safe-returns.ch Open in urlscan Pro
104.18.40.189 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://safereturn.ch/
Effective URL:
https://safe-returns.ch/
Submission: On November 26 via api (November 26th 2023, 3:05:45 pm UTC) from CH — Scanned from CH

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 21 HTTP transactions. The main IP is 104.18.40.189, located in and belongs to CLOUDFLARENET, US. The main domain is safe-returns.ch.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 27th 2023. Valid for: a year.

This is the only time safe-returns.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	76.223.34.124 76.223.34.124	16509 (AMAZON-02) (AMAZON-02)
17	104.18.40.189 104.18.40.189	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	52.215.51.239 52.215.51.239	16509 (AMAZON-02) (AMAZON-02)
21	5

1 76.223.34.124 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aa089eb6179d1ae2b.awsglobalaccelerator.com

safereturn.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.18.40.189 (None, )

ASN13335 (CLOUDFLARENET, US)

safe-returns.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.51.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-51-239.eu-west-1.compute.amazonaws.com

jnj-prod.apigee.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	safe-returns.ch safe-returns.ch	981 KB
2	apigee.net jnj-prod.apigee.net — Cisco Umbrella Rank: 796987	1 KB
1	gstatic.com fonts.gstatic.com	20 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	safereturn.ch 1 redirects safereturn.ch	244 B
21	5

	Domain	Requested by
17	safe-returns.ch	safe-returns.ch
2	jnj-prod.apigee.net	safe-returns.ch
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	safe-returns.ch
1	safereturn.ch	1 redirects
21	5

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-27` - `2024-03-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.apigee.net GTS CA 1D4	`2023-11-05` - `2024-02-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://safe-returns.ch/
Frame ID: 27860997BB531CE71ADEF24EF7D8C33D
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Safe Returns

Page URL History Show full URLs

https://safereturn.ch/ HTTP 301
https://safe-returns.ch/ Page URL

Page Statistics

21
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

1003 kB
Transfer

2327 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://safereturn.ch/ HTTP 301
https://safe-returns.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
safe-returns.ch/
Redirect Chain

https://safereturn.ch/
https://safe-returns.ch/

1 KB
2 KB

186ms
87ms

Document
text/html

104.18.40.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safe-returns.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.40.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fc5540dee9e910fae0e4cbb5ed8daba372ad476cbc4fe7a193e5d3dfd58940

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

age: 21095
cf-cache-status: DYNAMIC
cf-ray: 82c307e7bb0f01f0-ZRH
content-encoding: gzip
content-security-policy: default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
content-type: text/html
date: Sun, 26 Nov 2023 15:05:39 GMT
last-modified: Mon, 02 Oct 2023 21:30:39 GMT
referrer-policy: origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 6ea1443d3dc39c2be7c23883fb0bd3e0.cloudfront.net (CloudFront)
x-amz-cf-id: YmkUPxe64HATtJNQ15Mc6CeqZH083QHviLlr2sJLchbbKu2BkCAy0A==
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1

Redirect headers

cache-control: no-store, max-age=0
content-encoding: gzip
content-length: 143
content-type: text/html
date: Sun, 26 Nov 2023 15:05:39 GMT
er-request-id: 1b32d4485ea6b6c04125042840fbd99d
er-rule-id: r-91c394ea-c580-4bbf-9725-96561fabe4f5
location: https://safe-returns.ch/
pragma: no-cache
server: EasyRedir
x-content-type-options: nosniff

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 282ms
31ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Maven+Pro:wght@400;500;600&family=Roboto:wght@100&display=swap

Requested by

Host: safe-returns.ch
URL: https://safe-returns.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

feec0c46ce48947f0a4f98b539064829956218d0f3f38f8bbbb5ff22aa3d77ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Nov 2023 15:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Nov 2023 15:05:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Nov 2023 15:05:40 GMT

GET
H2 200 index-6ba7134b.js Show response
safe-returns.ch/assets/ 2 MB
473 KB 242ms
242ms Script
application/javascript 104.18.40.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safe-returns.ch/assets/index-6ba7134b.js

Requested by

Host: safe-returns.ch
URL: https://safe-returns.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.40.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c237eaf271f581ad5fab0be3eca863c8e48800a3a7285aa6d896e2e2ed780920

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Referer: https://www.google.com/
Origin: https://safe-returns.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 15:05:40 GMT
content-encoding: gzip
via: 1.1 7eb9eadda041aaab1056a6a0f8080462.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: RefreshHit from cloudfront
x-xss-protection: 1
referrer-policy: origin
last-modified: Mon, 02 Oct 2023 21:30:39 GMT
server: cloudflare
etag: W/"3927d6e25fa0273e4c464d1a4780f8e8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cf-ray: 82c307e84c1701f0-ZRH
x-amz-cf-id: OLLOq3gpP87wEyRngjSudTYez0fh9cxhPPVipTPNN4Ghbxrrrm5kxw==

GET
H2 200 index-a583c9ef.css
safe-returns.ch/assets/ 97 KB
16 KB 260ms
260ms Stylesheet
text/css 104.18.40.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safe-returns.ch/assets/index-a583c9ef.css

Requested by

Host: safe-returns.ch
URL: https://safe-returns.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.40.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a583c9ef6f29f061f978ce5a4aa8a24b740be3019b6f28c6a766a6bd11e6561b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 15:05:40 GMT
content-encoding: gzip
via: 1.1 6ea1443d3dc39c2be7c23883fb0bd3e0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: RefreshHit from cloudfront
x-xss-protection: 1
referrer-policy: origin
last-modified: Mon, 02 Oct 2023 21:30:39 GMT
server: cloudflare
etag: W/"cfbdee79e9fd4c321f3b3778514026a8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
cf-ray: 82c307e84c1401f0-ZRH
x-amz-cf-id: W4LayvfnoiIuPMtKcvz54jXIG-KRbYu0qS2O6yIagUpchkKbB7IRbA==

GET
H2 200 ch.json Show response
safe-returns.ch/locales/en/ 75 KB
23 KB 268ms
268ms Fetch
application/json 104.18.40.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safe-returns.ch/locales/en/ch.json

Requested by

Host: safe-returns.ch
URL: https://safe-returns.ch/assets/index-6ba7134b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.40.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8eee9f768712847d8100146c37c29ebbd37a64df9713cf52d75821e207580e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 15:05:40 GMT
content-encoding: gzip
via: 1.1 9f25aa45df27e50f380232059fde4c1a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: RefreshHit from cloudfront
x-xss-protection: 1
referrer-policy: origin
last-modified: Mon, 02 Oct 2023 21:30:40 GMT
server: cloudflare
etag: W/"dfe623099b44d707b9858cc9f18a5867"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json
cf-ray: 82c307ea9ff801f0-ZRH
x-amz-cf-id: lmrU5mw3dxxTbPGB-AEBuD6mwatvPf3Ti51ez4__vpKEjDqzAR9s_A==

GET
H2 200 ch.json Show response
safe-returns.ch/locales/de/ 87 KB
27 KB 223ms
223ms Fetch
application/json 104.18.40.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safe-returns.ch/locales/de/ch.json

Requested by

Host: safe-returns.ch
URL: https://safe-returns.ch/assets/index-6ba7134b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.40.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee594ba8fbeea83b875ebd4ca70063fb347a5eb5e7dd291943b2d4ea7ec3f38d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 15:05:40 GMT
content-encoding: gzip
via: 1.1 6ea1443d3dc39c2be7c23883fb0bd3e0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: origin
last-modified: Mon, 02 Oct 2023 21:30:39 GMT
server: cloudflare
etag: W/"9864551d99cd5ecf719c94a9fae47ac7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json
cf-ray: 82c307ea9ffa01f0-ZRH
x-amz-cf-id: CKZylWQvVknvdOkpQ-ukm8VUSqgzozm0uiFzk-rrtQC9a7tNlgz--g==

GET
H2 200 7Au9p_AqnyWWAxW2Wk3GzWQI.woff2
fonts.gstatic.com/s/mavenpro/v33/ 19 KB
20 KB 88ms
24ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mavenpro/v33/7Au9p_AqnyWWAxW2Wk3GzWQI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Maven+Pro:wght@400;500;600&family=Roboto:wght@100&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03df3810057024145917e96fda09bb9e193050a8cf5913962448acfab588e384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://safe-returns.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:51:34 GMT
x-content-type-options: nosniff
age: 335646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19676
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Nov 2024 17:51:34 GMT

GET
H2 200 JanssenFooterLogo.png
safe-returns.ch/images/ 4 KB
4 KB 286ms
286ms Image
image/png 104.18.40.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe-returns.ch/images/JanssenFooterLogo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.40.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0302d8975e03cba886c6daf87bc055a2296c4af139c03615be62267b8dce5d27

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 15:05:40 GMT
via: 1.1 841da31399fe7f7e7065c840a22fae0a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 3962
x-xss-protection: 1
referrer-policy: origin
last-modified: Mon, 02 Oct 2023 21:30:39 GMT
server: cloudflare
etag: "a0903c54a6e9f34f1411626a6d2946a6"
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
cf-ray: 82c307eab82a01f0-ZRH
x-amz-cf-id: z6NAZH21azIihW8g6R_UaequnYMJCkhYzyq-0WBYW_nQkQueWmOEWw==

GET
DATA 200
OK truncated
/ 199 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55f7352789752487cf22677a30a8f23e599461f2eaf54ee4e65440928cb009ba

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 SRDesktopHeader-317c1546.png
safe-returns.ch/assets/ 5 KB
5 KB 226ms
225ms Image
image/png 104.18.40.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe-returns.ch/assets/SRDesktopHeader-317c1546.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.40.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

317c1546b204ef5afe22822bf4ed5399a634e02336b792fd08323b834433d0e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 15:05:40 GMT
via: 1.1 9f25aa45df27e50f380232059fde4c1a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 5045
x-xss-protection: 1
referrer-policy: origin
last-modified: Mon, 02 Oct 2023 21:30:38 GMT
server: cloudflare
etag: "c0af5ba24c7ae9770363d96b972ba4b3"
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
cf-ray: 82c307ec5af101f0-ZRH
x-amz-cf-id: NSvGVAiHLl7_yqtIDXbE-xbFh5X_sf9OE6wTz5uBuqukIqWhqWG0vA==

GET
H2 200 safe-returns-logo-e613f0e4.png
safe-returns.ch/assets/ 4 KB
4 KB 156ms
154ms Image
image/png 104.18.40.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe-returns.ch/assets/safe-returns-logo-e613f0e4.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.40.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e613f0e48ad8164efa44e96a67936cc7f061b71dcba1e6cfb97917edfe0afd93

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 15:05:40 GMT
via: 1.1 841da31399fe7f7e7065c840a22fae0a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 4399
x-xss-protection: 1
referrer-policy: origin
last-modified: Mon, 02 Oct 2023 21:30:39 GMT
server: cloudflare
etag: "8fa6b3a566545700d8138c9ae0830aa2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
cf-ray: 82c307ec6b0501f0-ZRH
x-amz-cf-id: te4e_xUEb0btGMbJODj8jVhr3lt274MGKH5IMQhxJzqsdNGcjtYwuQ==

GET
H2 200 brochure-envelope-b40c5ccf.png
safe-returns.ch/assets/ 12 KB
12 KB 205ms
204ms Image
image/png 104.18.40.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe-returns.ch/assets/brochure-envelope-b40c5ccf.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.40.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b40c5ccf66f38ab83a47debe52948443c1e2faf15930749d9196dfa55f5bd6e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 15:05:40 GMT
via: 1.1 d75d7156b5e1833582c3070298720664.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 12160
x-xss-protection: 1
referrer-policy: origin
last-modified: Mon, 02 Oct 2023 21:30:39 GMT
server: cloudflare
etag: "c9aa7cf19488c3891e81353ecd136775"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
cf-ray: 82c307ec6b0601f0-ZRH
x-amz-cf-id: 0Bq0EiXy3Q8qgMb-bKoTWkbGvZuvorlD57ksYfn_63Y6n4Bs3QQAjQ==

GET
H2 200 First-step-92af6f8c.png
safe-returns.ch/assets/ 25 KB
25 KB 237ms
236ms Image
image/png 104.18.40.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe-returns.ch/assets/First-step-92af6f8c.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.40.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92af6f8c4f8d4f77210b2fee5ec85b1aa5fc4075e75fd7bf1a9b08237d5d51db

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 15:05:40 GMT
via: 1.1 179ba4c3ce59451c080c2ed7517bcb96.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 25612
x-xss-protection: 1
referrer-policy: origin
last-modified: Mon, 02 Oct 2023 21:30:38 GMT
server: cloudflare
etag: "1de1de7e7e2044ee8536d4f81d5dfad8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
cf-ray: 82c307ec6b0701f0-ZRH
x-amz-cf-id: 7yaUGDR_Oq8zhln2PRwW3hf6IupjMju_nCnVV7sVYfqZo3y1DaxSZw==

GET
H2 200 Second-step-38dfcd5b.png
safe-returns.ch/assets/ 23 KB
23 KB 183ms
182ms Image
image/png 104.18.40.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe-returns.ch/assets/Second-step-38dfcd5b.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.40.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38dfcd5b25f4e6837530ec270736af6022533362e96bce415e322689d13a3cb8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 15:05:40 GMT
via: 1.1 f6d3d027dc70c7291c2f685efb187ab2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 23051
x-xss-protection: 1
referrer-policy: origin
last-modified: Mon, 02 Oct 2023 21:30:38 GMT
server: cloudflare
etag: "075c7f4826f6340fa0c249f736924e7a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
cf-ray: 82c307ec6b0801f0-ZRH
x-amz-cf-id: PtXuEzIIUJj6z9WliRdiixEWF3oa3lqzCCrgYc3QiqZIML5Vq7ynMw==

GET
H2 200 Third-step-45a75758.png
safe-returns.ch/assets/ 16 KB
17 KB 236ms
235ms Image
image/png 104.18.40.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe-returns.ch/assets/Third-step-45a75758.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.40.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45a75758143e823df3c0da3ea9a1b5dca8875e69bc6b6a45ea225a75dbf5e7a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 15:05:40 GMT
via: 1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 16064
x-xss-protection: 1
referrer-policy: origin
last-modified: Mon, 02 Oct 2023 21:30:38 GMT
server: cloudflare
etag: "00c131c581bc97490d4373e3e813e25b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
cf-ray: 82c307ec6b0901f0-ZRH
x-amz-cf-id: HqLUFSc2A31uyCb7uKn_HR3AcI4LCb8wATUIjlQl3JejhuS1g0Lcwg==

GET
H2 200 Forth-step-168c205e.png
safe-returns.ch/assets/ 22 KB
23 KB 185ms
185ms Image
image/png 104.18.40.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe-returns.ch/assets/Forth-step-168c205e.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.40.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

168c205e39f0325fb4c985452417a3573566d114aa1671f8da153ba5100a4ed1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 15:05:40 GMT
via: 1.1 9f25aa45df27e50f380232059fde4c1a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 23023
x-xss-protection: 1
referrer-policy: origin
last-modified: Mon, 02 Oct 2023 21:30:38 GMT
server: cloudflare
etag: "2a9cdd470763d7af6f9cdb913875e40e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
cf-ray: 82c307ec6b0a01f0-ZRH
x-amz-cf-id: eJ5cVnepsBR--PVhfVPMU1vbshAPnzLQ1QcJ_4cH4NqSOHMWWfbLWQ==

GET
H2 200 DeviceOne-f8d496b5.png
safe-returns.ch/assets/ 89 KB
90 KB 201ms
200ms Image
image/png 104.18.40.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe-returns.ch/assets/DeviceOne-f8d496b5.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.40.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8d496b573cff464847689f96fb6890b19e9eb281385506c39ccff2ecc03b7d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 15:05:40 GMT
via: 1.1 01c82f5226ffef5f7e654ffdbab24db6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 91502
x-xss-protection: 1
referrer-policy: origin
last-modified: Mon, 02 Oct 2023 21:30:38 GMT
server: cloudflare
etag: "b0f0f1da20b5ac0d464c341ffbd50dad"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
cf-ray: 82c307ec6b0c01f0-ZRH
x-amz-cf-id: XUfapgNADd19j4fHCGKEViyvBQyQEqccMYoJ43VqWtvp10AZ2wJbGg==

GET
H2 200 DeviceTwo-d69d3dfa.png
safe-returns.ch/assets/ 134 KB
135 KB 176ms
175ms Image
image/png 104.18.40.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe-returns.ch/assets/DeviceTwo-d69d3dfa.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.40.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d69d3dfa8865811438b9a84a72a423c7391b696b40279caa056c37263e0ce36a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 15:05:40 GMT
via: 1.1 9c0ce977a13f3d9bbc6eed6540faf728.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 137356
x-xss-protection: 1
referrer-policy: origin
last-modified: Mon, 02 Oct 2023 21:30:38 GMT
server: cloudflare
etag: "442d27d0f66b20f553c44653c7f98bf6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
cf-ray: 82c307ec6b0e01f0-ZRH
x-amz-cf-id: -vdTkMNmdAbPnsbv9oxCAVtdpU4ywzKO46CU-BBhppmCx5ugTjtoQQ==

GET
H2 200 DeviceThree-d70037b9.png
safe-returns.ch/assets/ 97 KB
98 KB 158ms
157ms Image
image/png 104.18.40.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe-returns.ch/assets/DeviceThree-d70037b9.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.40.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d70037b9ac1256aab947b2abf3ee52af8ae6ccb8022b23ee2fa1e3a19ebbc26b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 15:05:40 GMT
via: 1.1 6ea1443d3dc39c2be7c23883fb0bd3e0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 99639
x-xss-protection: 1
referrer-policy: origin
last-modified: Mon, 02 Oct 2023 21:30:38 GMT
server: cloudflare
etag: "e885eae4e28a9a112552e85d79160596"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
cf-ray: 82c307ec6b1101f0-ZRH
x-amz-cf-id: 9ppfd-bhD5EszSVuNJBri-H89BepzqCCQ-2W25eIoe5f1tf0nQr8_g==

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b81bbcf1db4832b049f9ad09816f0c293c6ec575aee068d95a05acf1918bd42

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b3f6e1abb7f2aeea8c29700ed0c81dd838e7802295d6d6d62e28c7690e704ec

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 JanssenFooterLogo.png
safe-returns.ch/images/ 4 KB
4 KB 67ms
66ms Image
image/png 104.18.40.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe-returns.ch/images/JanssenFooterLogo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.40.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0302d8975e03cba886c6daf87bc055a2296c4af139c03615be62267b8dce5d27

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 15:05:40 GMT
via: 1.1 2bb98457c96f801517f8d0d98344cd3c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3962
x-xss-protection: 1
referrer-policy: origin
last-modified: Mon, 02 Oct 2023 21:30:39 GMT
server: cloudflare
etag: "a0903c54a6e9f34f1411626a6d2946a6"
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
cf-ray: 82c307ec7b2101f0-ZRH
x-amz-cf-id: GzNzdBac0Nvvhj1vvb_xeAFVP2aMjTZPZdU4a059cwsN1my-lAXL3Q==

GET
H/1.1 200
OK report Show response
jnj-prod.apigee.net/safe-returns-global/v1/impact/ 33 B
1 KB 739ms
739ms XHR
application/json 52.215.51.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://jnj-prod.apigee.net/safe-returns-global/v1/impact/report

Requested by

Host: safe-returns.ch
URL: https://safe-returns.ch/assets/index-6ba7134b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.215.51.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-51-239.eu-west-1.compute.amazonaws.com

Software

cloudflare /

Resource Hash

4eccd8a9688577a22149d9602d2b01ab26a788c0fad842120ef022d7079b693f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.google.com/
apiKey: kLiPGfsjwOlBiyct4AqFfuDOgw21wjYQ
accept-language: de-CH,de;q=0.9
routeTo: CH
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 15:05:41 GMT
Content-Security-Policy: frame-ancestors 'none'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 33
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Server: cloudflare
Cross-Origin-Opener-Policy: same-origin
ETag: W/"21-Yz0mnZTulVoXM2pzF116OrzcAo8"
X-Download-Options: noopen
X-Frame-Options: deny
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://safe-returns.ch
Origin-Agent-Cluster: ?1
Access-Control-Max-Age: 3628800
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Accept-Ranges: bytes
CF-RAY: 82c307ee3de956f0-DUB
Access-Control-Allow-Headers: origin, x-requested-with, accept, content-type, authorization, apikey, x-token, routeto

OPTIONS
H/1.1 204
No Content report
jnj-prod.apigee.net/safe-returns-global/v1/impact/ 0
0 250ms
140ms Preflight 52.215.51.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://jnj-prod.apigee.net/safe-returns-global/v1/impact/report

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.215.51.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-51-239.eu-west-1.compute.amazonaws.com

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,routeto
Access-Control-Request-Method: GET
Origin: https://safe-returns.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin, x-requested-with, accept, content-type, authorization, apikey, x-token, routeto
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: https://safe-returns.ch
Access-Control-Max-Age: 3628800
CF-Cache-Status: DYNAMIC
CF-RAY: 82c307ed4fa35753-DUB
Connection: keep-alive
Content-Security-Policy: frame-ancestors 'none'
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Sun, 26 Nov 2023 15:05:40 GMT
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Server: cloudflare
Strict-Transport-Security: max-age=31536000
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: deny
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| regeneratorRuntime

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self';manifest-src 'self';script-src 'self' https://www.google.com/ https://www.gstatic.com/;connect-src 'self' https://www.google.com/ https://jnj-dev.apigee.net/ https://jnj-staging.apigee.net/ https://jnj-prod.apigee.net/ https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/;img-src 'self' data:;style-src 'unsafe-inline' 'self' https://fonts.googleapis.com;frame-ancestors 'self';form-action 'self';font-src 'self' https://fonts.gstatic.com data:;frame-src https://dev-jnj-pharm-sr.oktapreview.com/ https://stg-jnj-pharm-sr.oktapreview.com/ https://prod-jnj-pharm-sr.okta.com/ https://www.google.com/ https://www.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
jnj-prod.apigee.net
safe-returns.ch
safereturn.ch
104.18.40.189
2a00:1450:4001:806::200a
2a00:1450:4001:828::2003
52.215.51.239
76.223.34.124
0302d8975e03cba886c6daf87bc055a2296c4af139c03615be62267b8dce5d27
03df3810057024145917e96fda09bb9e193050a8cf5913962448acfab588e384
0b81bbcf1db4832b049f9ad09816f0c293c6ec575aee068d95a05acf1918bd42
168c205e39f0325fb4c985452417a3573566d114aa1671f8da153ba5100a4ed1
317c1546b204ef5afe22822bf4ed5399a634e02336b792fd08323b834433d0e1
38dfcd5b25f4e6837530ec270736af6022533362e96bce415e322689d13a3cb8
45a75758143e823df3c0da3ea9a1b5dca8875e69bc6b6a45ea225a75dbf5e7a5
4eccd8a9688577a22149d9602d2b01ab26a788c0fad842120ef022d7079b693f
55f7352789752487cf22677a30a8f23e599461f2eaf54ee4e65440928cb009ba
7b3f6e1abb7f2aeea8c29700ed0c81dd838e7802295d6d6d62e28c7690e704ec
92af6f8c4f8d4f77210b2fee5ec85b1aa5fc4075e75fd7bf1a9b08237d5d51db
a583c9ef6f29f061f978ce5a4aa8a24b740be3019b6f28c6a766a6bd11e6561b
b40c5ccf66f38ab83a47debe52948443c1e2faf15930749d9196dfa55f5bd6e3
b9fc5540dee9e910fae0e4cbb5ed8daba372ad476cbc4fe7a193e5d3dfd58940
c237eaf271f581ad5fab0be3eca863c8e48800a3a7285aa6d896e2e2ed780920
c8eee9f768712847d8100146c37c29ebbd37a64df9713cf52d75821e207580e7
d69d3dfa8865811438b9a84a72a423c7391b696b40279caa056c37263e0ce36a
d70037b9ac1256aab947b2abf3ee52af8ae6ccb8022b23ee2fa1e3a19ebbc26b
e613f0e48ad8164efa44e96a67936cc7f061b71dcba1e6cfb97917edfe0afd93
ee594ba8fbeea83b875ebd4ca70063fb347a5eb5e7dd291943b2d4ea7ec3f38d
f8d496b573cff464847689f96fb6890b19e9eb281385506c39ccff2ecc03b7d3
feec0c46ce48947f0a4f98b539064829956218d0f3f38f8bbbb5ff22aa3d77ba

safe-returns.ch Open in urlscan Pro 104.18.40.189 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

21 Requests

100 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

5 IPs

4 Countries

1003 kBTransfer

2327 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

safe-returns.ch Open in urlscan Pro
104.18.40.189 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

1003 kB
Transfer

2327 kB
Size

0
Cookies

21 HTTP transactions
3 data transactions