organizer-taxpayer.safesendreturns.com Open in urlscan Pro
52.158.215.147 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ssr.safesendreturns.com/ls/click?upn=Gjmz1-2FQHSAn3iY3yWqHE-2BXlJhIOD0lXnkz2yUPDprAEQp3-2F7PGfNGreIQcO65gLpXAxnvxe7pcN9F...
Effective URL:
https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
Submission: On February 22 via manual (February 22nd 2023, 3:46:39 pm UTC) from IN — Scanned from DE

Summary HTTP 45 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 45 HTTP transactions. The main IP is 52.158.215.147, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is organizer-taxpayer.safesendreturns.com. The Cisco Umbrella rank of the primary domain is 330195.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 5th 2022. Valid for: a year.

This is the only time organizer-taxpayer.safesendreturns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	52.158.215.147 52.158.215.147	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80d::200a	15169 (GOOGLE) (GOOGLE)
15	2.16.31.174 2.16.31.174	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	13.69.106.88 13.69.106.88	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.38.122.100 20.38.122.100	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	35.244.138.243 35.244.138.243	15169 (GOOGLE) (GOOGLE)
45	8

16 52.158.215.147 (Des Moines, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ssr.safesendreturns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
organizer-taxpayer.safesendreturns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2.16.31.174 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-31-174.deploy.static.akamaitechnologies.com

cdn.walkme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.69.106.88 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.38.122.100 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ssrcontentstore.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.138.243 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 243.138.244.35.bc.googleusercontent.com

ec.walkme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	walkme.com cdn.walkme.com — Cisco Umbrella Rank: 1461 ec.walkme.com — Cisco Umbrella Rank: 1614	556 KB
16	safesendreturns.com 1 redirects ssr.safesendreturns.com — Cisco Umbrella Rank: 231814 organizer-taxpayer.safesendreturns.com — Cisco Umbrella Rank: 330195	10 MB
4	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 781	536 B
4	gstatic.com fonts.gstatic.com	32 KB
1	windows.net ssrcontentstore.blob.core.windows.net — Cisco Umbrella Rank: 159557	24 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	2 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 854	12 KB
45	7

	Domain	Requested by
15	cdn.walkme.com	organizer-taxpayer.safesendreturns.com cdn.walkme.com
15	organizer-taxpayer.safesendreturns.com	organizer-taxpayer.safesendreturns.com
4	ec.walkme.com
4	dc.services.visualstudio.com
4	fonts.gstatic.com	fonts.googleapis.com
1	ssrcontentstore.blob.core.windows.net
1	fonts.googleapis.com	organizer-taxpayer.safesendreturns.com
1	use.fontawesome.com	organizer-taxpayer.safesendreturns.com
1	ssr.safesendreturns.com	1 redirects
45	9

This site contains no links.

Subject Issuer	Validity	Valid
*.safesendreturns.com Go Daddy Secure Certificate Authority - G2	`2022-10-05` - `2023-11-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
walkme.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-29` - `2024-01-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 05	`2023-02-04` - `2024-01-30`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2022-12-20` - `2023-12-20`	a year	crt.sh
*.walkme.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-11` - `2024-01-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
Frame ID: 69194F2C4E4203B5B65F411799449747
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SafesendReturns

Page URL History Show full URLs

https://ssr.safesendreturns.com/ls/click?upn=Gjmz1-2FQHSAn3iY3yWqHE-2BXlJhIOD0lXnkz2yUPDprAEQp3-2F7PGfNGreIQ... HTTP 302
https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000 Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

11015 kB
Transfer

41516 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ssr.safesendreturns.com/ls/click?upn=Gjmz1-2FQHSAn3iY3yWqHE-2BXlJhIOD0lXnkz2yUPDprAEQp3-2F7PGfNGreIQcO65gLpXAxnvxe7pcN9Fhy7eZN-2FSL3daLyEYqsZpA8FLp7PYTyYtMBCO51Cm4-2F1wB1ZEeeESGEN_MG-2B2-2FPNNdRJwIjbQ0O46jIgy-2BlFMYLU-2BQmd3gADuSZi-2FecjjQpVnKgav4p-2F0m5oQFmRuunR1eYo62LQlIdgAktRlFJbh-2FN0OJKGhZV6Qcnz5SBpFSfDRGgwhMFvj5TJklQYNnqs7ouSCvoqxxHBkLq6XLA4YI45B3knn7mShFDRGQcCJjXAeEwXhh6aGpvMTOWfeq3-2FBYH6jrg-2Fil4-2Fz2KRNMt-2FsFMZjjrZI9vbUA3juWi06p7fXCQKdmkkqcb1GjAPaoMjXOXSdl8mhmZlM0OSgxljUcH4EKR4FODQp8yj-2F8tHm6lv691-2F5gbnQ1zgVZHDwaNnlqWe83GooQkOT9LMHDxclljWRufjNQbeYVcjKBd2ODpVtTCgd0j28LOkFcB7Olg77eGy7Zx5nfzKI0Bay7ugUv0W7aod0H6e99QfahcUIlTiJRG-2FoPPNkJjgk HTTP 302
https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request up9gpa4qh4rmx38dt96uvha4avthw000 Show response
organizer-taxpayer.safesendreturns.com/
Redirect Chain

https://ssr.safesendreturns.com/ls/click?upn=Gjmz1-2FQHSAn3iY3yWqHE-2BXlJhIOD0lXnkz2yUPDprAEQp3-2F7PGfNGreIQcO65gLpXAxnvxe7pcN9Fhy7eZN-2FSL3daLyEYqsZpA8FLp7PYTyYtMBCO51Cm4-2F1wB1ZEeeESGEN_MG-2B2-2F...
https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000

3 KB
2 KB

436ms
129ms

Document
text/html

52.158.215.147
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2615050d06712b4a199e853758d84e13df60b55f4ec62968a62fc9d121760219

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 22 Feb 2023 15:46:25 GMT
Pragma: no-cache
Request-Context: appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97
Server: Kestrel
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Length: 102
Content-Type: text/html; charset=utf-8
Date: Wed, 22 Feb 2023 15:46:24 GMT
Location: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
12 KB 85ms
39ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer: https://organizer-taxpayer.safesendreturns.com/
Origin: https://organizer-taxpayer.safesendreturns.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 15:46:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2A2TMK9GQXNTZ30F
age: 1582047
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: b20KhBaU4yjv13fg9fzWzjTGvfgPzh8R2xBy6O7UjYTXZFnPTGwj/89Ur2X/urI+qKWgeIrxzb8=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WiMi%2BdxO4jcElp4T8W3Fnv5d0CX6oYOtW9oeLHO3l3BFZmVvBIHQvm43NoR9JnknUfuFO9QOQAAQOSuux0DMkBVBLszh%2FfzHRKU2S8dLAXjRJxdWn6oT%2B8mgPgzMdLiYt7ZssLPKzF5L%2BDRSOoicMWu1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 79d8dabc79c8900c-FRA

GET
H2 200 css2
fonts.googleapis.com/ 25 KB
2 KB 193ms
73ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:wght@400;700&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto&display=swap

Requested by

Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ee0924ebeb3c05ff1e8376d92297e56f75b97316a9d5e4c52fce8a0c98820a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Feb 2023 15:46:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 15:46:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Feb 2023 15:46:25 GMT

GET
H/1.1 200
OK pdfviewer.css
organizer-taxpayer.safesendreturns.com/dist/assets/css/ 516 KB
99 KB 251ms
249ms Stylesheet
text/css 52.158.215.147
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://organizer-taxpayer.safesendreturns.com/dist/assets/css/pdfviewer.css?v=EjiE2MRrJ09vL7DS7KZDWJ6WFC64rMDWbku0xwZDkYg
Requested by: Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 123884d8c46b274f6f2fb0d2eca643589e96142eb8acc0d66e4bb4c706439188

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 15:46:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Feb 2023 06:44:34 GMT
Server: Kestrel
ETag: "1d946891fa4642c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97

GET
H/1.1 200
OK vendor.css
organizer-taxpayer.safesendreturns.com/dist/ 202 KB
37 KB 474ms
237ms Stylesheet
text/css 52.158.215.147
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://organizer-taxpayer.safesendreturns.com/dist/vendor.css?v=_6AJ3pnDQdRGqHfGUTpXeLP5wJPyGxaMj4w7X7eg-iE
Requested by: Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: ffa009de99c341d446a877c6513a5778b3f9c093f21b168c8f8c3b5fb7a0fa21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 15:46:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Feb 2023 06:44:34 GMT
Server: Kestrel
ETag: "1d946891faf5dd1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97

GET
H/1.1 200
OK site.css
organizer-taxpayer.safesendreturns.com/dist/assets/css/ 71 KB
16 KB 484ms
243ms Stylesheet
text/css 52.158.215.147
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://organizer-taxpayer.safesendreturns.com/dist/assets/css/site.css
Requested by: Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: a57202f55d61264accc1d0a98458e0d43c9c971a3cdb8d6902113797b10b9d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 15:46:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Feb 2023 06:44:34 GMT
Server: Kestrel
ETag: "1d946891fad68bf"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97

GET
H/1.1 200
OK custom.css
organizer-taxpayer.safesendreturns.com/dist/assets/css/ 41 KB
10 KB 375ms
126ms Stylesheet
text/css 52.158.215.147
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://organizer-taxpayer.safesendreturns.com/dist/assets/css/custom.css
Requested by: Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: d57bfd35391038078ad2f65eb8e2843565cdc2ce81099f04a81d113d77068581

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 15:46:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Feb 2023 06:44:34 GMT
Server: Kestrel
ETag: "1d946891facd021"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97

GET
H/1.1 200
OK screen-small-common.css
organizer-taxpayer.safesendreturns.com/dist/assets/css/responsive/ 1 KB
853 B 376ms
127ms Stylesheet
text/css 52.158.215.147
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://organizer-taxpayer.safesendreturns.com/dist/assets/css/responsive/screen-small-common.css?v=B_4f5wydzW7c7yGYY9nd-DwzLwRLOq5441cjUViN6cc
Requested by: Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 6b7f6369f7c9c787865c67140bb607cea7d82f17d9bf148cc4adc6c561b70afe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 15:46:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Feb 2023 06:44:36 GMT
Server: Kestrel
ETag: "1d9468920dda6f6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97

GET
H/1.1 200
OK screen-320.css
organizer-taxpayer.safesendreturns.com/dist/assets/css/responsive/ 166 B
527 B 376ms
127ms Stylesheet
text/css 52.158.215.147
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://organizer-taxpayer.safesendreturns.com/dist/assets/css/responsive/screen-320.css?v=JJZJbZFxoPQWGGwedxAsuX7srjaX4FVFeW1SJFE9aXY
Requested by: Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 879ac1f3108e52797583dcc49fd99885024d6a601370b5d0b22e9a44e6497923

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 15:46:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Feb 2023 06:44:36 GMT
Server: Kestrel
ETag: "1d9468920dda2a6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97

GET
H/1.1 200
OK screen-480.css
organizer-taxpayer.safesendreturns.com/dist/assets/css/responsive/ 2 KB
1 KB 501ms
124ms Stylesheet
text/css 52.158.215.147
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://organizer-taxpayer.safesendreturns.com/dist/assets/css/responsive/screen-480.css?v=n7I9l4YX6D-tLwZ2mEawOGse06HcZ9PkFKtUhqzCEQI
Requested by: Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: b4a0ecdbcefe9eb2d04a4b533d92dddc8caebad5a5f0c869fe0739bdbc03a908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 15:46:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Feb 2023 06:44:36 GMT
Server: Kestrel
ETag: "1d9468920ddaa6c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97

GET
H/1.1 200
OK screen-768.css
organizer-taxpayer.safesendreturns.com/dist/assets/css/responsive/ 1 KB
684 B 502ms
125ms Stylesheet
text/css 52.158.215.147
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://organizer-taxpayer.safesendreturns.com/dist/assets/css/responsive/screen-768.css?v=Yohbvi4iJBq7vxzOm6wF-YizHyd3_PUANODC8jNiHgg
Requested by: Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 829ac7df7d34d3c4d91b3454c52f87e172e31efa66617911ce51d42d59d5c9b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 15:46:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Feb 2023 06:44:36 GMT
Server: Kestrel
ETag: "1d9468920dda628"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97

GET
H/1.1 200
OK main.js Show response
organizer-taxpayer.safesendreturns.com/dist/ 37 MB
10 MB 639ms
262ms Script
application/javascript 52.158.215.147
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://organizer-taxpayer.safesendreturns.com/dist/main.js?v=oOhugX4Xes3In3DT8gPSD80iRjqf4kDpXghE6omIHDc
Requested by: Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: a0e86e817e177acdc89f70d3f203d20fcd22463a9fe240e95e0844ea89881c37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 15:46:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Feb 2023 06:44:36 GMT
Server: Kestrel
ETag: "1d94689228e33bd"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Request-Context: appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97

GET
H2 200 walkme_148aadebe34448148ad4edd74737f760_https.js Show response
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 24 KB
9 KB 53ms
19ms Script
application/javascript 2.16.31.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js

Requested by

Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/up9gpa4qh4rmx38dt96uvha4avthw000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.31.174 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-31-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

d5a35523c6a5f29fb94a01404936c3457997018e2bddeec8b8e5703e0f39dee1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 68M04c5Qvo9r9H6vnqBZ0ld5mBxBdKdn
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 15:46:25 GMT
access-control-allow-private-network: true
x-amz-request-id: WMJFWH4MJYTC0JYG
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 8507
x-amz-id-2: yCu/FXD61fHhvDkJZO/zLCTuT+TF1Bv4sBIfsLUeDC5uLfM3NZqzjC3wlIvRSSdzrw9tm1HYIG4=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Feb 2023 15:54:55 GMT
etag: "52eacbcc9224344c945a5d5316e0d368"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=46312
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 settings.txt Show response
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 2 KB
1 KB 101ms
100ms Script
application/javascript 2.16.31.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/settings.txt

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.31.174 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-31-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

a07c19feb24a6dd69aae7971a9de15d44de8087620765c19c21e02ea524b1285

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: jU0shzLAlzSeOH7OMOr7B0IczOupj8KU
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 15:46:26 GMT
access-control-allow-private-network: true
x-amz-request-id: M94MK161ADRFSDQE
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 732
x-amz-id-2: Dj5k/D4gZMncMtxqnpeOfa6RlgrH65dCjzk9WhgNMaZnOwNXYZIgLOj25r3Eznspw9ooRRHoo1s=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 11:56:27 GMT
etag: "9636efac08e7fda6df18179be43ac699"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wmjQuery33121.js Show response
cdn.walkme.com/player/resources/ 87 KB
30 KB 8ms
7ms Script
application/javascript 2.16.31.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/resources/wmjQuery33121.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.31.174 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-31-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

4c39cb66f7f70d491df03c9483665b7aa362d889daebc31d1d98305f34b7e3af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: dpj4bAlfG6UlhFPdf_TGly9sgsSAJ5Ge
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 15:46:26 GMT
access-control-allow-private-network: true
x-amz-request-id: ZM7BCQWAHK2JHE64
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 30035
x-amz-id-2: TztQwKDcx958DBmwuBZ9MF7jAbnx/OKajc1W34w6RqgItw8Knid2M7KFsndK18mKZ8WBF4KG6cw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 May 2022 06:44:33 GMT
etag: "b00eee8317d72ce865b995c31f1f95ff"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=6022308
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 prelib-plugin-9debded5-07c7-3178-a579-aafca06874a1.js Show response
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/scripts/ 164 KB
48 KB 10ms
9ms Script
application/x-javascript 2.16.31.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/scripts/prelib-plugin-9debded5-07c7-3178-a579-aafca06874a1.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.31.174 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-31-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

a7c4d167c175c334e2330188fd74c1fc0ddb05253f145825b83e37bb092666f5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: _rBeDrE.VdI2ijD40QeMW7pQFl.Is2pr
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 15:46:26 GMT
access-control-allow-private-network: true
x-amz-request-id: 99FC806D1886VV1H
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 48667
x-amz-id-2: 3IObjui4cGsav3Z7GPgqOYygLOrJEzdYV9lDKsuBmlpViQu+M81klQup6N9sokLoy023irp1XGM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 26 Oct 2022 17:26:54 GMT
etag: "2ab3062035454bd4ec0832790274cc96"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=23609952
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 walkme_lib_20230221-081537-5152e891-7d35bdac.br.js Show response
cdn.walkme.com/player/lib/ 2 MB
359 KB 26ms
26ms Script
application/javascript 2.16.31.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/lib/walkme_lib_20230221-081537-5152e891-7d35bdac.br.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.31.174 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-31-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

59b70903a72202c3d64c89219b735ec89937700d3930005075bd5128f5f2a35a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: tQrk2pUeqofSXcU68SbgbaBDoKOC2QnB
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 15:46:26 GMT
access-control-allow-private-network: true
x-amz-request-id: CE75A05KSMR3942H
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 365813
x-amz-id-2: /4bz2IOpS0LKRkgOAGKN2jP7mxVQ4cLlodGNFFonG8upqHPit++V9psGeueciQuiqIa9AnEhisU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 08:34:51 GMT
etag: "5e60869f1ec8624ca8e1bd831935abdd"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31447786
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 walkme_config_a88f978a6d5549be8d7e8b56546f1c7e.js Show response
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 3 KB
2 KB 25ms
24ms Script
application/javascript 2.16.31.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_config_a88f978a6d5549be8d7e8b56546f1c7e.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.31.174 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-31-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

6410aa13159ffc5f769beeb20efb5dda3b7aea740c8f4a59ea15557156485210

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: KhoxqXxKsD9mYIE0aMSC0eW5gjDBd3Rm
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 15:46:26 GMT
access-control-allow-private-network: true
x-amz-request-id: 2EBRVYRA0HSZVKB0
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 1690
x-amz-id-2: rZcaN6lw1v9YevTShCt/4S2IOEaN6CstGFOiJNpa+Hn0byp7KnyNkHZz+lAWcNkss9obzpPnDEs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 14:26:34 GMT
etag: "e35359687417059daafdc7e19d9b92fa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31445112
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK up9gpa4qh4rmx38dt96uvha4avthw000 Show response
organizer-taxpayer.safesendreturns.com/api/ApplicationInsight/BasicDetails/ 90 B
426 B 127ms
127ms XHR
application/json 52.158.215.147
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://organizer-taxpayer.safesendreturns.com/api/ApplicationInsight/BasicDetails/up9gpa4qh4rmx38dt96uvha4avthw000
Requested by: Host:
URL: webpack-internal:///1120
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: f8358932752032968d9bbe5593dc0e03e8e4e135f14cda12897128dd191cbd15

Request headers

Accept: application/json, text/plain, */*
Referer: https://organizer-taxpayer.safesendreturns.com/coverpage/index/up9gpa4qh4rmx38dt96uvha4avthw000
traceparent: 00-243840f8cf3d455989182351cbcf843f-ab5c5529a002439a-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 15:46:28 GMT
Content-Encoding: gzip
Server: Kestrel
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Cache-Control: no-store
Connection: keep-alive
Request-Context: appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97

GET
H/1.1 200
OK up9gpa4qh4rmx38dt96uvha4avthw000 Show response
organizer-taxpayer.safesendreturns.com/api/ApplicationInsight/BasicDetails/ 90 B
426 B 121ms
120ms XHR
application/json 52.158.215.147
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://organizer-taxpayer.safesendreturns.com/api/ApplicationInsight/BasicDetails/up9gpa4qh4rmx38dt96uvha4avthw000
Requested by: Host:
URL: webpack-internal:///1120
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: f8358932752032968d9bbe5593dc0e03e8e4e135f14cda12897128dd191cbd15

Request headers

Accept: application/json, text/plain, */*
Referer: https://organizer-taxpayer.safesendreturns.com/coverpage/index/up9gpa4qh4rmx38dt96uvha4avthw000
traceparent: 00-243840f8cf3d455989182351cbcf843f-15dd13b6bed34b1d-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 15:46:28 GMT
Content-Encoding: gzip
Server: Kestrel
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Cache-Control: no-store
Connection: keep-alive
Request-Context: appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97

GET
H/1.1 200
OK up9gpa4qh4rmx38dt96uvha4avthw000 Show response
organizer-taxpayer.safesendreturns.com/api/Coverpage/GetHeaderInfoAsync/ 600 B
761 B 147ms
147ms XHR
application/json 52.158.215.147
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://organizer-taxpayer.safesendreturns.com/api/Coverpage/GetHeaderInfoAsync/up9gpa4qh4rmx38dt96uvha4avthw000
Requested by: Host:
URL: webpack-internal:///1120
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: d69bb261e024908f8e731f98a16503db6b9f4597b5e9dbd52b47f03d926b0027

Request headers

Accept: application/json, text/plain, */*
Referer: https://organizer-taxpayer.safesendreturns.com/coverpage/index/up9gpa4qh4rmx38dt96uvha4avthw000
traceparent: 00-243840f8cf3d455989182351cbcf843f-764f2b0962aa442e-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 15:46:29 GMT
Content-Encoding: gzip
Server: Kestrel
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Cache-Control: no-store
Connection: keep-alive
Request-Context: appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97

GET
H/1.1 200
OK up9gpa4qh4rmx38dt96uvha4avthw000 Show response
organizer-taxpayer.safesendreturns.com/api/Helper/GetAllTaxingAuthorityAsync/ 3 KB
2 KB 129ms
129ms XHR
text/html 52.158.215.147
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://organizer-taxpayer.safesendreturns.com/api/Helper/GetAllTaxingAuthorityAsync/up9gpa4qh4rmx38dt96uvha4avthw000
Requested by: Host:
URL: webpack-internal:///1120
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 65f2ad985428fb4dac974e6440bc6d66dd3d6786310432dbb840d6d9d120ce86

Request headers

Accept: application/json, text/plain, */*
Referer: https://organizer-taxpayer.safesendreturns.com/coverpage/index/up9gpa4qh4rmx38dt96uvha4avthw000
traceparent: 00-243840f8cf3d455989182351cbcf843f-ce16f817988c49c5-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Feb 2023 15:46:28 GMT
Content-Encoding: gzip
Server: Kestrel
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: no-store
Connection: keep-alive
Request-Context: appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 282ms
40ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:wght@400;700&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://organizer-taxpayer.safesendreturns.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 16:48:59 GMT
x-content-type-options: nosniff
age: 601050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 16:48:59 GMT

POST
H2 400 track Show response
dc.services.visualstudio.com/v2/ 117 B
301 B 35ms
34ms XHR
application/json 13.69.106.88
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host:
URL: webpack-internal:///1120

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d7392c8742304983527713c152a5dd7e6a5f46ea310540c41d1834ab6b4c2ee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://organizer-taxpayer.safesendreturns.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: CA1A0D45-B2EF-4974-9819-96A082D740E3
strict-transport-security: max-age=31536000
date: Wed, 22 Feb 2023 15:46:30 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 117

POST
H2 206 track Show response
dc.services.visualstudio.com/v2/ 164 B
235 B 52ms
51ms XHR
application/json 13.69.106.88
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host:
URL: webpack-internal:///1120

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9896a1f115a259b3ac8b8a8cd9cd3d6d2f4ca04cd9fd59d58882fd8e4f6449b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://organizer-taxpayer.safesendreturns.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 979A6156-FE4C-4A9E-9BC8-4ABE1E741EF6
strict-transport-security: max-age=31536000
date: Wed, 22 Feb 2023 15:46:30 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 164

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ 0
0 238ms
17ms Preflight 13.69.106.88
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://organizer-taxpayer.safesendreturns.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Wed, 22 Feb 2023 15:46:30 GMT
x-content-type-options: nosniff

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ 0
0 214ms
16ms Preflight 13.69.106.88
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://organizer-taxpayer.safesendreturns.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Wed, 22 Feb 2023 15:46:30 GMT
x-content-type-options: nosniff

GET
H/1.1 200
OK MyCompanyLogo
ssrcontentstore.blob.core.windows.net/ssr00003827/library/logo/ 24 KB
24 KB 588ms
130ms Image
image/png 20.38.122.100
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssrcontentstore.blob.core.windows.net/ssr00003827/library/logo/MyCompanyLogo?sv=2018-03-28&sr=b&sig=dvcb1OlCI3dAboqMrGDCB5Wui0gJ30%2FH4aUPoYOnGzE%3D&se=2025-02-21T15%3A46%3A28Z&sp=r&rscc=no-store&rsct=image%2Fpng&rscd=inline%3Bfilename%3D%22SBC-CPA.png%22
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.38.122.100 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b0deba38cf850f04883342b179ec66b691f2b95b27857aedf656e1d74ae19acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Wed, 22 Feb 2023 15:46:30 GMT
x-ms-server-encrypted: true
Content-Disposition: inline;filename="SBC-CPA.png"
Content-Length: 24238
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-creation-time: Tue, 23 Nov 2021 17:41:41 GMT
Last-Modified: Mon, 29 Nov 2021 15:42:58 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-meta-filetype: image/png
ETag: "0x8D9B34EEB2EA3B9"
Vary: Origin
x-ms-meta-filename: SBC-CPA.png
Content-Type: image/png
x-ms-request-id: 13169d92-e01e-005a-6ad4-462b73000000
Cache-Control: no-store
x-ms-version: 2018-03-28
Accept-Ranges: bytes

GET
H/1.1 200
OK envelope.svg
organizer-taxpayer.safesendreturns.com/dist/assets/images/ 6 KB
6 KB 131ms
130ms Image
image/svg+xml 52.158.215.147
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://organizer-taxpayer.safesendreturns.com/dist/assets/images/envelope.svg
Requested by: Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/dist/assets/css/site.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 6fb581606ee4020bf2a7fb20fbf288999607fb3c7b14905255a78ffbb29b76a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/dist/assets/css/site.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 15:46:30 GMT
Last-Modified: Wed, 22 Feb 2023 06:44:34 GMT
Server: Kestrel
ETag: "1d946891fac6d66"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6246
Request-Context: appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 39ms
36ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://organizer-taxpayer.safesendreturns.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 01:29:50 GMT
x-content-type-options: nosniff
age: 569800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 01:29:50 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 44ms
42ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://organizer-taxpayer.safesendreturns.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 19:10:42 GMT
x-content-type-options: nosniff
age: 160548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Feb 2024 19:10:42 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 59ms
58ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://organizer-taxpayer.safesendreturns.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 22:32:10 GMT
x-content-type-options: nosniff
age: 62060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Feb 2024 22:32:10 GMT

GET
H2 200 insights_configuration_cb9634e2e66a474ab5c47bdcb29f6dc0.js Show response
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/external-data/insights-configuration/ 72 B
643 B 136ms
132ms Script
application/javascript 2.16.31.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/external-data/insights-configuration/insights_configuration_cb9634e2e66a474ab5c47bdcb29f6dc0.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230221-081537-5152e891-7d35bdac.br.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.31.174 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-31-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

fb153402ba70c0a381b1e9924b3d90fb40729735c3e9c1372b6cdc9594a329fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: Ju1m0_0Uf8fqoEKb8CsN2bVYZc7bpSUG
date: Wed, 22 Feb 2023 15:46:30 GMT
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
access-control-allow-private-network: true
x-amz-request-id: XSR412G3QS4DWVYG
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 72
x-amz-id-2: /6tve2dgSXbZ/94kuB7niWLMeVhRvgj5f/N5TclzdE7niykcQNPmZJgTwrog7RSqwalnWoCIHMY=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Dec 2022 19:45:52 GMT
etag: "847a33f7659cea7dfc9792ee7dae9ce0"
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 custom_css_c9033b3aee62455e8f5fe5e937c39b40.css
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 26 KB
2 KB 426ms
393ms Stylesheet
text/css 2.16.31.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/custom_css_c9033b3aee62455e8f5fe5e937c39b40.css

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230221-081537-5152e891-7d35bdac.br.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.31.174 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-31-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

eb6a949cf1b1c9a076c713370171b264a0f85944be537ce749a9aa551937e96c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://organizer-taxpayer.safesendreturns.com/
Origin: https://organizer-taxpayer.safesendreturns.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: OW5V6MoHurlJxwZNefU58RhstIIZLJE1
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 15:46:30 GMT
access-control-allow-private-network: true
x-amz-request-id: A99FBVTKZYN5ZJD1
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 1649
x-amz-id-2: JF1EzxfydKAgCxkEgkavnUyNNmp6/YtI5MFH7T/1NsvWhr0ipcMCBLCpm45YvTP2wEKt5jAkg9Y=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 11:56:25 GMT
etag: "0d81071393756124fbe4464cd37fb15b"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 data_c9033b3aee62455e8f5fe5e937c39b40.br.js Show response
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 321 KB
32 KB 40ms
39ms Script
application/javascript 2.16.31.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/data_c9033b3aee62455e8f5fe5e937c39b40.br.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230221-081537-5152e891-7d35bdac.br.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.31.174 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-31-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

a0f12523c69422f0bf51874ee230155776ec9bb70f099d90f5220ae8097f23e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: uI83p_VjcrDxozpyLblrv9BBFDcGigE7
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 15:46:30 GMT
access-control-allow-private-network: true
x-amz-request-id: EHS6342S51HXZNT6
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 32377
x-amz-id-2: zC/9tZKjKufdwRjlua7R8rcw1yl/goAhnNOHwQjBAkV1+Q8uadF6VsJNVgmu/txVgwBmyhO6FEQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 11:56:27 GMT
etag: "904b1faecf83b76088786ab53086f669"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31522663
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H2 204 log
ec.walkme.com/event/ 0
0 213ms
148ms Preflight 35.244.138.243
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.walkme.com/event/log

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.138.243 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

243.138.244.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: request-context,traceparent
Access-Control-Request-Method: POST
Origin: https://organizer-taxpayer.safesendreturns.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: request-context,traceparent
access-control-allow-methods: POST,GET
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=600
content-length: 0
content-security-policy: upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
date: Wed, 22 Feb 2023 15:46:30 GMT
referrer-policy: strict-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 200 log Show response
ec.walkme.com/event/ 0
66 B 152ms
151ms XHR
text/plain 35.244.138.243
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.walkme.com/event/log

Requested by

Host:
URL: webpack-internal:///1120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.138.243 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

243.138.244.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Content-Type: text/plain
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://organizer-taxpayer.safesendreturns.com/
traceparent: 00-243840f8cf3d455989182351cbcf843f-23bef44d25134448-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Request-Context: appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
x-content-type-options: nosniff
referrer-policy: strict-origin
via: 1.1 google
date: Wed, 22 Feb 2023 15:46:30 GMT
x-frame-options: DENY
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 28.9089a7dc.walkme_lib.js Show response
cdn.walkme.com/player/lib/20230221-081537-5152e891-7d35bdac.br/ 113 KB
31 KB 20ms
20ms Script
application/javascript 2.16.31.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/lib/20230221-081537-5152e891-7d35bdac.br/28.9089a7dc.walkme_lib.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230221-081537-5152e891-7d35bdac.br.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.31.174 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-31-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

6380a5dcefd53a8c332873959ab9de0c46d193110499642f657ecf47afbf3527

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 99usF42hlqQsI86rarmRjZK1SfI4VxU_
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 15:46:30 GMT
access-control-allow-private-network: true
x-amz-request-id: 5W23CEWRJYWETVC2
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 30591
x-amz-id-2: OXYKdaU+g1VhD1HfChwUI95MKejqRNP/5Bttr8fewQ4tNAN2pcPdFyD6Hfxpyo/CO/NvO++QcA4=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 08:34:41 GMT
etag: "fa339e658b1ae1a1103b8404a4c8a88d"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31447807
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 23.33843696.walkme_lib.js Show response
cdn.walkme.com/player/lib/20230221-081537-5152e891-7d35bdac.br/ 24 KB
8 KB 13ms
12ms Script
application/javascript 2.16.31.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/lib/20230221-081537-5152e891-7d35bdac.br/23.33843696.walkme_lib.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230221-081537-5152e891-7d35bdac.br.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.31.174 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-31-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

ce4326dcd1886ff9f45ed59e33a1aecdc9dfd54d680b17def406a32b1443ea94

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: zvTfpyyl0HjZHC5wEoyyocUuYB6bl6Rf
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 15:46:30 GMT
access-control-allow-private-network: true
x-amz-request-id: MWXNH7DTQJHM4GTG
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 7710
x-amz-id-2: T4RLUd60jpeJIrtO+kJTdW1SiVS93hZKbIZoDqOwzlY7w+0VBNZ9KcqgXKxPgXfPT6OW5fpUc2l4kC+HoieDbQ==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 08:34:41 GMT
etag: "3b6252dcc1b22ea2fc989fc8ab59535b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31447808
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 11.ec08f466.walkme_lib.js Show response
cdn.walkme.com/player/lib/20230221-081537-5152e891-7d35bdac.br/ 31 KB
9 KB 13ms
13ms Script
application/javascript 2.16.31.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/lib/20230221-081537-5152e891-7d35bdac.br/11.ec08f466.walkme_lib.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230221-081537-5152e891-7d35bdac.br.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.31.174 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-31-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

150f7419ca5aa832032e08c60a733649655a887bb2cb8db7b389c1e1d27ab56c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: LdhOt_wSUWG_LtRu0dbqgwFVkoU..RxX
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 15:46:30 GMT
access-control-allow-private-network: true
x-amz-request-id: F87FFNASW84199AD
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 8111
x-amz-id-2: yorZ/X8F98XNiQw1A1i9H5LaC2w4VTpblCh22Nm/HlkEBzo9RBiPSsqSvMQMeHd2zn05I/NfSNY=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 08:34:41 GMT
etag: "9c13f086a39fac5940dd7e73a2c8529e"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31452048
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 49.5c596b38.walkme_lib.js Show response
cdn.walkme.com/player/lib/20230221-081537-5152e891-7d35bdac.br/ 1 KB
1 KB 33ms
32ms Script
application/javascript 2.16.31.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/lib/20230221-081537-5152e891-7d35bdac.br/49.5c596b38.walkme_lib.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230221-081537-5152e891-7d35bdac.br.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.31.174 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-31-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

911240749eda9c0b736910cde563c4ec7eee873586eed661a1a1913614c65965

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: w_FLBddwlFk8ss.i1WwXjtgIYluC1GYT
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 15:46:30 GMT
access-control-allow-private-network: true
x-amz-request-id: WCYZH0A8VHJEBW0E
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 445
x-amz-id-2: efj1a3xTQnWmlzYKh0hn6Z8sowz1SLExz08k0SChfAQSBLVcn9rNi7Yu9J+1NNKKn32UfJ7xHMo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 08:34:42 GMT
etag: "1e10f36380b10a06bbfbbed24e10bad8"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31451026
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 notosans.js Show response
cdn.walkme.com/player/resources/fonts/ 28 KB
22 KB 73ms
72ms Script
application/javascript 2.16.31.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/resources/fonts/notosans.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230221-081537-5152e891-7d35bdac.br.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.31.174 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-31-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

04492dc91f7b11414946c67dda4b85fba53e4ad6e76237095b73b30d1c6bbe5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: WjEbTtapEYtXvse9Ooq2w1BlT1_OhZB3
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 15:46:30 GMT
access-control-allow-private-network: true
x-amz-request-id: DCD81F9AF4ACC276
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 21880
x-amz-id-2: YpzIYQJ8dNMoYdBEu8+7BdSANgkoV04p3xgTwei6aZWuPBeWYZ8fkQtQ9trmnn5fBRdyz5i5EHM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 12 Jun 2019 21:50:11 GMT
etag: "7e9b968dcc783627e445ad04f4dab310"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: *

POST
H3 200 postEvent Show response
ec.walkme.com/event/ 2 B
22 B 147ms
147ms XHR
text/html 35.244.138.243
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.walkme.com/event/postEvent

Requested by

Host:
URL: webpack-internal:///1120

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.138.243 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

243.138.244.35.bc.googleusercontent.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Content-Type: text/plain
Accept: text/html, */*; q=0.01
Referer: https://organizer-taxpayer.safesendreturns.com/
traceparent: 00-243840f8cf3d455989182351cbcf843f-ca2d0ad3228b49f8-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Request-Context: appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
x-content-type-options: nosniff
referrer-policy: strict-origin
via: 1.1 google
date: Wed, 22 Feb 2023 15:46:31 GMT
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
x-xss-protection: 1; mode=block

OPTIONS
H3 204 postEvent
ec.walkme.com/event/ 0
0 149ms
149ms Preflight 35.244.138.243
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.walkme.com/event/postEvent

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.138.243 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

243.138.244.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: request-context,traceparent
Access-Control-Request-Method: POST
Origin: https://organizer-taxpayer.safesendreturns.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: request-context,traceparent
access-control-allow-methods: POST,GET
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=600
content-length: 0
content-security-policy: upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
date: Wed, 22 Feb 2023 15:46:30 GMT
referrer-policy: strict-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 settings.txt Show response
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 2 KB
1 KB 152ms
152ms Script
application/javascript 2.16.31.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/settings.txt?forceUpdate=1677080798386

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230221-081537-5152e891-7d35bdac.br.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.31.174 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-31-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

a07c19feb24a6dd69aae7971a9de15d44de8087620765c19c21e02ea524b1285

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://organizer-taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: jU0shzLAlzSeOH7OMOr7B0IczOupj8KU
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 15:46:38 GMT
access-control-allow-private-network: true
x-amz-request-id: 8YGGBJPWW6T1B5Y0
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 732
x-amz-id-2: n90/SMOD/PWAIzM0eyDV1mgqYSkbtKh1RksSxqRO2g6+08wRtGSBcEz18QKs2Ot31l4BYR7D+K0=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 11:56:27 GMT
etag: "9636efac08e7fda6df18179be43ac699"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
organizer-taxpayer.safesendreturns.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.CLkofR_OlOQ Value: CfDJ8GTuTK7sE_VGk-VoNwqb-U1cdkd2iZ3P7AJIlEzyod4RjWVyuVL6nfsDkjMvdNOC9lWSa6PHpy2jsJZnlvfPpLZcKhO-5U-BkWzz2XwK9_6M4zhT3TidKFYWQSheJouc7xLgWjcaYu5fUukkEwxuouM
organizer-taxpayer.safesendreturns.com/	1970-01-20 18:36:56	Name: ai_user Value: d7ySK5q9ppvKjIUOGsdtDM\|2023-02-22T15:46:28.854Z
organizer-taxpayer.safesendreturns.com/	1970-01-20 09:51:22	Name: ai_session Value: YZfnoP2bLAT3lIwKR23KsR\|1677080790058\|1677080790058
organizer-taxpayer.safesendreturns.com/	1969-12-31 23:59:59	Name: appinsightCookie Value: {"companyId":0,"instrumentationKey":"9af4b5fd-02e7-44d3-88df-8ef6bfa379f0","documentId":0}

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dc.services.visualstudio.com/v2/track Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.walkme.com
dc.services.visualstudio.com
ec.walkme.com
fonts.googleapis.com
fonts.gstatic.com
organizer-taxpayer.safesendreturns.com
ssr.safesendreturns.com
ssrcontentstore.blob.core.windows.net
use.fontawesome.com
13.69.106.88
2.16.31.174
20.38.122.100
2606:4700:e2::ac40:840f
2a00:1450:4001:82a::2003
2a00:1450:400d:80d::200a
35.244.138.243
52.158.215.147
04492dc91f7b11414946c67dda4b85fba53e4ad6e76237095b73b30d1c6bbe5d
123884d8c46b274f6f2fb0d2eca643589e96142eb8acc0d66e4bb4c706439188
150f7419ca5aa832032e08c60a733649655a887bb2cb8db7b389c1e1d27ab56c
2615050d06712b4a199e853758d84e13df60b55f4ec62968a62fc9d121760219
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4c39cb66f7f70d491df03c9483665b7aa362d889daebc31d1d98305f34b7e3af
59b70903a72202c3d64c89219b735ec89937700d3930005075bd5128f5f2a35a
5ee0924ebeb3c05ff1e8376d92297e56f75b97316a9d5e4c52fce8a0c98820a6
6380a5dcefd53a8c332873959ab9de0c46d193110499642f657ecf47afbf3527
6410aa13159ffc5f769beeb20efb5dda3b7aea740c8f4a59ea15557156485210
65f2ad985428fb4dac974e6440bc6d66dd3d6786310432dbb840d6d9d120ce86
6b7f6369f7c9c787865c67140bb607cea7d82f17d9bf148cc4adc6c561b70afe
6fb581606ee4020bf2a7fb20fbf288999607fb3c7b14905255a78ffbb29b76a3
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
829ac7df7d34d3c4d91b3454c52f87e172e31efa66617911ce51d42d59d5c9b8
879ac1f3108e52797583dcc49fd99885024d6a601370b5d0b22e9a44e6497923
911240749eda9c0b736910cde563c4ec7eee873586eed661a1a1913614c65965
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9896a1f115a259b3ac8b8a8cd9cd3d6d2f4ca04cd9fd59d58882fd8e4f6449b6
a07c19feb24a6dd69aae7971a9de15d44de8087620765c19c21e02ea524b1285
a0e86e817e177acdc89f70d3f203d20fcd22463a9fe240e95e0844ea89881c37
a0f12523c69422f0bf51874ee230155776ec9bb70f099d90f5220ae8097f23e1
a57202f55d61264accc1d0a98458e0d43c9c971a3cdb8d6902113797b10b9d42
a7c4d167c175c334e2330188fd74c1fc0ddb05253f145825b83e37bb092666f5
b0deba38cf850f04883342b179ec66b691f2b95b27857aedf656e1d74ae19acf
b4a0ecdbcefe9eb2d04a4b533d92dddc8caebad5a5f0c869fe0739bdbc03a908
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce4326dcd1886ff9f45ed59e33a1aecdc9dfd54d680b17def406a32b1443ea94
d57bfd35391038078ad2f65eb8e2843565cdc2ce81099f04a81d113d77068581
d5a35523c6a5f29fb94a01404936c3457997018e2bddeec8b8e5703e0f39dee1
d69bb261e024908f8e731f98a16503db6b9f4597b5e9dbd52b47f03d926b0027
d7392c8742304983527713c152a5dd7e6a5f46ea310540c41d1834ab6b4c2ee1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb6a949cf1b1c9a076c713370171b264a0f85944be537ce749a9aa551937e96c
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f8358932752032968d9bbe5593dc0e03e8e4e135f14cda12897128dd191cbd15
fb153402ba70c0a381b1e9924b3d90fb40729735c3e9c1372b6cdc9594a329fe
ffa009de99c341d446a877c6513a5778b3f9c093f21b168c8f8c3b5fb7a0fa21

organizer-taxpayer.safesendreturns.com Open in urlscan Pro 52.158.215.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

38 %IPv6

7 Domains

9 Subdomains

8 IPs

4 Countries

11015 kBTransfer

41516 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

organizer-taxpayer.safesendreturns.com Open in urlscan Pro
52.158.215.147 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

11015 kB
Transfer

41516 kB
Size

4
Cookies

45 HTTP transactions
0 data transactions