8e16fa99a&url=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&cookies...
0
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5579476&time=1713364003614&li_adsId=15c31b32-09ab-4288-aeb6-8cd8e16fa99a&url=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&cookiesTest=true&liSync=true&e_ipv6=AQLzNirDQI_KMAAAAY7sc-8yzvCv69oQ6Sd5m1WPXzG7VjPw6C8Ao2Y_THhtVr2OwOpuQ-DnxO4D
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Apr 2024 14:26:44 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 3D33E47CAD494DFEBD00414BB3B34F27 Ref B: DUS30EDGE0914 Ref C: 2024-04-17T14:26:44Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYWS6TiURMCZFKMSQtb4w==

Redirect headers

date
Wed, 17 Apr 2024 14:26:44 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 3990AB6AC92141A58D15A637A39D27AA Ref B: FRAEDGE1522 Ref C: 2024-04-17T14:26:44Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5579476&time=1713364003614&li_adsId=15c31b32-09ab-4288-aeb6-8cd8e16fa99a&url=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&cookiesTest=true&liSync=true&e_ipv6=AQLzNirDQI_KMAAAAY7sc-8yzvCv69oQ6Sd5m1WPXzG7VjPw6C8Ao2Y_THhtVr2OwOpuQ-DnxO4D
x-li-proto
http/2
content-length
0
x-li-uuid
AAYWS6TeQHvke5C+dtj5KQ==
web-widget-chat-sdk-7bc1c0f.js
static.zdassets.com/web_widget/classic/latest/ Frame 1FEA 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-7bc1c0f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:43 GMT
x-amz-version-id
PnwdCuJviouphoOKkGhIayUUaC4tYXWL
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
7P01XWB44YSSFFP5
age
528094
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
XxQ8S/lBv1OtyK14Vkg8IAF2w1ME0kGwFoL/pkM7jEvNEGJZFHeFeFmAEaVODwS7Try+N51fJGM=
last-modified
Mon, 08 Apr 2024 13:46:13 GMT
server
cloudflare
etag
W/"b8284a4b45e40625c2b90a641ebe4a68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BkOyfXEfkLAZEKdObZXpGeHx6VJb%2BkSG8%2BVeuFA7gkZwT8TROBUxARrGDHijYqKCVTCHf5%2BOf%2F5C3JKmEFX1gz97ZcR%2FwNv7uQYS3V6HqtdKH%2FCPSZYEolvywGylwOziHvp6aD0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
875d177f487d8ed6-FRA
access-control-allow-headers
*
expires
Tue, 08 Apr 2025 13:46:12 GMT
web-widget-chat-incoming-message-notification-7bc1c0f.js
static.zdassets.com/web_widget/classic/latest/ Frame 1FEA 		236 B
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-7bc1c0f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:45 GMT
x-amz-version-id
Lm_gk05VN5DG3iiQELVQYeeCHNOGOA_r
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
XFADR46K4TGX035H
age
528094
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
R3PecKyMJCGDs4JT2rQH8kobx+xe4PmFL3bhxKf2ufYIH8AcJNe/MKDfH2LJ2tMd1M/EVwVYdpk=
last-modified
Mon, 08 Apr 2024 13:46:13 GMT
server
cloudflare
etag
W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h4h2MEqPm880rtuf79M9hbpWK3iu3IQ%2FHaTEkw8NoDLcig2CxaWm3YRNCVaOxC6bM0CXYeZlHBhwKfFD1SyBdGFgEeGq8V%2FbWoYrfYm5A8PGJSLUSY6HplOEjBa%2BTic%2Bo4UE2lY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
875d178729e48ed6-FRA
access-control-allow-headers
*
expires
Tue, 08 Apr 2025 13:46:12 GMT
/
px.ads.linkedin.com/wa/ 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
https://safesend.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:44 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A39A2DFDB4E84B47B19138DD5692E23B Ref B: FRAEDGE1522 Ref C: 2024-04-17T14:26:45Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://safesend.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYWS6Tk7DNfu0FcpsP8cA==
zi-tag.js
js.zi-scripts.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/zi-tag.js
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7914b5c306a51678e7d777317f64c95d31437c47344063ec422c6bb2b4d9d718

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:45 GMT
x-amz-version-id
dVMibCEMTCuxskBoUeMfPfbdoSsUE0a9
via
1.1 df242d25ee40c422308e69e57aadf5e6.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
content-encoding
gzip
x-amz-cf-pop
TXL50-P5
age
14411
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 17 Apr 2024 10:26:25 GMT
server
cloudflare
etag
W/"20a410e0e98a302abb9e907a2c7e0d10"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
875d1787bdaf58de-TXL
x-amz-cf-id
QW2nt4gbimctQBaL0GuG65Hs64D98OpP7iT4rfxwU5DAA1tb8m6Ajg==
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2492303821&v=1.1&a=20493702&rcu=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&pu=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&t=SafeSend+Returns+%7C+Tax+Return+Assembly+%26+Delivery+%7C+SafeSend&cts=1713364005015&vi=7a515c421762679cdcc3d159122d0e2f&nc=true&u=199304561.7a515c421762679cdcc3d159122d0e2f.1713364005014.1713364005014.1713364005014.1&b=199304561.1.1713364005014&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
376ccc26-8681-4541-ba45-6a8b50554a5f
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
12
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
376ccc26-8681-4541-ba45-6a8b50554a5f
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z5981ImTYtv8ssX21NbjvCIAIbtt9EwRUh%2BJohlTknpPXeZeAqhMXKz7R6SfkRhdoK2sUk9tp%2FAnp9JNnIarm1NBSm3DqqAxjt60iJKlqDuhPwL24WuxL2GyDAjNnPdJKtIQO6SPn32tkGOxNS5x"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-zs6tk
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
875d1787ba5e1997-FRA
x-robots-tag
none
fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame 1FEA 		19 KB
20 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:45 GMT
x-amz-version-id
Kl.biZfM8rz6re2aS0glnDheA8R9Dmfl
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
KH5VE2Z70ZGQ75A2
age
3011205
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-19697/19698
x-amz-replication-status
COMPLETED
Content-Length
19698
x-amz-id-2
LqweHRijvBdbgWotLxDeNcs9Lz6cG09nTN1pbS7TIlVP/kJbpnlLrkq/B74CU90UTxSTSp+E3xk=
last-modified
Wed, 29 Nov 2023 08:06:43 GMT
server
cloudflare
etag
"f11ce9e8f40a392830217253fe75d6de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g5mT%2FvWu77s9XJaiuMeEvfl%2FqGU8AJOEGgRWfAHjGoKzB3WPZh6I%2BD3gAb7i6Q8mGtvIJ4MI24BAzNaOuK1Or6oP2FakK%2FVlqAO0sskMx6v4TezKQLvPriQIpfQySmeuWe4O3BU%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
875d17876a438ed6-FRA
access-control-allow-headers
*
expires
Thu, 28 Nov 2024 08:06:42 GMT
favicon.ico
safesend.com/ 		15 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://safesend.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
0b6e938dd3730de0d5a6804105e73c341155722e887b4a5b0a373463b688db92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/solutions/safesend-returns/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
W/"64911264-3c2e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/x-icon
x-xss-protection
1; mode=block
getSubscriptions
js.zi-scripts.com/unified/v1/master/ 		203 B
560 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8527de60d1903f6ba120af0a8616cd4c1abad853b2301bf34458500f9a22a6b5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer 7350a395091687360953
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://safesend.com/
visited_url
https://safesend.com/solutions/safesend-returns/

Response headers

date
Wed, 17 Apr 2024 14:26:46 GMT
via
1.1 63fbb6ca86d02da6071a8815a63418cc.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
DYNAMIC
x-amz-cf-pop
TXL50-P5
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
apigw-requestid
WX9V-gp6vHcEMwg=
server
cloudflare
etag
W/"cb-DVwlDcZA2YxIOvUJ9OT0X8fwY5I"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cf-ray
875d178b1de24516-TXL
x-amz-cf-id
U1tLUXMlmzLRjD2Hb8xg28VuV--j96fQYaGTsbpQYGyvt3EW4yh7SA==
getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,visited_url
Access-Control-Request-Method
GET
Origin
https://safesend.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
0
alt-svc
h3=":443"; ma=86400
apigw-requestid
WX9V6hx8vHcESBg=
cf-cache-status
DYNAMIC
cf-ray
875d17882dce4516-TXL
date
Wed, 17 Apr 2024 14:26:45 GMT
server
cloudflare
vary
Access-Control-Request-Headers
via
1.1 e1997deca771cb54e2886aed779bc92c.cloudfront.net (CloudFront)
x-amz-cf-id
FfEnfmAAcjNOuaNd4RsLn7a99CzT5i9o0RfkanyNeODQr1wnE8faYw==
x-amz-cf-pop
TXL50-P5
x-cache
Miss from cloudfront
x-powered-by
Express
formcomplete.js
ws-assets.zoominfo.com/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws-assets.zoominfo.com/formcomplete.js
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d6346e978f8214288a06312ff6006113d1ef96be66755c67b00d4b24490edd4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://safesend.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:46 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
age
2862
x-guploader-uploadid
ABPtcPos6cdh7p3gRUxHABa3ml23Eyc8x_JaZnl0NhvJFgtjwg2H46IbqYif_1d6mdmpQOpZc89sdbzpEw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 17 Apr 2024 11:22:28 GMT
server
cloudflare
etag
W/"d3b4774a46d8fd50ce9d458b28ae8ef3"
x-goog-hash
crc32c=Su6fug==, md5=07R3SkbY/VDOnUWLKK6O8w==
x-goog-generation
1713352947933858
content-type
application/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
91541
cf-ray
875d178e4dfb6ae6-FRA
expires
Wed, 17 Apr 2024 14:39:04 GMT
/
ws.zoominfo.com/pixel/64b56875e3e8c322844079be/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/64b56875e3e8c322844079be/?iszitag=true
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
04f58ad07dc211f0facbc49d8002ca08f45a595b4bdd95699f30ae07f52c7309
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/javascript
visited-url
https://safesend.com/solutions/safesend-returns/
Referer
https://safesend.com/solutions/safesend-returns/
_vtok
MjE3LjExNC4yMTguMjQ=
_zitok
0d27b3f634f85765e8ce1713364005
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://safesend.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc
h3=":443"; ma=86400
cf-ray
875d178f99454d55-FRA
/
ws.zoominfo.com/pixel/64b56875e3e8c322844079be/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/64b56875e3e8c322844079be/?iszitag=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_vtok,_zitok,content-type,visited-url
Access-Control-Request-Method
GET
Origin
https://safesend.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin
https://safesend.com
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
875d178e4c209f3c-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 17 Apr 2024 14:26:46 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
forms
ws.zoominfo.com/formcomplete-v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/forms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://safesend.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin
https://safesend.com
allow
POST
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
875d178eece99f3c-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 17 Apr 2024 14:26:46 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
forms
ws.zoominfo.com/formcomplete-v2/ 		1 KB
799 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/forms
Requested by
Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
39caf055e605dea7a8d259a63ce10b0ff9b97c611d9d257e8152d822cacacaaa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
bearer d8f904cb82b274f54b016bc24107b4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://safesend.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 14:26:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"438-srwahmFF1AlvXox8Rd1ye50/vKQ"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://safesend.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray
875d178fd97e4d55-FRA

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| gtag object| dataLayer object| zi string| ZIProjectKey string| SLScoutObject function| slscout object| zEWebpackACJsonp function| zE function| zEmbed object| _global object| _sentryDebugIds string| _sentryDebugIdIdentifier object| SENTRY_RELEASE function| saveScrollPositions object| _wpemojiSettings function| $ function| jQuery object| google_tag_manager object| google_tag_data object| gaGlobal function| queryForm boolean| zEACLoaded object| Foundation function| Cleave function| startCounter function| labnolIframe function| initYouTubeVideos number| lFollowX number| lFollowY number| x number| y number| friction function| moveBackground function| init number| instanceCount function| Froogaloop boolean| countedNumber string| translate object| classie function| $f function| lozad object| _vbset object| _hsp function| Forethought function| onYouTubeIframeAPIReady boolean| PIXELS_RAN object| enabledEventSettings object| _hsq function| $zopim object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran object| _paq function| sanitizeKey boolean| _hstc_loaded object| __hsCollectedFormsDebug object| twemoji object| wp object| _linkedin_data_partner_ids function| lintrk boolean| _already_called_lintrk object| ORIBILI boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| intercomSettings object| zitag function| errorHandler object| _zi_fc object| regeneratorRuntime object| _zi object| ziws

25 Cookies

Domain/Path Name / Value
safesend.com/ Name: PHPSESSID
Value: 1nv9koj9qkpmgkv7l6n9tehhlf
.safesend.com/ Name: _gcl_au
Value: 1.1.695794826.1713364003
.safesend.com/ Name: _ga_N4ED345K9H
Value: GS1.1.1713364002.1.0.1713364002.0.0.0
.safesend.com/ Name: _ga
Value: GA1.1.1658234620.1713364003
safesend.com/ Name: slireg
Value: https://scout.us4.salesloft.com
safesend.com/ Name: sliguid
Value: 99adb933-0b73-45be-ab2c-7fd909cbeab2
safesend.com/ Name: slirequested
Value: true
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: inVLuB2MobJEQEOIfoK9iKCsW33VgoU/gsFqEIg5h05c2Su2lSMKHN4CeHdBsCzPAf1XjZ5C8dLjqDN8gGBrf/8HxsOQn19rAeKWXOtXQi0ukztfsWozvhiSAvey
.linkedin.com/ Name: li_sugr
Value: 977bf917-fe60-4965-b06b-782955d1c75b
.linkedin.com/ Name: bcookie
Value: "v=2&2855f84e-4099-4452-8a90-78512685c4c4"
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3212:u=1:x=1:i=1713364004:t=1713450404:v=2:sig=AQEJbr_k7ntYk5UGNe9p8eg72Ocxw010"
.linkedin.com/ Name: UserMatchHistory
Value: AQIKWNcjNfWAAAAAAY7sc-3U1ASFbo0ZUrxpLrMsQRDaOdbD9oT5n4YTymoS22894HJMIFi_QwbDLA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLpgonUB-qcIwAAAY7sc-3UcDMWJRQnWkIuIoDChjzmjR0s6V_Qpu8W4SIe4xHkv9zqsvqCdEKYpFpBBePd8w
.www.linkedin.com/ Name: bscookie
Value: "v=1&20240417142644c23fe01b-5dcd-415d-820b-7132dbfd2734AQFqh-iOBgYA8ZitFOiTf65DVfX56rfF"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MTMzNjQwMDQ7MjswMjEG3uruDhBKPY+/VSGNbgaSzOPlomd26nmqHlBd2ahaRg==
.safesend.com/ Name: __zlcmid
Value: 1LKmeTLnUXz493C
.safesend.com/ Name: __hstc
Value: 199304561.7a515c421762679cdcc3d159122d0e2f.1713364005014.1713364005014.1713364005014.1
.safesend.com/ Name: hubspotutk
Value: 7a515c421762679cdcc3d159122d0e2f
.safesend.com/ Name: __hssrc
Value: 1
.safesend.com/ Name: __hssc
Value: 199304561.1.1713364005014
.hubspot.com/ Name: __cf_bm
Value: .o3H9k6KP8IYCTanKI4kxoX0kwwVRFtgLH4K34gXAsw-1713364005-1.0.1.1-3YvrMnQ5BhKBQ3RHD14zxp11wBcZ8HLHWZXHVLPk0qf4vfm_LhiDOHU4TaTClLiFwW92MCUoMNM1YyUIWuu4oQ
.hubspot.com/ Name: _cfuvid
Value: Cia83aD4p6GIpLODsshQN.sMppMEwqDOBGLrXrZ0ZEg-1713364005197-0.0.1.1-604800000
.safesend.com/ Name: _zitok
Value: 0d27b3f634f85765e8ce1713364005
.zoominfo.com/ Name: __cf_bm
Value: TQO9BoGSE87fK3vkKiv66rFVK870LjKKemmUw0s4gQc-1713364006-1.0.1.1-BwtSyC4xYItDetivxMo6_wotv0cuLgFT1qokgYCwwREZcBtpOKeUdCmK_KFSodTHdw3plPWIXRSbKWD9tXylCg
.zoominfo.com/ Name: _cfuvid
Value: 9_o89Oz73jqQCFMw1CQ.WP6h_Q16VGYnRpzisH0TqYU-1713364006170-0.0.1.1-604800000

43 Console Messages

Source Level URL
Text
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://safesend.com/solutions/safesend-returns/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
cpaperless.zendesk.com
ekr.zdassets.com
fonts.googleapis.com
forms.hscollectedforms.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.zi-scripts.com
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
safesend.com
safesendreturns.com
scout-cdn.salesloft.com
scout.salesloft.com
snap.licdn.com
solve-widget.forethought.ai
static.zdassets.com
track.hubspot.com
use.typekit.net
ws-assets.zoominfo.com
ws.zoominfo.com
www.googletagmanager.com
www.linkedin.com
www.vbt.io
104.16.117.43
104.16.53.111
104.18.37.212
104.18.70.113
104.18.72.113
13.107.42.14
137.184.157.230
188.114.97.3
2001:4860:4802:32::36
2606:4700:20::681a:480
2606:4700:4400::ac40:991b
2606:4700::6810:4869
2606:4700::6810:6bfe
2606:4700::6810:7674
2606:4700::6810:89d1
2606:4700::6811:afc9
2606:4700::6811:df98
2606:4700::6812:f06c
2620:1ec:21::14
2a00:1450:4001:828::200a
2a00:1450:4001:831::2008
2a02:26f0:3500:16::215:1484
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:1495
2a06:98c1:3120::3
3.33.152.147
54.227.174.173
028d226f2d1880c9460ae6575d8baa726e9fa28dfd434426deabbcff5b725ad3
0360c12a2f39ba0f8873ab217623c352fef0d3672befb9ce5136946e537f29be
04f58ad07dc211f0facbc49d8002ca08f45a595b4bdd95699f30ae07f52c7309
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
05f2fbd5e3ceb9405b1dd1d282d384e53543454d0354f2e6f905c04c2efc2cba
061f315e6d14dcb80c0bd256ddb4bebd114ad70bc989c5fd436df414f6882aaa
0887bd3d99ac8c52fd966b31f24e3db6a3aebe41eeaa5b289023b3be1c7e4ef6
0b6e938dd3730de0d5a6804105e73c341155722e887b4a5b0a373463b688db92
155d68cb587433babd0a39e7cf92730b3a1ad6fd7a2b09d80a3e047692835966
1a1fd3be6d8270cea04d54b3e34b516954c21e9f7f0e13009734b5d1a5ccaeb8
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
30784ef1d7273a2203513008bf3eb9eb216981304225501cd664b5163eba974a
3395dab0f1bc72b607bba1ef110a10a0d66031c18875c4c0af72c2ee065b5fd8
34d4559f46dfa5f9a67243a7bbaf9d5d4bacfe7bd392fc16a6c4e0c6d95e1630
399c13fe7c0ed145edc5ec0c92ac7cb47492d936cf94610e1b80e2fece4912d9
39caf055e605dea7a8d259a63ce10b0ff9b97c611d9d257e8152d822cacacaaa
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
3d7292c7b36ba160ca4c22a9dc2901c5a470751af5c70e2a5900b0e2424f71b0
3def882cf0377243fc79620a58078e7348370b01335d1e9db1c42e0a387ad3bb
3df3bc16180facf0fb67125ddb4fb8fe94de24c7d884002c331b944d9930507e
426ac3d85510f8d3ce339d485b6a4d6e5e5a13b2730bf4f4a771f9b20aad5cab
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5c76dd89a767afd512ce6c6370424f39a632ebb736c16ac37952fbfd97575448
5d6346e978f8214288a06312ff6006113d1ef96be66755c67b00d4b24490edd4
6b01ce6249a489445642aedfd0681ff3066102c96d0b7f1d5e55ece660da2590
6cc4c722a50b4152194b13e7e3c8a1a5a5f23b17988f8fa85404394efc5c0984
73d3ce1ecea3cb6b1069bb5d7724ce69b5419175d6a981834ac2e2fbef91538d
784b3fe028d46b2c0a0bedd24d34fc27c364f72d89c0468b6d0ef689aea7c619
7914b5c306a51678e7d777317f64c95d31437c47344063ec422c6bb2b4d9d718
79d4ea180096539ea6d1b5502513bd55a764cd6d31a9bdca463258c6f30ae0bd
7eb194c2648de022cb8f29399b9f4409d5ec0cc5314d6e4eea175c78d1d5089a
7f4ac95d1ab40c0d78d98acf1da862b901ce896b43f738c7b1731c986a612bf4
8527de60d1903f6ba120af0a8616cd4c1abad853b2301bf34458500f9a22a6b5
8da970c392a4e9e535629ac6661620968785dadda32e4280d04e9ddcc972fbc2
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a7f9c66fc402cee23d06d4d781c1a33fa2fd73706425f974c1ea716e9a8495d4
acba7e10b205d6f1b747644d945928130a482df042f6598977d91c3375ab4a70
b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921
c2f4e821f8a3443a115adbc4ebb0d3d6f86778ac10368c1d9841592a23fb29de
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d1ee65f4db0cb8e820e9b4ea86af2f0034fc4a8f93bad73bc6f96fe633dc8a94
d2ae6a17951c333ad801a95a6a89284aab6b9fc26546d9944ac953a6e4df227f
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd4be9042a59092f846756f53e210e006fccb12797ece1f1e6fb8fa2e5c2e387
e3509e76ccdf539c77398c41a0ae50c43d124ef8a7819f6d5e893cd5f361b10d
e3a4b3fc49c8963cb2a7d5ee2827a82d309456227174b517256b2a343116463d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6018d19868936081bce7a56e4e5068d7c701d574722fd1bd3d9ab7c1e3fff8a
f00df27fe305b578ea1d8b4853ebbfa8a793527d6b606178cec72d37f63fc46d
f018dee305cc045acc1ee90ebf7e9ff9cc37ef7c31b7167780c47c69dc115f2a
f29692bed02af855a1b94e4b99ac94de8b6f4a41d86ac6ac2897e47d0a0d66b2
f42405ae266f4dc6cf461296e8e27e52c14d7bed49c84d575098a2d6c1dd4f22
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872
f823fa16096cb1889682fb3228d543ea4a9e39551a2ebf6ad674239e121e7253
fe529a0c4b6a9ef7421fad70c10e9337402adcb8536e7f64c1bf4ae6fba11aae
ff845cb4242bfc02e5e69dd2040af1597671cb21a13044926c71da06d8c76d31