urlscan.io logo urlscan.io
SecurityTrails logo

safesend.com Open in urlscan Pro
137.184.157.230  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://safesendreturns.com/
Effective URL: https://safesend.com/solutions/safesend-returns/
Submission Tags: falconsandbox
Submission: On September 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 3 countries across 24 domains to perform 73 HTTP transactions. The main IP is 137.184.157.230, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is safesend.com. The Cisco Umbrella rank of the primary domain is 291506.
TLS certificate: Issued by R3 on September 3rd 2023. Valid for: 3 months.
This is the only time safesend.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.152.147 16509 (AMAZON-02)
1 25 137.184.157.230 14061 (DIGITALOC...)
6 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
6 104.18.70.113 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.72.113 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 54.152.66.3 14618 (AMAZON-AES)
1 34.196.210.91 14618 (AMAZON-AES)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.16.53.111 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 18.66.26.21 16509 (AMAZON-02)
2 52.54.96.194 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.215.172.219 14618 (AMAZON-AES)
2 2606:4700::68... 13335 (CLOUDFLAR...)
73 27
1    3.33.152.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com
safesendreturns.com
25    137.184.157.230 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
safesend.com
6    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
p.typekit.net
4    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:bb59 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2606:4700::6811:4341 (United States)

ASN13335 (CLOUDFLARENET, US)
scout-cdn.salesloft.com
1    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    54.152.66.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-66-3.compute-1.amazonaws.com
scout.salesloft.com
1    34.196.210.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-210-91.compute-1.amazonaws.com
www.vbt.io
1    2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6810:50ba (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
2    2606:4700::6811:579a (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
forms.hscollectedforms.net
1    2606:4700::6811:e7a3 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
2    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)
cpaperless.zendesk.com
1    2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
1    2606:4700::6812:c07d (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
3    18.66.26.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-26-21.vie50.r.cloudfront.net
js.zi-scripts.com
2    52.54.96.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-96-194.compute-1.amazonaws.com
pi.pardot.com
1    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
1    3.215.172.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-172-219.compute-1.amazonaws.com
go.safesend.com
2    2606:4700::6810:890f (United States)

ASN13335 (CLOUDFLARENET, US)
ws.zoominfo.com
Apex Domain
Subdomains		 Transfer
26 safesend.com
safesend.com — Cisco Umbrella Rank: 291506
go.safesend.com
556 KB
7 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2067
ekr.zdassets.com — Cisco Umbrella Rank: 2365
349 KB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 477
p.typekit.net — Cisco Umbrella Rank: 588
90 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
298 KB
3 zi-scripts.com
js.zi-scripts.com — Cisco Umbrella Rank: 9640
3 KB
3 salesloft.com
scout-cdn.salesloft.com — Cisco Umbrella Rank: 9137
scout.salesloft.com — Cisco Umbrella Rank: 11198
4 KB
2 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 4243
2 KB
2 pardot.com
pi.pardot.com — Cisco Umbrella Rank: 4503
4 KB
2 zendesk.com
cpaperless.zendesk.com
2 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6457
563 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
563 B
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4723
forms.hscollectedforms.net — Cisco Umbrella Rank: 4839
26 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
3 KB
1 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 2299
1 KB
1 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4292
1016 B
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3439
1 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3144
3 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2155
21 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2156
20 KB
1 vbt.io
www.vbt.io — Cisco Umbrella Rank: 91184
206 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2547
242 B
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2386
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
2 KB
1 safesendreturns.com
safesendreturns.com — Cisco Umbrella Rank: 130582
308 B
73 24
Domain Requested by
25 safesend.com 1 redirects safesend.com
6 static.zdassets.com safesend.com
static.zdassets.com
5 use.typekit.net safesend.com
use.typekit.net
4 www.googletagmanager.com safesend.com
www.googletagmanager.com
3 js.zi-scripts.com safesend.com
js.zi-scripts.com
2 ws.zoominfo.com js.zi-scripts.com
2 pi.pardot.com safesend.com
pi.pardot.com
2 cpaperless.zendesk.com static.zdassets.com
2 www.google.de safesend.com
2 www.google.com safesend.com
2 scout.salesloft.com scout-cdn.salesloft.com
2 googleads.g.doubleclick.net www.googletagmanager.com
1 go.safesend.com pi.pardot.com
1 track.hubspot.com
1 forms.hsforms.com safesend.com
1 api.hubapi.com js.hsadspixel.net
1 forms.hscollectedforms.net js.hscollectedforms.net
1 js.hsadspixel.net js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 www.vbt.io safesend.com
1 region1.google-analytics.com www.googletagmanager.com
1 ekr.zdassets.com static.zdassets.com
1 scout-cdn.salesloft.com safesend.com
1 p.typekit.net use.typekit.net
1 js.hs-scripts.com safesend.com
1 fonts.googleapis.com safesend.com
1 safesendreturns.com 1 redirects
73 29
Subject Issuer Validity Valid
safesend.com
R3		 2023-09-03 -
2023-12-02		 3 months crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
zdassets.com
Cloudflare Inc ECC CA-3		 2022-11-10 -
2023-11-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
salesloft.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-20 -
2024-04-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
vbt.site
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
cpaperless.zendesk.com
Cloudflare Inc ECC CA-3		 2023-04-05 -
2024-04-04		 a year crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2023-04-07 -
2024-04-06		 a year crt.sh
js.zi-scripts.com
Amazon RSA 2048 M02		 2022-10-17 -
2023-11-15		 a year crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-25 -
2024-07-23		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2023-02-05 -
2024-02-05		 a year crt.sh
go.safesend.com
R3		 2023-07-26 -
2023-10-24		 3 months crt.sh
zoominfo.com
Cloudflare Inc ECC CA-3		 2023-04-04 -
2024-04-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://safesend.com/solutions/safesend-returns/
Frame ID: 1DD763C3C2F7B9A435DBC5E209E778A1
Requests: 64 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Frame ID: CDDED65001B23B009414EFF0A343B361
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SafeSend Returns | Tax Return Assembly & Delivery | SafeSend

Page URL History Show full URLs

  1. http://safesendreturns.com/ HTTP 301
    https://safesend.com/safesend-returns HTTP 301
    https://safesend.com/solutions/safesend-returns/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

99 %
HTTPS

63 %
IPv6

24
Domains

29
Subdomains

27
IPs

3
Countries

1389 kB
Transfer

17551 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://safesendreturns.com/ HTTP 301
    https://safesend.com/safesend-returns HTTP 301
    https://safesend.com/solutions/safesend-returns/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
safesend.com/solutions/safesend-returns/
Redirect Chain
  • http://safesendreturns.com/
  • https://safesend.com/safesend-returns
  • https://safesend.com/solutions/safesend-returns/
41 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
295343a2b5edc672616be4ec3ff084ce2ecfc4c8de9ddd67c3443ff87b767357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 05 Sep 2023 21:08:38 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://safesend.com/wp-json/>; rel="https://api.w.org/" <https://safesend.com/wp-json/wp/v2/pages/638>; rel="alternate"; type="application/json" <https://safesend.com/?p=638>; rel=shortlink
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
a7c_HTTP.200,a7c_page,a7c_URL.91cc1ea937e93d9a61417ebf9b0bf28a,a7c_Po.638,a7c_PGS,a7c_
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=3600
content-type
text/html; charset=UTF-8
date
Tue, 05 Sep 2023 21:08:37 GMT
expires
Tue, 05 Sep 2023 22:08:37 GMT
location
/solutions/safesend-returns/
server
nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-litespeed-cache-control
no-cache
x-litespeed-tag
a7c_HTTP.301,a7c_HTTP.301
x-redirect-by
redirection
x-xss-protection
1; mode=block
peg5sgu.css
use.typekit.net/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/peg5sgu.css
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
192a971cf1cba95a87e86d7593ed9086720175fe43f7f038043dd90f5f1832f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Tue, 05 Sep 2023 21:08:38 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
937
main.css
safesend.com/css/ 		205 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safesend.com/css/main.css
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e71f8e840afb11d105bcd6a50d131b3651b350acf44b8edf40a8a5f1e59fac18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/solutions/safesend-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 21 Jul 2023 22:12:36 GMT
server
nginx
etag
W/"64bb02d4-334e3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		238 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N4ED345K9H
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c6f0d9507b6b32bbc2b4e519145f512f174a208491c1864191417f4cfa41324e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82212
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Sep 2023 21:08:38 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-600168156
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
af82395b5629863b6051ffb84271567ba848c4fe861bb424f242db15bcbc6b21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69563
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Sep 2023 21:08:38 GMT
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=e4a08ad3-109d-46df-bd26-4999d64bd479
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
x-amz-version-id
hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
TDMQPT020DRW1117
age
1
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-amz-id-2
zMRnAvKOAJXxRvPq8+B1zeL5aayaTgRJkXk1UzH1Ado5lR6+z1lafaTP6MEs86XDeFT1Mq3O6PuGW79rziCiBA==
last-modified
Wed, 09 Aug 2023 01:01:02 GMT
server
cloudflare
etag
W/"42d94c325a0b012e41f9c3907853625a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NehFGcRNuRx9P27R7HM1jykmUauIBenD%2FZxehhGGmWcTA4OV5lYbMSMB42YL5wViBhz%2Fb%2BR6DUi%2FcX2IhTX5sB6guSnz8E2uY6UiFXGMnLxk8B2PWmWHGuOXb71AFHEmQuCtKNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
cf-ray
802172dabafe4dc1-FRA
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans%3A400italic%2C700italic%2C400%2C700%7CNoto+Serif%3A400italic%2C700italic%2C400%2C700%7CInconsolata%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c28d25edc0302ed9989d357c0e29bd4214592ea8a3d7f120735add93da851e1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Sep 2023 21:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 20:57:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Sep 2023 21:08:38 GMT
style.css
safesend.com/wp-content/themes/safesend/ 		837 B
709 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safesend.com/wp-content/themes/safesend/style.css?ver=6.3.1
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1a1fd3be6d8270cea04d54b3e34b516954c21e9f7f0e13009734b5d1a5ccaeb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/solutions/safesend-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Jun 2023 23:36:44 GMT
server
nginx
etag
W/"64865a8c-345"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
logo.png
safesend.com/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/logo.png
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d2ae6a17951c333ad801a95a6a89284aab6b9fc26546d9944ac953a6e4df227f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/solutions/safesend-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-1a63"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
6755
x-xss-protection
1; mode=block
returns.png
safesend.com/img/logos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/logos/returns.png
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
3def882cf0377243fc79620a58078e7348370b01335d1e9db1c42e0a387ad3bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/solutions/safesend-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-1c57"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
7255
x-xss-protection
1; mode=block
dollars.png
safesend.com/img/icons/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/icons/dollars.png
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
0887bd3d99ac8c52fd966b31f24e3db6a3aebe41eeaa5b289023b3be1c7e4ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/solutions/safesend-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-14e9"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
5353
x-xss-protection
1; mode=block
clock-2.png
safesend.com/img/icons/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/icons/clock-2.png
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d1ee65f4db0cb8e820e9b4ea86af2f0034fc4a8f93bad73bc6f96fe633dc8a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/solutions/safesend-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-1918"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
6424
x-xss-protection
1; mode=block
people.png
safesend.com/img/icons/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/icons/people.png
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
73d3ce1ecea3cb6b1069bb5d7724ce69b5419175d6a981834ac2e2fbef91538d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/solutions/safesend-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-1acb"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
6859
x-xss-protection
1; mode=block
stars.png
safesend.com/img/icons/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/icons/stars.png
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
3395dab0f1bc72b607bba1ef110a10a0d66031c18875c4c0af72c2ee065b5fd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/solutions/safesend-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-2633"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
9779
x-xss-protection
1; mode=block
jquery.min.js
safesend.com/js/vendor/jquery/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safesend.com/js/vendor/jquery/jquery.min.js
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/solutions/safesend-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
W/"64911264-15851"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
foundation.min.js
safesend.com/js/vendor/foundation/ 		479 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safesend.com/js/vendor/foundation/foundation.min.js
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
f29692bed02af855a1b94e4b99ac94de8b6f4a41d86ac6ac2897e47d0a0d66b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/solutions/safesend-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
W/"64911264-77b01"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
jquery.validate.min.js
safesend.com/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safesend.com/js/jquery.validate.min.js
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/solutions/safesend-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
W/"64911264-5f7b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cleave.min.js
safesend.com/js/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safesend.com/js/cleave.min.js
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
7eb194c2648de022cb8f29399b9f4409d5ec0cc5314d6e4eea175c78d1d5089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/solutions/safesend-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
W/"64911264-528d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
app.js
safesend.com/js/dist/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safesend.com/js/dist/app.js
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
be80d5eb86cc5f5ec5ed97756954cbe7c2109e86eb924f5ff10250c08dab07ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/solutions/safesend-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 07 Jul 2023 21:21:41 GMT
server
nginx
etag
W/"64a881e5-3356"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
20493702.js
js.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/20493702.js
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:bb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d40942bc86c56032e0b89ab69037c33fcfcbd89f9a922658c4755af6fea50bb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
c64110fe-cfa5-4fda-90fe-3f8ebce6b0f7
x-envoy-upstream-service-time
10
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
c64110fe-cfa5-4fda-90fe-3f8ebce6b0f7
last-modified
Mon, 04 Sep 2023 09:24:43 GMT
server
cloudflare
x-trace
2B49597D1FA1FDDC74E95916E6EBA288DA6663AA37000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://safesend.com
x-evy-trace-virtual-host
all
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-6c94986c56-9xsh2
cf-ray
802172dd38e01953-FRA
expires
Tue, 05 Sep 2023 21:09:38 GMT
foundation.min.css
safesend.com/css/vendor/foundation/ 		142 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safesend.com/css/vendor/foundation/foundation.min.css
Requested by
Host: safesend.com
URL: https://safesend.com/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
fe529a0c4b6a9ef7421fad70c10e9337402adcb8536e7f64c1bf4ae6fba11aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:47 GMT
server
nginx
etag
W/"64911263-23702"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=peg5sgu&ht=tk&f=15723.15724.15725.15726.15780.15782.37496.37497.42302&a=2580944&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/peg5sgu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
gtm.js
www.googletagmanager.com/ 		195 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N3CL2TT
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
89c1863512236f0aebb387604922980af491a232fe175a76d863bbae06ab9bcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69955
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Sep 2023 21:08:38 GMT
sl.js
scout-cdn.salesloft.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scout-cdn.salesloft.com/sl.js
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4341 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
x-amz-version-id
6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
5YYTHJRBB1PJWM24
age
3109
alt-svc
h3=":443"; ma=86400
x-amz-id-2
4uz2INy8q50sLd+/ireJhh3/emj5VxaoGQJuJ2NuYZKWTVe4CJVaf/ohvH5EuvOAeBBg1bE0UGMVGfceRCpo4g==
last-modified
Mon, 13 Dec 2021 16:28:37 GMT
server
cloudflare
etag
W/"d74cc4825c8e333b2116da3fcc649db1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
802172ddaa00bbf2-FRA
expires
Wed, 06 Sep 2023 01:08:38 GMT
e4a08ad3-109d-46df-bd26-4999d64bd479
ekr.zdassets.com/compose/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/e4a08ad3-109d-46df-bd26-4999d64bd479
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=e4a08ad3-109d-46df-bd26-4999d64bd479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dc900cab2495fc8aaf4816ccf5252366bf747cbcb97d84c8a588621770ac88f
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
status
200 OK
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
7fd8572f6c36c701-SEA, 7fd8572f6c36c701-SEA
x-runtime
0.016537
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7dc900cab2495fc8aaf4816ccf525236"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzNqIzvWV6f5YfZXmqZ9QlnG%2FFnXs6g4uzHetEqOetEOSTBLD%2B6kHjMTMJDxe4R94KfDgiXG9RXkpVuzJOOBbd7nG840%2FNkUEMIHw6fI8ffH5LpgIeiiF%2BoUip%2FzABrnff0%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
802172dd4a4a30d2-FRA
bg24.jpg
safesend.com/img/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/bg24.jpg
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff845cb4242bfc02e5e69dd2040af1597671cb21a13044926c71da06d8c76d31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/solutions/safesend-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-191de"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
102878
x-xss-protection
1; mode=block
shape.png
safesend.com/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/shape.png
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
05f2fbd5e3ceb9405b1dd1d282d384e53543454d0354f2e6f905c04c2efc2cba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/solutions/safesend-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-d30"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
3376
x-xss-protection
1; mode=block
green-stripes2.png
safesend.com/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/green-stripes2.png
Requested by
Host: safesend.com
URL: https://safesend.com/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
028d226f2d1880c9460ae6575d8baa726e9fa28dfd434426deabbcff5b725ad3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-1d11"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
7441
x-xss-protection
1; mode=block
bg31.jpg
safesend.com/img/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safesend.com/img/bg31.jpg
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3a4b3fc49c8963cb2a7d5ee2827a82d309456227174b517256b2a343116463d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/solutions/safesend-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:48 GMT
server
nginx
etag
"64911264-d039"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
53305
x-xss-protection
1; mode=block
l
use.typekit.net/af/7fe570/00000000000000007735a0ee/30/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/7fe570/00000000000000007735a0ee/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/peg5sgu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
dd4be9042a59092f846756f53e210e006fccb12797ece1f1e6fb8fa2e5c2e387

Request headers

Referer
https://use.typekit.net/peg5sgu.css
Origin
https://safesend.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
server
nginx
etag
"3a99f8a8066e011d44c6f3be700416e5cbeb0438"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22172
fa-solid-900.woff2
safesend.com/css/vendor/fontawesome/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://safesend.com/css/vendor/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: safesend.com
URL: https://safesend.com/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://safesend.com/css/main.css
Origin
https://safesend.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:47 GMT
server
nginx
etag
"64911263-127d0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
content-length
75728
x-xss-protection
1; mode=block
l
use.typekit.net/af/b0bf15/00000000000000007735a103/30/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/b0bf15/00000000000000007735a103/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/peg5sgu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
399c13fe7c0ed145edc5ec0c92ac7cb47492d936cf94610e1b80e2fece4912d9

Request headers

Referer
https://use.typekit.net/peg5sgu.css
Origin
https://safesend.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
server
nginx
etag
"f1dbc66121524451893978a2dec3f54418968a6a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22328
l
use.typekit.net/af/d22e78/00000000000000007735a109/30/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/d22e78/00000000000000007735a109/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/peg5sgu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f42405ae266f4dc6cf461296e8e27e52c14d7bed49c84d575098a2d6c1dd4f22

Request headers

Referer
https://use.typekit.net/peg5sgu.css
Origin
https://safesend.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
server
nginx
etag
"65fd196bfef2057d3b89d2ff27e7fbf7b1bed9a5"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22752
l
use.typekit.net/af/21b2f2/00000000000000007735a100/30/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/21b2f2/00000000000000007735a100/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/peg5sgu.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
34d4559f46dfa5f9a67243a7bbaf9d5d4bacfe7bd392fc16a6c4e0c6d95e1630

Request headers

Referer
https://use.typekit.net/peg5sgu.css
Origin
https://safesend.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
server
nginx
etag
"cd51b03cc6528cf7a0b4fae7aade3b009001629b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23104
fa-brands-400.woff2
safesend.com/css/vendor/fontawesome/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://safesend.com/css/vendor/fontawesome/webfonts/fa-brands-400.woff2
Requested by
Host: safesend.com
URL: https://safesend.com/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://safesend.com/css/main.css
Origin
https://safesend.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Jun 2023 02:43:47 GMT
server
nginx
etag
"64911263-12648"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
content-length
75336
x-xss-protection
1; mode=block
13d87d0c-d90f-498e-9158-68d42cdfcbe6
https://safesend.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://safesend.com/13d87d0c-d90f-498e-9158-68d42cdfcbe6
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
client-side.mp4
safesend.com/video/ 		8 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://safesend.com/video/client-side.mp4
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://safesend.com/solutions/safesend-returns/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Jul 2023 22:12:36 GMT
server
nginx
etag
"64bb02d4-b7ccc0"
x-frame-options
SAMEORIGIN
content-type
video/mp4
Content-Range
bytes 0-12045503/12045504
Content-Length
12045504
x-xss-protection
1; mode=block
firm-side.mp4
safesend.com/video/ 		5 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://safesend.com/video/firm-side.mp4
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://safesend.com/solutions/safesend-returns/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Jul 2023 22:12:36 GMT
server
nginx
etag
"64bb02d4-90b0e2"
x-frame-options
SAMEORIGIN
content-type
video/mp4
Content-Range
bytes 0-9482465/9482466
Content-Length
9482466
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		238 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N4ED345K9H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-600168156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9ccb09063199907dad58bd428d1e50dccbdc710b13e7306a244a4ccd8a292035
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82224
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Sep 2023 21:08:38 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/600168156/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/600168156/?random=1693948118708&cv=11&fst=1693948118708&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&hn=www.googleadservices.com&frm=0&tiba=SafeSend%20Returns%20%7C%20Tax%20Return%20Assembly%20%26%20Delivery%20%7C%20SafeSend&auid=1393742284.1693948119&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-600168156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99d8a905e797b801a94bfdffe15b6c951468ea2897e0208ea2cd37f1358ff36a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 21:08:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1350
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-N4ED345K9H&gtm=45je38u0&_p=454447629&cid=1383547455.1693948119&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1693948118&sct=1&seg=0&dl=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&dt=SafeSend%20Returns%20%7C%20Tax%20Return%20Assembly%20%26%20Delivery%20%7C%20SafeSend&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N4ED345K9H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 21:08:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://safesend.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
r
scout.salesloft.com/ 		41 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMTA2MTN9.vaqalEp0D3AjH4wmOwXvzRDSPFjM6cM3G0Cn_lS60-A
Requested by
Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.152.66.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-66-3.compute-1.amazonaws.com
Software
/
Resource Hash
b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://safesend.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
41
x-request-id
5bce2f758f02c877912534f7830613d1
tracker
www.vbt.io/ 		0
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vbt.io/tracker?_account=VBT-35003-4873&_domain=https://safesend.com
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.210.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-210-91.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
server
Apache
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-server
010
content-length
0
banner.js
js.hs-banner.com/v2/20493702/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/20493702/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20493702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56ab1d176c52ea80b72ca80592468d93c91c6af82c805573dbf1415d876dd36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
x-amz-version-id
iGmHBM0k1ir5jgpQGeVYrQMiHYjjAyeQ
content-encoding
br
cf-cache-status
EXPIRED
x-amz-request-id
CH399B9TXEVM1T1V
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
e3a88176-5f29-4a11-b3da-6e3a550898fc
x-envoy-upstream-service-time
28
x-amz-id-2
IBoS1P31Mcm6ksrOW9pugGUvoEvn7dkqdai3tZxgOugIuGicX0fCFTuYxfEoyfuQUZ7AsDepXt0=
x-evy-trace-listener
listener_https
x-request-id
e3a88176-5f29-4a11-b3da-6e3a550898fc
x-evy-trace-route-configuration
listener_https/all
last-modified
Tue, 05 Sep 2023 18:34:46 GMT
server
cloudflare
etag
W/"322c1c61593b25ee36672252109ceb39"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://safesend.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-fznd8
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
802172df0b7e9bc4-FRA
expires
Tue, 05 Sep 2023 21:13:39 GMT
20493702.js
js.hs-analytics.net/analytics/1693947900000/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1693947900000/20493702.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20493702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:50ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a4e0287eb7edcc291250fd3f6ea293f25ccccfe3daa5fcd0c56e026592d5181

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
DB1WXC9W2GM1HX9R
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
1f213acd-16fd-4d94-a3d6-75622cbc1f39
x-envoy-upstream-service-time
23
x-amz-id-2
7gQyqqmbp2/x0fOMxz6I7HthgU9z5KszOGhAG0kLtejJE+9xRPkOER/6fuXjha2XyjLpcMCEMZA=
x-evy-trace-listener
listener_https
x-request-id
1f213acd-16fd-4d94-a3d6-75622cbc1f39
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 28 Aug 2023 13:28:18 GMT
server
cloudflare
etag
W/"95e5218c1093d32fbebf5459bd7f5525"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-xs8lj
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
802172df0c2c1e0c-FRA
expires
Tue, 05 Sep 2023 21:13:38 GMT
collectedforms.js
js.hscollectedforms.net/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20493702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:579a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
026c249acda71b64fe2510542d88ae26073694f89b595b1fd0e9f3ad501bf6b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://safesend.com/
Origin
https://safesend.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
x-amz-version-id
EcjZkyUfgxNGQ.xnv1Vqq9Oda2f1T.dE
via
1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
3abb83d4-6827-4d35-b838-d2a41d6bd624
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.394/bundles/project.js&cfRay=802172df1dfc9207-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
3abb83d4-6827-4d35-b838-d2a41d6bd624
last-modified
Wed, 09 Aug 2023 09:05:38 UTC
server
cloudflare
etag
W/"6fb5b8aa66d730f2a49b41a9c712ffa7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-p2dkf
cf-ray
802172df1dfc9207-FRA
x-amz-cf-id
CG7Fi6tE13X-TU5Kn5nfUZ1wci0iUZqWqLHE3P-I2GSXQLcuKQ0lWg==
x-hs-target-asset
collected-forms-embed-js/static-1.394/bundles/project.js
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/20493702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e7a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a212c6b892024aae8c2db3d8cf9a5ec7d7f0f86948669384001e375a55edb5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
x-amz-version-id
ejB.A_S_mq2WBFqiJyHsLYTQXyGD1Wjj
via
1.1 7c77abdf1c625c25627fe2a24e660a34.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
291
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.406/bundles/pixels-release.js&cfRay=80216bbf89301e18-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
1b8a3855-8504-43a6-beaa-4edbae603369
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
1b8a3855-8504-43a6-beaa-4edbae603369
last-modified
Mon, 28 Aug 2023 04:02:35 UTC
server
cloudflare
etag
W/"0d4f9e1a24521caddccf596277344ec4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-2zr9h
cf-ray
802172df18bd1d92-FRA
x-amz-cf-id
IxHZt3J7GbM-HO7oafKhPf6pLvFgM4QbyvdE_hGQSnm0XasU-v9TIQ==
x-hs-target-asset
adsscriptloaderstatic/static-1.406/bundles/pixels-release.js
wp-emoji-release.min.js
safesend.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safesend.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.1
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.184.157.230 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/solutions/safesend-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 01 Feb 2023 19:53:26 GMT
server
nginx
etag
W/"63dac336-4904"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
web-widget-main-4b22769.js
static.zdassets.com/web_widget/classic/latest/ Frame CDDE 		921 KB
265 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=e4a08ad3-109d-46df-bd26-4999d64bd479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19f9bd2c56e13a1adc382fb52bb03abe6ea7284415855adeb244cfce20cca048
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:38 GMT
x-amz-version-id
Tqd.BCD9w1gdIuCOkjN7K7S20lVumIKB
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
VC227HWC1SB9BP0S
age
766779
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
/u++PB0KhW/JIMyXvniOxWbHKCXrk5NG742GSQzUeQMsfdV1Sq7QedmdfdDlKUwuwlNC/FdBPttbEZbpSgVsfQ==
last-modified
Thu, 24 Aug 2023 03:39:36 GMT
server
cloudflare
etag
W/"a3155ef9816fdf792d367e746086c583"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMdF0reGY%2Bq57Jt8KVJjnudUth2%2FulThNLKonEbSrtn7RMeirMRfJRfL7lnzawq4iJ18zXvUbWK9VKfKOXjqyMGVjBbyAyjREmBF93gAOh%2FtdhWUe4xa4UrwelM8OLZI%2BjrU68o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
802172deefa34dc1-FRA
expires
Fri, 23 Aug 2024 03:39:35 GMT
/
www.google.com/pagead/1p-user-list/600168156/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/600168156/?random=1693948118708&cv=11&fst=1693947600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&frm=0&tiba=SafeSend%20Returns%20%7C%20Tax%20Return%20Assembly%20%26%20Delivery%20%7C%20SafeSend&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3078764756&rmt_tld=0&ipr=y
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 21:08:38 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/600168156/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/600168156/?random=1693948118708&cv=11&fst=1693947600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&frm=0&tiba=SafeSend%20Returns%20%7C%20Tax%20Return%20Assembly%20%26%20Delivery%20%7C%20SafeSend&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3078764756&rmt_tld=1&ipr=y
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 21:08:38 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
en-us-json-4b22769.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame CDDE 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-4b22769.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53b63be2f9ab7f75dd4702ae1f07e7bb82dbdcfb8e6df77c9f173b213c1af912
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
x-amz-version-id
hsI8uO5qXqigkFCAVGwBeynKIJCd66Hs
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
PDF3FE976HR4V00W
age
766777
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
0blpswMIFAOhaVlqnAzdEHdtFfFaaGOi0CdPv+HUzj2+AAujGo6szwFwyDrsM12QGgkbEMVxSxQ=
last-modified
Thu, 24 Aug 2023 03:39:38 GMT
server
cloudflare
etag
W/"fd692493810d22ae0ff5aca283a7a202"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGFdPhqwrToGUg6sRNarcAPHBDUrAog5eEtcP%2BnzhLbG%2BjDQ17HIobjlnmCotdvwYrHR7%2BEimYLIX3Eqdm7Ggzspj0%2FShTXKfzQYapGtt5iYFGDFtOlLTIX79Vuj9N3CR2HCVK0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
802172e059114dc1-FRA
expires
Fri, 23 Aug 2024 03:39:37 GMT
config
cpaperless.zendesk.com/embeddable/ Frame CDDE 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpaperless.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3648f198c449a24c62f1a53234edd563652ed6ba5e27ae3cdc699d947391da63

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-7554cf9567-j5jvx
x-cached
MISS
x-request-id
802172e0bf79360b-FRA
x-runtime
0.002909
last-modified
Tue, 05 Sep 2023 14:13:59 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxUcppJZSZhe4DPiKRSmp6g%2BJQcBpspJ0jz6TxCDOQtowVTrRGRGsUn0hKiFThva9KRQAdk5yNrGJNxJ1toR1j0udLE9uhslLy%2Bh7MlIjIlPPDGfkaDAM2YZJhgOA5WCKzqCVFNqqE8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
802172e0bf79360b-FRA
i
scout.salesloft.com/ 		48 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/i
Requested by
Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.152.66.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-66-3.compute-1.amazonaws.com
Software
/
Resource Hash
2e1f2b0cfc55f99281f4b019a5e09594e53053f0dd36d137aed43bcf5946dc53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://safesend.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
48
x-request-id
8f8f91a5feb4a8d2f02003f87d270591
web-widget-chat-sdk-4b22769.js
static.zdassets.com/web_widget/classic/latest/ Frame CDDE 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-4b22769.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24a0379eaeac3d8de8f2b77a318fef99bae4ef5ca07d2eca39b8a0f3c21911b6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
x-amz-version-id
Gf4KFmmSRtALGQTFrJvpXz0Cxt2OhtK2
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
PDFC9QYS0VGDGB8W
age
766779
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
IPR2cKCDK9WE8lW9ZwPoG5RSCKxeLy8E/fORRGBT5I8TvVqNxV+p/m6hjD1DYqnt1wKzFyHc7yY4+xJ4E2Aiww==
last-modified
Thu, 24 Aug 2023 03:39:36 GMT
server
cloudflare
etag
W/"a3208a9957c2dcf9612763d1d3138069"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22Ecay4iF2TpPKIWNU%2FYL1reVO5cu3te79LzFRkNfMooHOKup2jO89g0XkmNq%2Fl8uDV69gocj7i2na8uQmvdZCUKX7YnPUPiJBkTcO5qhA2HEtMxlpc3T1XIPsgYA3SXk793Fb8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
802172e0e9944dc1-FRA
expires
Fri, 23 Aug 2024 03:39:35 GMT
status
cpaperless.zendesk.com/talk_embeddables_service/web/ Frame CDDE 		106 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpaperless.zendesk.com/talk_embeddables_service/web/status?subdomain=cpaperless&nickname=Callback%20Support
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
578a6477e6e293f52f78180cbe5228a5962db91af17393b1700c402c0e81a6f9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
x-request-id
802172e0efc0360b-FRA
server
cloudflare
etag
W/"6a-nopZ24x2fKZEDgJnQpbG1USSHQk"
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-ratelimit-remaining
499
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOcmi4DylN6DdfnMklgOenwOd0DJqdR1JUWK2T9ADf2ndn3o8RC6NGxAOy%2FFLGedAbGlHIDKegUilVA9wqqw7LxxyKSl1PayxM4PhLzFE75Rr1w3IBYNpIF%2BEl8f5AL%2Fe6BkqcQyCbA%3D"}],"group":"cf-nel","max_age":604800}
x-zendesk-zorg
yes
x-ratelimit-reset
1693948121
x-ratelimit-limit
500
cf-ray
802172e0efc0360b-FRA
json
forms.hscollectedforms.net/collected-forms/v1/config/ 		116 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=20493702&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:579a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79d4ea180096539ea6d1b5502513bd55a764cd6d31a9bdca463258c6f30ae0bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://safesend.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
cef55693-37d5-4b5e-bb9e-90b0ee1fe7fc
x-envoy-upstream-service-time
9
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
cef55693-37d5-4b5e-bb9e-90b0ee1fe7fc
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://safesend.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-2zr9h
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
802172e1988b9207-FRA
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 		115 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=20493702
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fcf3e4106879a4b25973bee28a71a7418fc3255695cac13b5cf0309627f232c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
6993f7c8-c661-4486-96c9-25670664a90f
content-encoding
br
x-envoy-upstream-service-time
13
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
6993f7c8-c661-4486-96c9-25670664a90f
server
cloudflare
x-trace
2B024CFA2AB035EFD7139F3258CC555A69FC6C35AC000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://safesend.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-6c94986c56-grr9c
access-control-max-age
180
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FqdtPJ%2B69E1gXWIF2sRRcKkNdu%2B%2BzBHMUzaRqDLfg%2FPA2ZEO%2Bsf8CJHsoA26RWrYatk2VTv2yZyxt74y%2Fd4Q1nDwyRi6gfSUmPcm%2BCM%2FzigYPoDMrS3T0RQYpkRmKCUtktENfftjC1xuhecQ"}],"group":"cf-nel","max_age":604800}
cf-ray
802172e2ad87929b-FRA
access-control-allow-headers
*
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 21:08:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
d1db118d-12ff-4d0e-901b-55ceb2b7fdc1
x-envoy-upstream-service-time
1
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
d1db118d-12ff-4d0e-901b-55ceb2b7fdc1
Server
cloudflare
X-Trace
2BDE3C1E9706776A494A7BEA57379EF933BA32C5C5000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-wcwld
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
802172e2ca878fdc-FRA
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/600168156/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/600168156/?random=1693948119600&cv=11&fst=1693948119600&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&hn=www.googleadservices.com&frm=0&tiba=SafeSend%20Returns%20%7C%20Tax%20Return%20Assembly%20%26%20Delivery%20%7C%20SafeSend&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=1393742284.1693948119&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-600168156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22a650b564ad2e33b0094d69c18ff7789f109100b20ca869ea62d19c99801059
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 21:08:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1352
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/600168156/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/600168156/?random=1693948119600&cv=11&fst=1693947600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&frm=0&tiba=SafeSend%20Returns%20%7C%20Tax%20Return%20Assembly%20%26%20Delivery%20%7C%20SafeSend&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1743517854&rmt_tld=0&ipr=y
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 21:08:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/600168156/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/600168156/?random=1693948119600&cv=11&fst=1693947600000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&frm=0&tiba=SafeSend%20Returns%20%7C%20Tax%20Return%20Assembly%20%26%20Delivery%20%7C%20SafeSend&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1743517854&rmt_tld=1&ipr=y
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 21:08:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
web-widget-chat-incoming-message-notification-4b22769.js
static.zdassets.com/web_widget/classic/latest/ Frame CDDE 		236 B
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-4b22769.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:39 GMT
x-amz-version-id
46qKELeTBWCwzvVGXozLgYao3Jv6zCoR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
PDF9HF3Y8W0PVSQC
age
766779
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
fZDV0xg3FsFxrpZT9QCSaXjJuIqYZ/vFRf9YulowyRM5BpKf0DQIj2BxZq4TB6yykA80c5/5Xc6LsuxXSreimA==
last-modified
Thu, 24 Aug 2023 03:39:36 GMT
server
cloudflare
etag
W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10kn591le4hk%2F7CK%2BzSgNBa5mkyfOo7slj7Z1Af8N0uHePIC1p6dla9NYQ%2FQdclAHCa%2FcqEylqMeCrC57N6yQdg5l54r2LJqxuGceo%2FnczQW72qaS7E9x9iGpIQI3%2FR8Tojkzyw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
802172e5df1b4dc1-FRA
expires
Fri, 23 Aug 2024 03:39:35 GMT
zi-tag.js
js.zi-scripts.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/zi-tag.js
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.26.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-26-21.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c365a59132dd34b492cb3a77d534078dd35cbbf75dbb2eabbe328642b74a291b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
Rt6XPSKiJ8UdHSAhNzDbvtFnl_cNNgVn
content-encoding
gzip
via
1.1 6183f44271d091c21804d467f8a4ce20.cloudfront.net (CloudFront)
date
Tue, 05 Sep 2023 16:21:14 GMT
last-modified
Mon, 24 Jul 2023 07:50:42 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
age
30848
etag
W/"4eb0c668e820abe414d19a11b92dd0fa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
7nrcYVkLU2G9QjS48Vt7BC4hE__sgNjfgf2eaTpOq2sK7sPT26V2Zw==
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: safesend.com
URL: https://safesend.com/solutions/safesend-returns/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-96-194.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 21:08:40 GMT
content-encoding
gzip
X-Pardot-Route
16b0ab393667a33fe86adedc3141e88c
last-modified
Mon, 04 Sep 2023 05:27:53 GMT
Server
PardotServer
etag
"15f4-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
1988
expires
Thu, 04 Sep 2025 21:08:40 GMT
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1966805734&v=1.1&a=20493702&rcu=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&pu=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&t=SafeSend+Returns+%7C+Tax+Return+Assembly+%26+Delivery+%7C+SafeSend&cts=1693948119993&vi=0a5f1e1b35e815f371640c9d4c5dde41&nc=true&u=199304561.0a5f1e1b35e815f371640c9d4c5dde41.1693948119991.1693948119991.1693948119991.1&b=199304561.1.1693948119991&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:08:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
e3528fb2-af23-49ce-8758-4b68ead946f1
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
10
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
e3528fb2-af23-49ce-8758-4b68ead946f1
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bz1xPvxvrOVcSB1%2BYDbaupyDjKGl2Ftb3JfdCCCOj9DKaZ5qPJ4ha9CZeUrYmOsqKUgK9GO9Ee3p1T0XkbxI7XPmeCxck%2FQ2cGk%2B9AZcrPUdYpe2POoTlJaSO3DPUaUKJpCbe4gjtDmu8lZpTMu7"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-78r47
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
802172e63d1339f1-FRA
x-robots-tag
none
fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame CDDE 		19 KB
20 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 05 Sep 2023 21:08:40 GMT
x-amz-version-id
Dhfyi7.BwdDs73khKVLly.CpqC3d5sZl
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
91EYW58DWWJ9G5PF
age
4983096
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-19697/19698
x-amz-replication-status
COMPLETED
Content-Length
19698
x-amz-id-2
J6+o8cLTcs9Rv9aYxL55RpBzPwOz8zYrpvObjb0LsP7Awf2vb230RiEwpu09p+X+P51xfZKDu30=
last-modified
Mon, 01 May 2023 05:14:24 GMT
server
cloudflare
etag
"f11ce9e8f40a392830217253fe75d6de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0R2XMUNmbq4aLRFhDEcyjR8RCv1ztzK49drx%2F8rouwZSI3ypW2nyWziXi1Ch70FIVjzS1pbhnkfezpcEgbv3HnEdoHlPp5UoGdvHpFsJsTJzmHzqXscLVVcepQE5bMv6PFw4SE%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
802172e62f594dc1-FRA
expires
Tue, 30 Apr 2024 05:14:23 GMT
getSubscriptions
js.zi-scripts.com/unified/v1/master/ 		150 B
514 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.26.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-26-21.vie50.r.cloudfront.net
Software
/ Express
Resource Hash
61ab47ec99817d2d8f6b0813de75c63a0e254644b71609de46884cddc04cfbcb

Request headers

Content-Type
application/json
Referer
https://safesend.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer 7350a395091687360953
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
visited_url
https://safesend.com/solutions/safesend-returns/

Response headers

date
Tue, 05 Sep 2023 21:08:41 GMT
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
x-powered-by
Express
etag
W/"96-PFROoaMI/tzjaMlHYfEormh2d5g"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
content-length
150
apigw-requestid
KzTR9iDNvHcEM9A=
x-amz-cf-id
HXoE7ykFnHxR4MT6rOaEVDS3XEzfTYEjZhjyRG-wsb02gqaeND_S2Q==
getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.26.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-26-21.vie50.r.cloudfront.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,visited_url
Access-Control-Request-Method
GET
Origin
https://safesend.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
0
apigw-requestid
KzTR4inyPHcEMMw=
date
Tue, 05 Sep 2023 21:08:40 GMT
vary
Access-Control-Request-Headers
via
1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)
x-amz-cf-id
S85bWh_RPBby4VeM5g0dKWTM2q873D1SGIexM8g2RUJQLEScMsUONQ==
x-amz-cf-pop
VIE50-P1
x-cache
Miss from cloudfront
x-powered-by
Express
analytics
pi.pardot.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=76616&account_id=544992&title=SafeSend%20Returns%20%7C%20Tax%20Return%20Assembly%20%26%20Delivery%20%7C%20SafeSend&url=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-96-194.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
3a3d6a92711f36aedba3d8a37cae4297ae9112edb320f935c296914b06caed70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 05 Sep 2023 21:08:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
Accept-Encoding,User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
548
expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics
go.safesend.com/ 		50 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.safesend.com/analytics?conly=true&visitor_id=978978075&visitor_id_sign=2dcd3e09e2ad0361aba845d4a790154e4094b11c8da1e44d0db028e73052a3ec8191804b5af263fcaf06cca1a784035dc731c98c&pi_opt_in=&campaign_id=76616&account_id=544992&title=SafeSend%20Returns%20%7C%20Tax%20Return%20Assembly%20%26%20Delivery%20%7C%20SafeSend&url=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=76616&account_id=544992&title=SafeSend%20Returns%20%7C%20Tax%20Return%20Assembly%20%26%20Delivery%20%7C%20SafeSend&url=https%3A%2F%2Fsafesend.com%2Fsolutions%2Fsafesend-returns%2F&referrer=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-172-219.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safesend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 05 Sep 2023 21:08:41 GMT
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
50
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
ws.zoominfo.com/pixel/64b56875e3e8c322844079be/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/64b56875e3e8c322844079be/?iszitag=true
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cb045804ed4aa37365aae6de62907b93afffbed66fc5164fc883dbbacaecafdb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://safesend.com/solutions/safesend-returns/
_vtok
MjE3LjExNC4yMTguMjc=
_zitok
54c8979bf8621d7a0aee1693948121
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/javascript

Response headers

date
Tue, 05 Sep 2023 21:08:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://safesend.com
access-control-allow-credentials
true
cf-ray
802172ee7950049f-FRA
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok
alt-svc
h3=":443"; ma=86400
/
ws.zoominfo.com/pixel/64b56875e3e8c322844079be/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/64b56875e3e8c322844079be/?iszitag=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_vtok,_zitok,content-type
Access-Control-Request-Method
GET
Origin
https://safesend.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok
access-control-allow-origin
https://safesend.com
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
802172ed4e039119-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 05 Sep 2023 21:08:41 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture function| gtag object| dataLayer object| zi string| ZIProjectKey string| SLScoutObject function| slscout object| zEWebpackACJsonp function| zE function| zEmbed object| zESettings function| saveScrollPositions object| _wpemojiSettings function| $ function| jQuery object| Foundation object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| gaGlobal function| Cleave function| startCounter function| labnolIframe function| initYouTubeVideos number| lFollowX number| lFollowY number| x number| y number| friction function| moveBackground function| init number| instanceCount function| Froogaloop boolean| countedNumber string| translate object| classie function| $f function| lozad boolean| zEACLoaded string| piAId string| piCId string| piHostname object| _vbset object| _hsp function| onYouTubeIframeAPIReady boolean| PIXELS_RAN object| enabledEventSettings object| _hsq function| $zopim object| _paq function| sanitizeKey boolean| _hstc_loaded object| __hsCollectedFormsDebug object| twemoji object| wp boolean| _hspb_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| zitag function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piResponse object| ziws

25 Cookies

Domain/Path Name / Value
safesend.com/ Name: PHPSESSID
Value: o3lgiao3j44mbt3moeqmnf8gpv
.safesend.com/ Name: _gcl_au
Value: 1.1.1393742284.1693948119
.safesend.com/ Name: _ga_N4ED345K9H
Value: GS1.1.1693948118.1.0.1693948118.0.0.0
.safesend.com/ Name: _ga
Value: GA1.1.1383547455.1693948119
safesend.com/ Name: slireg
Value: https://scout.us4.salesloft.com
safesend.com/ Name: sliguid
Value: 5b334f02-90f9-4f04-b943-46eb47dfc0bb
safesend.com/ Name: slirequested
Value: true
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: 9eroHBb6uaiwJAsNbxdX6VE0HfrtYBLM4HiFbrAFofKvRCPX/V+/MVvcyGffWy/Z2NG5/J9x4JSbq/1r+3I5vpQTqr3n2mrJOkCpSh4JwlSOVlT38ojyIWANQk9t
.doubleclick.net/ Name: IDE
Value: AHWqTUn_w8DVPDcP8WfafP99IYyrcbppOzzcQX3edniuqu_9djD4Fn_ScjLb9itI
.safesend.com/ Name: __zlcmid
Value: 1Hhm6I1I3F5MclN
.safesend.com/ Name: __hstc
Value: 199304561.0a5f1e1b35e815f371640c9d4c5dde41.1693948119991.1693948119991.1693948119991.1
.safesend.com/ Name: hubspotutk
Value: 0a5f1e1b35e815f371640c9d4c5dde41
.safesend.com/ Name: __hssrc
Value: 1
.safesend.com/ Name: __hssc
Value: 199304561.1.1693948119991
.hubspot.com/ Name: __cf_bm
Value: uOQONMOdF5Fn5oHNVlQkPD46yrqXhvZCQVBBj322j2A-1693948120-0-AQHTE954VHkF8PLAQFpYlklXuysAv0LpmlBTR4lwgnjjg6pVgcftwpnyxL8eG1FLUuI1JGZWGwGEusfR0ZROVbg=
.pardot.com/ Name: visitor_id543992
Value: 978978075
.pardot.com/ Name: visitor_id543992-hash
Value: 2dcd3e09e2ad0361aba845d4a790154e4094b11c8da1e44d0db028e73052a3ec8191804b5af263fcaf06cca1a784035dc731c98c
pi.pardot.com/ Name: lpv543992
Value: aHR0cHM6Ly9zYWZlc2VuZC5jb20vc29sdXRpb25zL3NhZmVzZW5kLXJldHVybnMv
safesend.com/ Name: visitor_id543992
Value: 978978075
safesend.com/ Name: visitor_id543992-hash
Value: 2dcd3e09e2ad0361aba845d4a790154e4094b11c8da1e44d0db028e73052a3ec8191804b5af263fcaf06cca1a784035dc731c98c
.safesend.com/ Name: _zitok
Value: 54c8979bf8621d7a0aee1693948121
.zoominfo.com/ Name: __cf_bm
Value: vsPu1o9JjqHHjkiR6BWEjC5GDcVAKdS_FzXCSDdR5iw-1693948121-0-Aez6LDNbpuj0gofqwkzhweVKO38DqUGYlF4nQ8TOt9MoPru8Xdtm0cjP3QNM6P0RZaSLvex0H9Yy32IEE/ZNMD8=
.zoominfo.com/ Name: _cfuvid
Value: f8hQIJMSlbQceMRlpskfnz9u2WzsFcFPv8WstwaIW6Y-1693948121515-0-604800000
go.safesend.com/ Name: visitor_id543992
Value: 978978075
go.safesend.com/ Name: visitor_id543992-hash
Value: 2dcd3e09e2ad0361aba845d4a790154e4094b11c8da1e44d0db028e73052a3ec8191804b5af263fcaf06cca1a784035dc731c98c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
cpaperless.zendesk.com
ekr.zdassets.com
fonts.googleapis.com
forms.hscollectedforms.net
forms.hsforms.com
go.safesend.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.zi-scripts.com
p.typekit.net
pi.pardot.com
region1.google-analytics.com
safesend.com
safesendreturns.com
scout-cdn.salesloft.com
scout.salesloft.com
static.zdassets.com
track.hubspot.com
use.typekit.net
ws.zoominfo.com
www.google.com
www.google.de
www.googletagmanager.com
www.vbt.io
104.16.53.111
104.18.70.113
104.18.72.113
137.184.157.230
18.66.26.21
2001:4860:4802:32::36
2606:4700:4400::6812:22e5
2606:4700::6810:50ba
2606:4700::6810:890f
2606:4700::6810:bb59
2606:4700::6811:4341
2606:4700::6811:579a
2606:4700::6811:cbcc
2606:4700::6811:e7a3
2606:4700::6812:c07d
2606:4700::6813:9b53
2a00:1450:4001:80e::2004
2a00:1450:4001:813::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:829::2008
2a00:1450:4001:831::2002
2a02:26f0:3500:16::215:1495
3.215.172.219
3.33.152.147
34.196.210.91
52.54.96.194
54.152.66.3
026c249acda71b64fe2510542d88ae26073694f89b595b1fd0e9f3ad501bf6b4
028d226f2d1880c9460ae6575d8baa726e9fa28dfd434426deabbcff5b725ad3
05f2fbd5e3ceb9405b1dd1d282d384e53543454d0354f2e6f905c04c2efc2cba
0887bd3d99ac8c52fd966b31f24e3db6a3aebe41eeaa5b289023b3be1c7e4ef6
0fcf3e4106879a4b25973bee28a71a7418fc3255695cac13b5cf0309627f232c
13a212c6b892024aae8c2db3d8cf9a5ec7d7f0f86948669384001e375a55edb5
192a971cf1cba95a87e86d7593ed9086720175fe43f7f038043dd90f5f1832f5
19f9bd2c56e13a1adc382fb52bb03abe6ea7284415855adeb244cfce20cca048
1a1fd3be6d8270cea04d54b3e34b516954c21e9f7f0e13009734b5d1a5ccaeb8
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
22a650b564ad2e33b0094d69c18ff7789f109100b20ca869ea62d19c99801059
24a0379eaeac3d8de8f2b77a318fef99bae4ef5ca07d2eca39b8a0f3c21911b6
295343a2b5edc672616be4ec3ff084ce2ecfc4c8de9ddd67c3443ff87b767357
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
2e1f2b0cfc55f99281f4b019a5e09594e53053f0dd36d137aed43bcf5946dc53
3395dab0f1bc72b607bba1ef110a10a0d66031c18875c4c0af72c2ee065b5fd8
34d4559f46dfa5f9a67243a7bbaf9d5d4bacfe7bd392fc16a6c4e0c6d95e1630
3648f198c449a24c62f1a53234edd563652ed6ba5e27ae3cdc699d947391da63
399c13fe7c0ed145edc5ec0c92ac7cb47492d936cf94610e1b80e2fece4912d9
3a3d6a92711f36aedba3d8a37cae4297ae9112edb320f935c296914b06caed70
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
3def882cf0377243fc79620a58078e7348370b01335d1e9db1c42e0a387ad3bb
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
53b63be2f9ab7f75dd4702ae1f07e7bb82dbdcfb8e6df77c9f173b213c1af912
578a6477e6e293f52f78180cbe5228a5962db91af17393b1700c402c0e81a6f9
61ab47ec99817d2d8f6b0813de75c63a0e254644b71609de46884cddc04cfbcb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d40942bc86c56032e0b89ab69037c33fcfcbd89f9a922658c4755af6fea50bb
73d3ce1ecea3cb6b1069bb5d7724ce69b5419175d6a981834ac2e2fbef91538d
79d4ea180096539ea6d1b5502513bd55a764cd6d31a9bdca463258c6f30ae0bd
7dc900cab2495fc8aaf4816ccf5252366bf747cbcb97d84c8a588621770ac88f
7eb194c2648de022cb8f29399b9f4409d5ec0cc5314d6e4eea175c78d1d5089a
89c1863512236f0aebb387604922980af491a232fe175a76d863bbae06ab9bcd
8a4e0287eb7edcc291250fd3f6ea293f25ccccfe3daa5fcd0c56e026592d5181
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
99d8a905e797b801a94bfdffe15b6c951468ea2897e0208ea2cd37f1358ff36a
9ccb09063199907dad58bd428d1e50dccbdc710b13e7306a244a4ccd8a292035
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
af82395b5629863b6051ffb84271567ba848c4fe861bb424f242db15bcbc6b21
b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921
be80d5eb86cc5f5ec5ed97756954cbe7c2109e86eb924f5ff10250c08dab07ae
c28d25edc0302ed9989d357c0e29bd4214592ea8a3d7f120735add93da851e1e
c365a59132dd34b492cb3a77d534078dd35cbbf75dbb2eabbe328642b74a291b
c6f0d9507b6b32bbc2b4e519145f512f174a208491c1864191417f4cfa41324e
cb045804ed4aa37365aae6de62907b93afffbed66fc5164fc883dbbacaecafdb
d1ee65f4db0cb8e820e9b4ea86af2f0034fc4a8f93bad73bc6f96fe633dc8a94
d2ae6a17951c333ad801a95a6a89284aab6b9fc26546d9944ac953a6e4df227f
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
dd4be9042a59092f846756f53e210e006fccb12797ece1f1e6fb8fa2e5c2e387
e3a4b3fc49c8963cb2a7d5ee2827a82d309456227174b517256b2a343116463d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71f8e840afb11d105bcd6a50d131b3651b350acf44b8edf40a8a5f1e59fac18
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f29692bed02af855a1b94e4b99ac94de8b6f4a41d86ac6ac2897e47d0a0d66b2
f42405ae266f4dc6cf461296e8e27e52c14d7bed49c84d575098a2d6c1dd4f22
f56ab1d176c52ea80b72ca80592468d93c91c6af82c805573dbf1415d876dd36
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872
fe529a0c4b6a9ef7421fad70c10e9337402adcb8536e7f64c1bf4ae6fba11aae
ff845cb4242bfc02e5e69dd2040af1597671cb21a13044926c71da06d8c76d31