audit report
Resend
Resend loaded 34 third-party domain(s), of which 5 are privacy-sensitive. 1 warn finding(s): No privacy policy found. Privacy-sensitive vendors observed: Gravatar, HubSpot, Plausible, PostHog.
findings
- warn
No privacy policy found
stackpeek could not discover a privacy policy for this page. This is unusual for anything serving real users.
how we detected this → - note
Plausible loaded (analytics)
Observed 3 time(s) on the page.
link preload: https://plausible.io/js/script.js CSP: https://plausible.io - note
PostHog loaded (analytics)
Observed 3 time(s) on the page.
CSP: https://app.posthog.com CSP: https://us.i.posthog.com CSP: https://us-assets.i.posthog.com - note
HubSpot loaded (analytics)
Observed 2 time(s) on the page.
CSP: https://js.hs-scripts.com - note
Gravatar loaded (social)
Observed 1 time(s) on the page.
CSP: https://www.gravatar.com - note
HubSpot loaded (analytics)
Observed 1 time(s) on the page.
CSP: https://js.hs-analytics.net
third parties observed
| vendor | domain | category | hits | disclosure |
|---|---|---|---|---|
| Gravatar | gravatar.com | social | 1 | not named |
| HubSpot | hs-scripts.com | analytics | 2 | not named |
| HubSpot | hs-analytics.net | analytics | 1 | not named |
| Plausible | plausible.io | analytics | 3 | not named |
| PostHog | posthog.com | analytics | 3 | not named |
| * | * | other | 1 | not named |
| AWS | amazonaws.com | hosting | 2 | not named |
| AWS CloudFront | cloudfront.net | cdn | 2 | not named |
| Adobe Typekit | typekit.net | fonts | 1 | not named |
| Bunny CDN | b-cdn.net | cdn | 1 | not named |
| google.com | other | 1 | not named | |
| Google APIs | googleapis.com | api | 3 | not named |
| Google Static | gstatic.com | cdn | 2 | not named |
| Stripe | stripe.com | payments | 2 | not named |
| Vercel | vercel.app | hosting | 1 | not named |
| YouTube | youtube.com | video | 1 | not named |
| cdnfonts.com | cdnfonts.com | other | 1 | not named |
| fpjs.io | fpjs.io | other | 4 | not named |
| github.com | github.com | other | 1 | not named |
| inkeep.com | inkeep.com | other | 2 | not named |
| jsDelivr | jsdelivr.net | cdn | 2 | not named |
| liveblocks.io | liveblocks.io | other | 1 | not named |
| logo.dev | logo.dev | other | 1 | not named |
| lr-in-prod.com | lr-in-prod.com | other | 1 | not named |
| mintcdn.com | mintcdn.com | other | 1 | not named |
| mintlify.com | mintlify.com | other | 2 | not named |
| mintlifytrieve.com | mintlifytrieve.com | other | 1 | not named |
| reo.dev | reo.dev | other | 2 | not named |
| resend-status.com | resend-status.com | other | 1 | not named |
| tableflow.com | tableflow.com | other | 1 | not named |
| unpkg | unpkg.com | cdn | 1 | not named |
| vercel-scripts.com | vercel-scripts.com | other | 1 | not named |
| vercel.live | vercel.live | other | 3 | not named |
| wp.com | wp.com | other | 1 | not named |
policy claims
No privacy policy could be located on this site.
response headers
- hsts
- yes
- csp
- yes
- server
- Vercel
run this yourself
Every audit on this site is reproducible. Install stackpeek and run the same check against https://resend.com from your own machine — the tool is MIT-licensed and runs locally.
pip install stackpeek
stackpeek audit https://resend.comprovenance
This audit was generated by running
stackpeek
against https://resend.com
from a public IP, using only HTTP GET and standard browser headers. The
findings compare the observed HTML against the
policy discovery results (no policy document was located)
using the
public methodology.
Re-scans append new findings at new permalinks and never overwrite the
historical record.