urlscan.io logo urlscan.io
SecurityTrails logo

prep.safehold.com Open in urlscan Pro
2606:4700::6812:1a73  Public Scan

Go To Rescan Add Verdict Report
URL: https://prep.safehold.com/
Submission: On December 13 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 28 HTTP transactions. The main IP is 2606:4700::6812:1a73, located in United States and belongs to CLOUDFLARENET, US. The main domain is prep.safehold.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 13th 2021. Valid for: a year.
This is the only time prep.safehold.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.18.16.203 13335 (CLOUDFLAR...)
1 2606:2800:233... 15133 (EDGECAST)
2 13.69.106.208 8075 (MICROSOFT...)
28 7
19    2606:4700::6812:1a73 (United States)

ASN13335 (CLOUDFLARENET, US)
prep.safehold.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:6cc (United States)

ASN13335 (CLOUDFLARENET, US)
dl.episerver.net
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    104.18.16.203 (None, )

ASN13335 (CLOUDFLARENET, US)
s.usea01.idio.episerver.net
a.usea01.idio.episerver.net
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
2    13.69.106.208 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Domain Requested by
19 prep.safehold.com prep.safehold.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 a.usea01.idio.episerver.net prep.safehold.com
1 az416426.vo.msecnd.net prep.safehold.com
1 s.usea01.idio.episerver.net prep.safehold.com
1 dl.episerver.net prep.safehold.com
1 www.googletagmanager.com prep.safehold.com
28 8

This site contains links to these domains. Also see Links.

Domain
safehold.epaypolicy.com
www.linkedin.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-12-13 -
2022-12-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 01		 2021-07-22 -
2022-07-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://prep.safehold.com/
Frame ID: F8EEDD94FCBE0D7795ED4A86C3A6EAC5
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Safehold Special Risk

Page Statistics

28
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

8
Subdomains

7
IPs

4
Countries

551 kB
Transfer

1010 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
prep.safehold.com/ 		21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c8bea10ba820f3ae183d3b36f93a36422cff4ecdc28f1da025076098cef4501
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 13 Dec 2021 01:22:03 GMT
content-type
text/html; charset=utf-8
content-length
5502
cache-control
no-cache, no-store
pragma
no-cache
content-encoding
gzip
expires
-1
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6bcb61138bac4e4a-FRA
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-42069149-9
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
61b3f61f9aa573235649b865ba85a82fe321ec79a970d44e7a1cc07b8208d21e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36250
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 Dec 2021 01:22:03 GMT
idio.min.js
prep.safehold.com/static/js/third-party/ 		286 B
540 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prep.safehold.com/static/js/third-party/idio.min.js
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f06431a9e9d100dceab8c2d14460a8c9d27e9c9307f7f7ba2d19cd7bee91392a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
363
x-xss-protection
1; mode=block
last-modified
Thu, 09 Dec 2021 20:43:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"093a9733dedd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6bcb6114bcd34e4a-FRA
expires
Tue, 13 Dec 2022 01:22:03 GMT
bootstrap-4.6.0.min.css
prep.safehold.com/static/css/third-party/ 		158 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prep.safehold.com/static/css/third-party/bootstrap-4.6.0.min.css
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
948d05c01ed175ba364611aaa7ac718129dbb91fcfbac120293b34d737a6087a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
36742
x-xss-protection
1; mode=block
last-modified
Thu, 09 Dec 2021 20:43:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"093a9733dedd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6bcb6114bcd64e4a-FRA
expires
Tue, 13 Dec 2022 01:22:03 GMT
all.min.css
prep.safehold.com/static/css/third-party/fontawesome/v5.15.4/css/ 		58 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prep.safehold.com/static/css/third-party/fontawesome/v5.15.4/css/all.min.css
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5e38de32d149f2263d86a25f0db6e63418e296f5c42f004f1ad157b5062db96
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
15703
x-xss-protection
1; mode=block
last-modified
Thu, 09 Dec 2021 20:43:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"093a9733dedd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6bcb6114bcd74e4a-FRA
expires
Tue, 13 Dec 2022 01:22:03 GMT
base.min.css
prep.safehold.com/static/css/core/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prep.safehold.com/static/css/core/base.min.css?v=k1vccNBQpsiYBRNdAfDvBLnlhrTD4ROROl2hmQpQlMs1
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
935bdc70d050a6c89805135d01f0ef04b9e586b4c3e113913a5da1990a5094cb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
1210
x-xss-protection
1; mode=block
last-modified
Thu, 09 Dec 2021 20:47:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"0abb623eedd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6bcb6114bcd84e4a-FRA
expires
Tue, 13 Dec 2022 01:22:03 GMT
main.min.css
prep.safehold.com/static/css/themes/safehold/ 		24 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prep.safehold.com/static/css/themes/safehold/main.min.css?v=cGDN8164syc5-b4W8DSI_4x0Mheghg15SKTR-tabQA41
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7060cdf35eb8b32739f9be16f03488ff8c743217a0860d7948a4d1fad69b400e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
6895
x-xss-protection
1; mode=block
last-modified
Thu, 09 Dec 2021 20:47:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"0abb623eedd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6bcb6114bcda4e4a-FRA
expires
Tue, 13 Dec 2022 01:22:04 GMT
safehold_logo.png
prep.safehold.com/siteassets/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prep.safehold.com/siteassets/images/safehold_logo.png?v=4aff56
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
613eeef1fd4cbc4f68895b72d899492d1cb2a7f76c8525047e121dc888a106ce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:04 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
11382
x-xss-protection
1; mode=block
last-modified
Mon, 13 Dec 2021 01:22:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6bcb61176f244e4a-FRA
expires
Tue, 13 Dec 2022 01:22:04 GMT
diverse-programs_350x200.jpg
prep.safehold.com/siteassets/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prep.safehold.com/siteassets/images/diverse-programs_350x200.jpg?v=4afc75
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
562552b8e102ca8d58070fd6d83f6d6d60148df0aa3accb7553828187fc9aded
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:04 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
9890
x-xss-protection
1; mode=block
last-modified
Mon, 13 Dec 2021 01:22:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6bcb61176f254e4a-FRA
expires
Tue, 13 Dec 2022 01:22:04 GMT
experienced-team-members_350x200.jpg
prep.safehold.com/siteassets/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prep.safehold.com/siteassets/images/experienced-team-members_350x200.jpg?v=4afc75
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19b35afedcb3c48559892e5c1e8740becede019a19ac396ca4a2d2be0e67abf3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:04 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
12679
x-xss-protection
1; mode=block
last-modified
Mon, 13 Dec 2021 01:22:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6bcb61176f264e4a-FRA
expires
Tue, 13 Dec 2022 01:22:04 GMT
accurate-and-efficient-service_350x200.jpg
prep.safehold.com/siteassets/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prep.safehold.com/siteassets/images/accurate-and-efficient-service_350x200.jpg?v=4afc75
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73ae354da0d8c08bc7c8b57c7da4b6ddea53a683ed36d4fb68aafd15ef289144
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:04 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
11649
x-xss-protection
1; mode=block
last-modified
Mon, 13 Dec 2021 01:22:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6bcb61176f274e4a-FRA
expires
Tue, 13 Dec 2022 01:22:04 GMT
find.js
dl.episerver.net/13.4.4.1/epi-util/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.episerver.net/13.4.4.1/epi-util/find.js
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c74fbf06fbc387f21c3dde88cfdb524dbfdf7c65892353943680275334c77bc0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
532
x-powered-by
ASP.NET
content-length
2672
last-modified
Mon, 19 Apr 2021 09:04:22 GMT
server
cloudflare
etag
W/"5993-1618823062000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
6bcb61164d210614-FRA
expires
Tue, 14 Dec 2021 01:22:03 GMT
jquery-3.6.0.min.js
prep.safehold.com/static/js/third-party/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prep.safehold.com/static/js/third-party/jquery-3.6.0.min.js
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
39756
x-xss-protection
1; mode=block
last-modified
Thu, 09 Dec 2021 20:43:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"093a9733dedd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6bcb61166e6a4e4a-FRA
expires
Tue, 13 Dec 2022 01:22:04 GMT
popper-1.16.1.min.js
prep.safehold.com/static/js/third-party/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prep.safehold.com/static/js/third-party/popper-1.16.1.min.js
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8685d259cb64a6d4e1ada7f5088082001955013af2068e47d9d17d554f282577
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
9986
x-xss-protection
1; mode=block
last-modified
Thu, 09 Dec 2021 20:43:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"093a9733dedd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6bcb61175f1e4e4a-FRA
expires
Tue, 13 Dec 2022 01:22:04 GMT
bootstrap-4.6.0.min.js
prep.safehold.com/static/js/third-party/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prep.safehold.com/static/js/third-party/bootstrap-4.6.0.min.js
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e941e16d9f77d7bc0b68c25887e5c280281b84ae1f266a0ed20cabde59ff3e4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
21352
x-xss-protection
1; mode=block
last-modified
Thu, 09 Dec 2021 20:43:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"093a9733dedd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6bcb61176f214e4a-FRA
expires
Tue, 13 Dec 2022 01:22:04 GMT
LinkBlock.min.js
prep.safehold.com/Static/js/core/dist/blocks/ 		67 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prep.safehold.com/Static/js/core/dist/blocks/LinkBlock.min.js?v=Y-erOYBTAwvYGBNYPNafFqIMO91quWTkIqxksSLB_q41
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63e7ab398053030bd81813583cd69f16a20c3bdd6ab964e422ac64b122c1feae
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
180
x-xss-protection
1; mode=block
last-modified
Thu, 09 Dec 2021 20:47:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"0324a63eedd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6bcb61176f224e4a-FRA
expires
Tue, 13 Dec 2022 01:22:04 GMT
ScrollButton.min.js
prep.safehold.com/Static/js/core/dist/blocks/ 		112 B
323 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prep.safehold.com/Static/js/core/dist/blocks/ScrollButton.min.js?v=lohnqQPoGqDX2ZrxIuQ5hCMfhzZrksx_DGscQHyi7NY1
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
968867a903e81aa0d7d99af122e43984231f87366b92cc7f0c6b1c407ca2ecd6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
219
x-xss-protection
1; mode=block
last-modified
Thu, 09 Dec 2021 20:47:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"0324a63eedd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6bcb61176f234e4a-FRA
expires
Tue, 13 Dec 2022 01:22:04 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-42069149-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1258
date
Mon, 13 Dec 2021 01:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 13 Dec 2021 03:01:06 GMT
ia.js
s.usea01.idio.episerver.net/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.usea01.idio.episerver.net/ia.js
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/static/js/third-party/idio.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23a1a6f198b4d909350fa59d97d61ffcc56410ed6c85bb0f10dfb1885ed7e9b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:04 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
4PWBnyJ6uewJcMDzKwrw9Q==
age
235
last-modified
Wed, 05 Aug 2020 12:00:06 GMT
server
cloudflare
etag
W/"0x8D83937181E63FA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
40d91b12-001e-0098-2032-346c5e000000
cache-control
public, max-age=14400
x-ms-version
2018-03-28
cf-ray
6bcb61179a19695e-FRA
expires
Mon, 13 Dec 2021 05:22:04 GMT
carousel-images_builders-risk_1300x300_gradient.jpg
prep.safehold.com/siteassets/images/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prep.safehold.com/siteassets/images/carousel-images_builders-risk_1300x300_gradient.jpg?v=48d5b1
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88538df8b394ff10ea6ee8c1a0e1c10313447796077655a8e6b90a24781a8f67
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:04 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
64239
x-xss-protection
1; mode=block
last-modified
Mon, 13 Dec 2021 01:22:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6bcb61176f2b4e4a-FRA
expires
Tue, 13 Dec 2022 01:22:04 GMT
fa-solid-900.woff2
prep.safehold.com/static/css/third-party/fontawesome/v5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prep.safehold.com/static/css/third-party/fontawesome/v5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/static/css/third-party/fontawesome/v5.15.4/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prep.safehold.com/static/css/third-party/fontawesome/v5.15.4/css/all.min.css
Origin
https://prep.safehold.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:04 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
78268
x-xss-protection
1; mode=block
last-modified
Thu, 09 Dec 2021 20:43:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"093a9733dedd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/font-woff2
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6bcb61176f2c4e4a-FRA
expires
Tue, 13 Dec 2022 01:22:04 GMT
fa-brands-400.woff2
prep.safehold.com/static/css/third-party/fontawesome/v5.15.4/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prep.safehold.com/static/css/third-party/fontawesome/v5.15.4/webfonts/fa-brands-400.woff2
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/static/css/third-party/fontawesome/v5.15.4/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prep.safehold.com/static/css/third-party/fontawesome/v5.15.4/css/all.min.css
Origin
https://prep.safehold.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:04 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
76736
x-xss-protection
1; mode=block
last-modified
Thu, 09 Dec 2021 20:43:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"093a9733dedd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/font-woff2
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6bcb61176f2d4e4a-FRA
expires
Tue, 13 Dec 2022 01:22:04 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 13 Dec 2021 01:22:04 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1749
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/8FA5)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bb05f4a2-001e-0045-59bb-ef3d96000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Mon, 13 Dec 2021 01:52:04 GMT
collect
www.google-analytics.com/j/ 		1 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=166561370&t=pageview&_s=1&dl=https%3A%2F%2Fprep.safehold.com%2F&ul=en-us&de=UTF-8&dt=Safehold%20Special%20Risk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=870662413&gjid=860408594&cid=371104753.1639358524&tid=UA-42069149-9&_gid=851538077.1639358524&_r=1&gtm=2ouc10&z=727978468
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://prep.safehold.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 01:22:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://prep.safehold.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ia.gif
a.usea01.idio.episerver.net/ 		26 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.usea01.idio.episerver.net/ia.gif?r=&s=dede599f-3cab-4fa8-83e6-05db919f1f68&x%5Bidio_visitor_id%5D%5B0%5D=52c8b1d6-d1f8-4d8a-902c-be7ce30b7919&c=da76a4b2f35a44c7ae3357dc6b3b7dc3&d=33&a=consume&u=https%3A%2F%2Fprep.safehold.com%2F&l=1639358523559&z=0.37471840789050836
Requested by
Host: prep.safehold.com
URL: https://prep.safehold.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:04 GMT
cf-cache-status
MISS
last-modified
Mon, 13 Dec 2021 01:22:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
6bcb61195c27695e-FRA
content-length
26
expires
Mon, 13 Dec 2021 05:22:04 GMT
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.208 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://prep.safehold.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Mon, 13 Dec 2021 01:22:04 GMT
content-length
0
track
dc.services.visualstudio.com/v2/ 		96 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.208 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dd63083484e5615207038491b4807a51f19753b502fb19d898060e1f03ee972c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://prep.safehold.com/
Accept-Language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
C32DDDD0-F315-457C-AD9A-9818EDE8DE97
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Mon, 13 Dec 2021 01:22:05 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
carousel-images_equipment_1300x300.jpg
prep.safehold.com/siteassets/images/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prep.safehold.com/siteassets/images/carousel-images_equipment_1300x300.jpg?v=48de30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7409ad0030a3ac1d90f33343b90d07fa9489e52b3ce751b1b0d3dd759bd027df
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://prep.safehold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:22:09 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
vary
Accept-Encoding
content-length
73397
x-xss-protection
1; mode=block
last-modified
Mon, 13 Dec 2021 01:22:09 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
6bcb613b1cb64e4a-FRA
expires
Tue, 13 Dec 2022 01:22:09 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _iaq object| appInsights function| FindApi object| api function| $ function| jQuery object| gaplugins object| gaGlobal object| gaData object| AI object| Microsoft function| __extends function| _endsWith function| Popper object| bootstrap

12 Cookies

Domain/Path Name / Value
prep.safehold.com/ Name: ASP.NET_SessionId
Value: kizifbr2vuvf5budepcjfj0q
prep.safehold.com/ Name: EPiSessionId
Value: 739eedb7-8540-460a-a5c1-81aca13e87dd
prep.safehold.com/ Name: _madid
Value: a046e0bd-9147-40c3-9c98-512180a88f71
.prep.safehold.com/ Name: ARRAffinity
Value: 3b3c4aff831332571e895a2cd63f49c33a9ddf728147b0f73911a1b2189dcda2
.prep.safehold.com/ Name: ARRAffinitySameSite
Value: 3b3c4aff831332571e895a2cd63f49c33a9ddf728147b0f73911a1b2189dcda2
.safehold.com/ Name: _ga
Value: GA1.2.371104753.1639358524
.safehold.com/ Name: _gid
Value: GA1.2.851538077.1639358524
.safehold.com/ Name: _gat_gtag_UA_42069149_9
Value: 1
.safehold.com/ Name: is
Value: dede599f-3cab-4fa8-83e6-05db919f1f68
.safehold.com/ Name: iv
Value: 52c8b1d6-d1f8-4d8a-902c-be7ce30b7919
prep.safehold.com/ Name: ai_user
Value: mKbWg|2021-12-13T01:22:03.593Z
prep.safehold.com/ Name: ai_session
Value: nTE/r|1639358524201.2|1639358524201.2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'; object-src 'none'; form-action 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.usea01.idio.episerver.net
az416426.vo.msecnd.net
dc.services.visualstudio.com
dl.episerver.net
prep.safehold.com
s.usea01.idio.episerver.net
www.google-analytics.com
www.googletagmanager.com
104.18.16.203
13.69.106.208
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6812:1a73
2606:4700::6812:6cc
2a00:1450:4001:80f::2008
2a00:1450:4001:827::200e
19b35afedcb3c48559892e5c1e8740becede019a19ac396ca4a2d2be0e67abf3
1c8bea10ba820f3ae183d3b36f93a36422cff4ecdc28f1da025076098cef4501
23a1a6f198b4d909350fa59d97d61ffcc56410ed6c85bb0f10dfb1885ed7e9b1
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
562552b8e102ca8d58070fd6d83f6d6d60148df0aa3accb7553828187fc9aded
613eeef1fd4cbc4f68895b72d899492d1cb2a7f76c8525047e121dc888a106ce
61b3f61f9aa573235649b865ba85a82fe321ec79a970d44e7a1cc07b8208d21e
63e7ab398053030bd81813583cd69f16a20c3bdd6ab964e422ac64b122c1feae
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e941e16d9f77d7bc0b68c25887e5c280281b84ae1f266a0ed20cabde59ff3e4
7060cdf35eb8b32739f9be16f03488ff8c743217a0860d7948a4d1fad69b400e
73ae354da0d8c08bc7c8b57c7da4b6ddea53a683ed36d4fb68aafd15ef289144
7409ad0030a3ac1d90f33343b90d07fa9489e52b3ce751b1b0d3dd759bd027df
8685d259cb64a6d4e1ada7f5088082001955013af2068e47d9d17d554f282577
88538df8b394ff10ea6ee8c1a0e1c10313447796077655a8e6b90a24781a8f67
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
935bdc70d050a6c89805135d01f0ef04b9e586b4c3e113913a5da1990a5094cb
948d05c01ed175ba364611aaa7ac718129dbb91fcfbac120293b34d737a6087a
968867a903e81aa0d7d99af122e43984231f87366b92cc7f0c6b1c407ca2ecd6
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b5e38de32d149f2263d86a25f0db6e63418e296f5c42f004f1ad157b5062db96
c74fbf06fbc387f21c3dde88cfdb524dbfdf7c65892353943680275334c77bc0
dd63083484e5615207038491b4807a51f19753b502fb19d898060e1f03ee972c
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
f06431a9e9d100dceab8c2d14460a8c9d27e9c9307f7f7ba2d19cd7bee91392a